Question

我需要加密我现有的Paypal标准附加按钮。目前，此插件的付款按钮基于明文，并且易于在Paypal结帐时进行PRICE SPOOFING /定价操作（例如，原始定价Checkout = $ 1000，可以修改为$ 1或欺骗者喜欢的任何金额）。因此，我所需要的只是有人来帮助/指导我对按钮进行加密，以防止任何人修改总价格。

试图阅读指南（https://developer.paypal.com/docs/classic/products/button-manager/），但未能向我展示如何在像我这样的自定义表单上实现。


//handles event price

                switch ( strtolower( $status ) ) {

                    case 'completed' :

                        //creates transaction

                        $action['id']               = $transaction_id . '_' . $status;

                        $action['type']             = 'complete_payment';

                        $action['transaction_id']   = $transaction_id;

                        $action['amount']           = $amount;

                        $action['entry_id']         = $entry['id'];

                        $action['payment_date']     = gmdate( 'y-m-d H:i:s' );

                        $action['payment_method']   = 'PayPal';

                        $action['ready_to_fulfill'] = ! $entry['is_fulfilled'] ? true : false;



                        if ( ! $this->is_valid_initial_payment_amount( $entry['id'], $amount ) ){

                            //create note and transaction

                            $this->log_debug( __METHOD__ . '(): Payment amount does not match product price. Entry will not be marked as Approved.' );

                            PaymentAddOn::add_note( $entry['id'], sprintf( __( 'Payment amount (%s) does not match product price. Entry will not be marked as Approved. Transaction ID: %s', 'eventformpaypal' ), Common::to_money( $amount, $entry['currency'] ), $transaction_id ) );

                            PaymentAddOn::insert_transaction( $entry['id'], 'payment', $transaction_id, $amount );



                            $action['abort_callback'] = true;

                        }



                        return $action;

                        break;

期望的结果应该是，试图在Paypal页面上结帐时尝试修改“总定价”的任何人仍将反映正确的定价，而不是用户欺骗的定价。

加密贝宝标准

0 个答案: