我之前从未使用过贝宝,所以我的问题可能很愚蠢。我这样创建了贝宝按钮:
<form action="<?php echo $payNowButtonUrl; ?>" method="post" target="_blank">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="<?php echo $receiverEmail; ?>">
<?php for ($i = 0; $i < count($payment); $i++): ?>
<input type="hidden" name="item_name_<?= $i + 1 ?>"
value="<?php echo $payment[$i]['name'] . ' ' . $payment[$i]['licence']; ?>">
<input type="hidden" name="quantity_<?= $i + 1 ?>"
value="<?php echo $payment[$i]['qty']; ?>">
<input type="hidden" name="amount_<?= $i + 1 ?>"
value="<?php echo $payment[$i]['money']; ?>">
<?php endfor; ?>
<input type="hidden" name="tax_cart" value="10">
<input type="hidden" name="return" value="<?= $returnUrl; ?>">
<input type="hidden" name="custom" value='<?= json_encode($customData); ?>'>
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<button class="btn" type="submit">buyNow</button>
我真的很困惑,所有可变形式都可以由js更改。我尝试使用更改后的参数在sandbox.paylpal.com中付款,并成功了。我该如何保护呢?还是我做错了什么?