在我尝试为优惠券折扣添加负值之前,我的Paypal快速结账工作。基本上我无法理解我的编码如何传递负值。请参阅下面的脚本:
//pass all products
foreach($_POST['item_name'] as $key=>$itmname)
{
$product_code = filter_var($_POST['item_code'][$key], FILTER_SANITIZE_STRING);
$results = $dbh->query("SELECT name, price FROM products WHERE id='$product_code' LIMIT 1");
$obj = $results->fetch_object();
$paypal_data .= '&L_PAYMENTREQUEST_0_NAME'.$key.'='.urlencode($obj->name).
'&L_PAYMENTREQUEST_0_NUMBER'.$key.'='.urlencode($_POST['item_code'][$key]).
'&L_PAYMENTREQUEST_0_AMT'.$key.'='.urlencode($obj->price).
'&L_PAYMENTREQUEST_0_QTY'.$key.'='. urlencode($_POST['item_qty'][$key]);
// item price X quantity
$subtotal = ($obj->price*$_POST['item_qty'][$key]);
//total price
$ItemTotalPrice = $ItemTotalPrice + $subtotal;
}
##############################################
// Trying to pass a negative value in this way
if($_SESSION["Coupon_discount"] > $ItemTotalPrice){
$cname = "Coupon Discount";
$ccode = "code";
$cqty = 1;
$camt = 5;
$paypal_data .= '&L_PAYMENTREQUEST_0_NAME='.urlencode($cname).
'&L_PAYMENTREQUEST_0_NUMBER='.urlencode($ccode).
'&L_PAYMENTREQUEST_0_QTY='.urlencode($cqty).
'&L_PAYMENTREQUEST_0_AMT='.urlencode($camt);
}
##############################################
// Others Paypal process
$TotalTaxAmount = 0;
$HandalingCost = 0;
$InsuranceCost = 0;
$ShippinDiscount = 0;
$ShippinCost = 0;
$GrandTotal = ($ItemTotalPrice + $TotalTaxAmount + $HandalingCost + $InsuranceCost + $ShippinCost + $ShippinDiscount);
$padata = '&METHOD=SetExpressCheckout'.
'&RETURNURL='.urlencode($PayPalReturnURL ).
'&CANCELURL='.urlencode($PayPalCancelURL).
'&PAYMENTREQUEST_0_PAYMENTACTION='.urlencode("SALE").
$paypal_data.
'&NOSHIPPING=0'.
'&PAYMENTREQUEST_0_ITEMAMT='.urlencode($ItemTotalPrice).
'&PAYMENTREQUEST_0_TAXAMT='.urlencode($TotalTaxAmount).
'&PAYMENTREQUEST_0_SHIPPINGAMT='.urlencode($ShippinCost).
'&PAYMENTREQUEST_0_HANDLINGAMT='.urlencode($HandalingCost).
'&PAYMENTREQUEST_0_SHIPDISCAMT='.urlencode($ShippinDiscount).
'&PAYMENTREQUEST_0_INSURANCEAMT='.urlencode($InsuranceCost).
'&PAYMENTREQUEST_0_AMT='.urlencode($GrandTotal).
'&PAYMENTREQUEST_0_CURRENCYCODE='.urlencode($PayPalCurrencyCode).
'&LOCALECODE=GB'.
'&LOGOIMG=http://www.myweb.com/images/logo.png'.
'&CARTBORDERCOLOR=000000'.
'&ALLOWNOTE=1';
// SetExpressCheckOut method to obtain paypal token
$paypal= new MyPayPal();
$httpParsedResponseAr = $paypal->PPHttpPost('SetExpressCheckout', $padata, $PayPalApiUsername, $PayPalApiPassword, $PayPalApiSignature, $PayPalMode);
// Success or Error done here
添加这些行后问题明星
if($_SESSION["Coupon_discount"] > $ItemTotalPrice){
$cname = "Coupon Discount";
$ccode = "code";
$cqty = 1;
$camt = 5;
$paypal_data .= '&L_PAYMENTREQUEST_0_NAME='.urlencode($cname).
'&L_PAYMENTREQUEST_0_NUMBER='.urlencode($ccode).
'&L_PAYMENTREQUEST_0_QTY='.urlencode($cqty).
'&L_PAYMENTREQUEST_0_AMT='.urlencode($camt);
}
答案 0 :(得分:1)
这个让我微笑。基本上有人只能将钱转入您的帐户,否则聪明的人可能会使用负值来消耗您的帐户。它是为了安全。