Wordpress supported for Telkom University

Terjadi kegagalan saat proses pembayaran, aset JavaScript iPOSpays disuntikkan beberapa kali.

Terjadi kegagalan saat proses pembayaran, aset JavaScript iPOSpays disuntikkan beberapa kali.

by

PuTI
in

We are experiencing a consistent checkout failure on 2 sites with new iPOS plugin installs when using the iPOSpays WooCommerce gateway (embedded mode). The error presented to users is:

“There was an error processing your order. Please check for any charges in your payment method and review your order history before placing the order again.”

Observed behavior

  • Checkout fails on submit with:
POST ?wc-ajax=checkout → 400
{
  "success": false,
  "message": "Invalid transaction reference id"
}
  • No transaction data reaches Deja Voo / iPOSpays (confirmed by Deja Voo support team).
  • The issue occurs on:
    • A fresh WordPress + WooCommerce install
    • Multiple themes (Elementor + Gravida Pro)
    • HPOS enabled and disabled
    • Embedded and redirect flows
  • Reverting to PayPal restores normal checkout behavior immediately.

Root cause identified (client-side)

During checkout, iPOSpays JavaScript assets are injected multiple times.

We verified via browser console:

document.querySelectorAll('script[src*="ipos"]').length
// returns 4–5 consistently

This causes:

  • Duplicate global JS variable declarations
  • JavaScript errors such as:
SyntaxError: Can't create duplicate variable
  • Race conditions where session IDs / payment tokens are overwritten
  • The server then rejects the checkout with “Invalid transaction reference id”

Why this is happening

From code inspection of the plugin:

  1. Scripts are echoed directly from PHP templates (e.g. payment-forms/credit-card.php, ach-card.php, express checkout classes), rather than being enqueued once via wp_enqueue_script.
  2. These files are executed from:
    • payment_fields()
    • express checkout hooks
    • WooCommerce AJAX refresh cycles (update_order_review, fragment refreshes)

    These functions are called multiple times per checkout, resulting in repeated <script> injection.

  3. Express checkout hooks appear to execute even when express checkout is disabled in settings.
  4. The plugin also initializes placeholder session values such as:
$_SESSION['ipospays_payment_reference_id'] = 'payment reference value';

…which guarantees a session mismatch if real values are not set in time.

    What we attempted

    • Disabled HPOS
    • Disabled Wordfence
    • Confirmed cURL / OpenSSL / JSON availability
    • Verified outbound connectivity to iPOSpays endpoints
    • Removed placeholder session initialization
    • Added guards to prevent duplicate hook registration
    • Attempted script de-duplication via MU plugin
    • Verified behavior across multiple themes and installs

    None of the above resolved the issue because the core problem appears to be multiple script injection inside WooCommerce’s AJAX rendering lifecycle.Expected behavior

    Request

    We believe this is a plugin-side bug related to script loading and checkout lifecycle handling in WooCommerce.

    Please advise:

    • Whether there is a supported fix or updated version addressing this
    • Or whether embedded checkout is currently unsupported under WooCommerce’s AJAX checkout flow

    We are happy to provide additional logs, screenshots, or a reproduction environment if needed.

source

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Discover more from Wordpress supported for Telkom University

Subscribe now to keep reading and get access to the full archive.

Continue reading