on the confirm page find the following 2 tags:
<input type="hidden" name="cancel_return" id="cancel_return" value="" />
<input type="hidden" name="return" id="return" value="" />
and edit the values to the full URL for the pages you wish to be returned to on cancel and success. For example:
<input type="hidden" name="cancel_return" id="cancel_return" value="http://www.mydomain.com/checkout.php" />
<input type="hidden" name="return" id="return" value="http://www.mydomain.com/checkout_success.php" />
On the checkout_success.php page, add the following code just after the closing </html> tag:
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
@session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
@setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>