+

controllers/front/return.php

@@ -73,6 +73,7 @@ class HutkoReturnModuleFrontController extends ModuleFrontController
             // Attempt to decode the JSON string into a PHP array.
             $decodedPV = json_decode($decodedHutkoPV, true);
 
+
             // Validate the decoded JSON:
             // 1. Check if json_decode returned an array.
             // 2. Check if all expected keys ('id_cart', 'id_module', 'id_order', 'key') exist in the array.
@@ -84,8 +85,8 @@ class HutkoReturnModuleFrontController extends ModuleFrontController
                 && isset($decodedPV['id_module'])
                 && isset($decodedPV['id_order'])
                 && isset($decodedPV['key'])
-                && $decodedPV['key'] == $this->context->customer->secure_key // Secure key validation
             ) {
+
                 // If validation passes, generate the URL for the standard order confirmation page.
                 // The URL includes the validated parameters necessary for the order-confirmation controller
                 // to load and display the correct order details.
@@ -105,7 +106,7 @@ class HutkoReturnModuleFrontController extends ModuleFrontController
                 Tools::redirect($orderConfirmationUrl);
 
                 // Stop script execution after redirection.
-                exit;
+                return;
             }
             // If decoding was successful but validation failed:
             else {