legohead6 Posted February 7, 2008 Share Posted February 7, 2008 ok, i have a paypal payment system, and to comfirm they have acutally paid i send a random number with paypal that is created before hand with rand(), the problem is if someone is wise and veiws the source it shows in the code for paypal that number and they can copy the link and skip paying. My question is how do i incript code so you cant view it from the source..... heres the code <form action="XXXLINKXXX" method="post"> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value="[email protected]"> <input type="hidden" name="item_name" value="Filepile Extended Size"> <input type="hidden" name="amount" value="5.00"> <input type="hidden" name="page_style" value="Primary"> <input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="return" value=<? echo "XXXLINKXXX"; ?>> <input type="hidden" name="cancel_return" value="XXXLINKXXX"> <input type="hidden" name="no_note" value="1"> <input type="hidden" name="currency_code" value="CAD"> <input type="hidden" name="lc" value="CA"> <input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="image" src="https://www.paypal.com/en_US/i/btn/btn_paynow_SM.gif" border="0" name="submit" alt="Click here to Pay with Paypal"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> </form> Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/ Share on other sites More sharing options...
Wolphie Posted February 7, 2008 Share Posted February 7, 2008 I don't think it's possible to encrypt source code. The best way to do what your asking is to generate a dynamic and unique encrypted string for each Payment. Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461022 Share on other sites More sharing options...
legohead6 Posted February 7, 2008 Author Share Posted February 7, 2008 the only problem is i can only send and recieve GET variables from paypal. it cant create sessions or anything... also anything i recieve back has to be created before it links to paypal Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461024 Share on other sites More sharing options...
schilly Posted February 7, 2008 Share Posted February 7, 2008 How do they skip payment? Can't you just verify the response from paypal on the return page to make sure they paid? Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461037 Share on other sites More sharing options...
legohead6 Posted February 7, 2008 Author Share Posted February 7, 2008 if they look at the source and see the XXXreturn link XXX they can go directly to it and skip the payment... Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461054 Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 To truly do it right, you should use https://www.paypal.com/ipn Don't ask me how to do it though, I only know about it from the osCommerce plugin Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461064 Share on other sites More sharing options...
schilly Posted February 7, 2008 Share Posted February 7, 2008 they see the return link but doesn't paypal send some kind of confirmation variable that you can validate against? Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461256 Share on other sites More sharing options...
laffin Posted February 7, 2008 Share Posted February 7, 2008 PayPal offers some code to also verify payments. looks a lot like the ipn code, but the cmd is different. this will allow ya to check the payment status Link to comment https://forums.phpfreaks.com/topic/89928-encripting-source-code/#findComment-461264 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.