Strange SagePay problem!

Hi Guys,

We are experiencing a really serious problem with SagePay on live high profile web site.
Basically how SagePay works is that it will take the user credit card information (via an IFrame in the checkout PaymentInfo page). Then it will take the customer money and do a post request to the CheckoutController.ConfirmOrder action.
However once it is in the CheckoutController.ConfirmOrder it hits this code:

var cart = _workContext.CurrentCustomer.ShoppingCartItems.Where(sci => sci.ShoppingCartType == ShoppingCartType.ShoppingCart).ToList();
            if (cart.Count == 0)
            {
                return RedirectToRoute("ShoppingCart");
            }

50% of the time the cart.Count equals 0, and what happens is that the order is not confirmed but the money have already been taken out of the customer credit card. Neither the shop owner nor the customer see the order as it is never created.
You can imagine what havoc this is causing.
The problem obviously has to do with the user session being lost for some reason. But this web site is hosted on a single server and guest user orders are disabled.
Please, any advice on this will be greatly appreciated!

Many Thanks

Sorry to post this topic here. It should really go under General Support, but don't know how to move it or delete it.

Hi,
Thanks for the post above, Have just integrated SagePay using 2.4, on a website and experiencing a similar problem, after customers enter card details they are returned to the confirm stage but most of the time they do not click confirm, so they have been billed but no confirmation to either the store or customer of the order. Did you find a solution to this problem, please post. Many thanks, and good work on all your other plugins you have provided for nop Commerce.