On our site users sign in initially after which they have the ability to purchase credit via a paypal 'Buy now' button. Transactions have been going through fine in paypal sandbox however after being finally directed to the return url, users are frequently logged out automatically.
From the large number of posts/articles i have gone through this appears to be a http://
Some have recommended passing the current session_id() through within the 'custom' variable in order to reinstate the session once the user returns to our site.
However this is patchy at best with the user still being frequently logged out automatically.
Please see my attempt at reinstating the session_id below.
The main login script is based around Jpmaster77's php login script.
Is the only stable alternative to somehow pass the username and password through the original form as hidden variables and then re-login the user on returning to the site? If so can you please provide pointers on the best way of doing so.
// excerpt from return.php
$passedSessionID = $_POST['custom'];
// reinstate session value
// if payment_status = success then run mysql update query
// finally user is redirected