Random redirect to homepage with Magento
This issue has bobbed its head a few times in various different ways.
The example is that a user reaches checkout, my account or an equally session critical area, but instead of reaching the selected page, they are redirected to the homepage. This can be a conversion killer as usually the bug appears most notably on checkout.
There can be a few reasons for this, however, we have found the two most common are:
1. Missing Com.php class
This is very common and a peculiar "bug" as it isn't in the strictest sense. The file is required by the Zend library, but isn't present with Magento's default installation. Thankfully, this is a quick fix.Com.php should be in ./lib/Zend/Validate/Hostname/Com.php. You can easily create it by copying ./lib/Zend/Validate/Hostname/De.php to ./lib/Zend/Validate/Hostname/Com.php and editing the file contents, so the class name is:
class Zend_Validate_Hostname_Com implements Zend_Validate_Hostname_Interface
Or use the whole file contents shown here:
<?php/**
- Zend Framework
- LICENSE
- This source file is subject to the new BSD license that is bundled
- with this package in the file LICENSE.txt.
- It is also available through the world-wide-web at this URL:
- https://framework.zend.com/license/new-bsd
- If you did not receive a copy of the license and are unable to
- obtain it through the world-wide-web, please send an email
- to license@zend.com so we can send you a copy immediately.
- @category Zend
- @package Zend_Validate
- @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (https://www.zend.com)
- @license https://framework.zend.com/license/new-bsd New BSD License
- @version $Id: De.php 8064 2008-02-16 10:58:39Z thomas $ */
/**
- @see Zend_Validate_Hostname_Interface
*/
require_once 'Zend/Validate/Hostname/Interface.php';
/**
- @category Zend
- @package Zend_Validate
- @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (https://www.zend.com)
-
@license https://framework.zend.com/license/new-bsd New BSD License */ class Zend_Validate_Hostname_Com implements Zend_Validate_Hostname_Interface {
/**
- Returns UTF-8 characters allowed in DNS hostnames for the specified Top-Level-Domain
- @see https://www.denic.de/en/domains/idns/liste.html Germany (.DE) alllowed characters
- @return string */ static function getCharacters() { return 'x{00E1}x{00E0}x{0103}x{00E2}x{00E5}x{00E4}x{00E3}x{0105}x{0101}x{00E6}x{0107}' . 'x{0109}x{010D}x{010B}x{00E7}x{010F}x{0111}x{00E9}x{00E8}x{0115}x{00EA}x{011B}' . 'x{00EB}x{0117}x{0119}x{0113}x{011F}x{011D}x{0121}x{0123}x{0125}x{0127}x{00ED}' . 'x{00EC}x{012D}x{00EE}x{00EF}x{0129}x{012F}x{012B}x{0131}x{0135}x{0137}x{013A}' . 'x{013E}x{013C}x{0142}x{0144}x{0148}x{00F1}x{0146}x{014B}x{00F3}x{00F2}x{014F}' . 'x{00F4}x{00F6}x{0151}x{00F5}x{00F8}x{014D}x{0153}x{0138}x{0155}x{0159}x{0157}' . 'x{015B}x{015D}x{0161}x{015F}x{0165}x{0163}x{0167}x{00FA}x{00F9}x{016D}x{00FB}' . 'x{016F}x{00FC}x{0171}x{0169}x{0173}x{016B}x{0175}x{00FD}x{0177}x{00FF}x{017A}' . 'x{017E}x{017C}x{00F0}x{00FE}'; }
}
2. Session validation issues
This is a much easier fix and doesn't require any file creation.
Log into your Magento admin and nagivigate to Admin > Configuration > Web > Session Validation Settings, drop the menu down next to Validate REMOTE_ADDR and select No.
3. Missing template validation key after upgrade
This is not very common, but if you have been running a store for a while and choose to upgrade to 1.3 without updating your template, your code will be missing a vital line required for validation on any customer settings related pages (address addition, registration etc.).Make sure the following code:
<?php echo $this->getBlockHtml('formkey')?>
Is in the following template files:
template/wishlist/sharing.phtml:<?php echo $this->getBlockHtml('formkey')?> template/wishlist/view.phtml: <?php echo $this->getBlockHtml('formkey')?> template/customer/address/edit.phtml: <?php echo $this->getBlockHtml('formkey')?> template/customer/form/newsletter.phtml: <?php echo $this->getBlockHtml('formkey')?> template/customer/form/edit.phtml: <?php echo $this->getBlockHtml('formkey')?>
4. Add to cart core fault
Source: Fix add to cart (redirect to homepage) bugThe fix for this bug that has reported some success is as follows:
In ./app/code/core/Mage/Checkout/Helper/Cart.php around line 59 change:
//$continueShoppingUrl = $currentCategory->getUrl(); $continueShoppingUrl = $this->_getRequest()->getRequestUri();
To:
$continueShoppingUrl = $currentCategory->getUrl(); //$continueShoppingUrl = $this->_getRequest()->getRequestUri();
5. Site has been hacked/hijacked
Source: https://www.sonassi.com/knowledge-base/magentowordpress-injection-vulnerability/Although this is the least likely situation, it is becoming more and more apparent to those stores that are not hosted in a secure environment. The resolution is ideally to patch up all applications to the latest versions, perform strict, regular security audits and try to maintain a security level close to that of a low grade PCI compliance.
We are going to write a script, intended to run on a cron, to help stores detect this situation (however unlikely).
[syntaxhighlighter]