I see on your page:
$WAGatewayResponse = AuthNet_Post($AuthNet_required,$AuthNet_itemized,$AuthNet_optional);
if ($WAGatewayResponse) {
$eCart1->redirStr = "checkout_success.php";
}
// else if ("checkout_failure.php" != "") {
else if ("checkout_success.php" != "") {
header("Location: ". "checkout_success.php");
exit();
}
this should probably read:
$WAGatewayResponse = AuthNet_Post($AuthNet_required,$AuthNet_itemized,$AuthNet_optional);
if ($WAGatewayResponse) {
$eCart1->redirStr = "checkout_success.php";
}
else if ("checkout_failure.php" != "") {
header("Location: ". "checkout_failure.php");
exit();
}
It looks like someone has manually updated the code to make it always redirect to the success page even when it fails.
You can probably reproduce it by entering a bad credit card number like: 4111111111111111
it will happen if the transaction fails for any reason.
You'll also want to move the code:
<?php
// WA eCart Redirect
if ($eCart1->redirStr != "") {
header("Location: ".$eCart1->redirStr);
}
?>
below the email... it should be immediately above the DOCTYPE tag to give the email receipt time to send.
In terms of the customerID it looks like in the orders table you are using:
$_SESSION['customers_customerid']
and in the orderdetails you are using:
$_SESSION['customerid']
you can probably just correct that on line 430