Securing Paypal

akrocks_extreme

I'm trying to set up a part in our members section where existing members can sell subscriptions using paypal and keep the money the earn from selling the subscriptions.

Here's how it works: The member selling the subscriptions link to the site using their ID like this: http://site.com/subscriptions.php?id=johndoe then, the php script takes the ID and gets the email address of johndoe from the database. Then it takes the email and puts it in the Subscription button for Paypal.

<form action="https://www.paypal.com/cgi-bin/webscr" method="post"> 
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="business" value="[b]$email_address[/b]">
<input type="hidden" name="item_name" value="Site Subscription">
<input type="hidden" name="item_number" value="">
<input type="hidden" name="return" value="[b]http://www.site-taken-to-after-subscribing.com[/b]">
<input type="hidden" name="cancel_return" value="">
<input type="image" src="https://www.paypal.com/images/x-click-butcc-subscribe.gif" 
border="0" name="submit" alt="Make payments with PayPal">
<input type="hidden" name="a1" value="">
<input type="hidden" name="p1" value="">
<input type="hidden" name="t1" value="">
<input type="hidden" name="a2" value="">
<input type="hidden" name="p2" value="">
<input type="hidden" name="t2" value="">
<input type="hidden" name="a3" value="[b]price of subscription[/b]">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="cs" value="0">
<input type="hidden" name="src" value="1">
</form>

It works... It works great... But its very unsecure, for us the sellers, not the buyers... Someone can easily go into the source of the page at look at where Paypal redirects you after subscribing, you can change the price, or even change the email address who gets paid. So I need to know a way to secure this. I've tried all I know to do (which isnt much being that I havent done a whole lot of php). I've tried encrypting the form but then php wont add the email address.. If you can help please post asap! thanks in advance.

akrocks_extreme

anyone?

Tomz

Yeah, this is pretty difficult to answer, I think, without more info about how the rest of the site works...

Anyway, if I were to do such a thing I wouldn't put the email address, the price and maybe not even the url for the 'after-submitting-page' in your html.

I would put all those things in a database and have it looked up by php after submitting... do some checks ... maybe even encrypt the key you use to look up info in the database...

These are just some thoughts... hope it helps. 🙂

akrocks_extreme

yeah, thats a good idea but i'm not sure how to do that.. 😕

if i were to get the price and link from the DB then wouldnt it still be visible? same as the email address... Or am i misunderstanding?

stolzyboy

Originally posted by akrocks_extreme
yeah, thats a good idea but i'm not sure how to do that.. 😕

if i were to get the price and link from the DB then wouldnt it still be visible? same as the email address... Or am i misunderstanding?

think he is confused, yes it would still be visible, and that is how most 3rd party merchants work, you send them the payment information via hidden form field tags

i don't know how paypal works, but with verisign, you have a control panel where you can limit what sites can post information to the action page, there may be something like that for paypal, also verisign requires you to send a username with that via the form also, which is viewable also, but there really is no way around that, since you have to get them the info somehow

the only other way around that is SSL, but since you are using paypal, you are not likely gonna wanna pay for SSL and get that running

planetsim

Im not sure if this would work.. But dont have that in the actual form.

Do that on the after submit page which connects to PayPal. Im assuming this is the IPN structure.

Connecting im not sure on there.. But i think sitepoint had something about this which they used a similar method to what ive explained. So maybe try there first.

akrocks_extreme

so, after they click the button, it opens a page on our server and then sends the info to paypal? I thought about that before, but how would I do that? and make it secure as possible.

datona

But with IPN, you can just check the variables when it is passed back from paypal to your site to make sure that they are all the same when they left. If a subscription to the site costs $10.00 then you just check the variable coming back to make sure they did in fact pay the $10 and that they did not change the price.
You may want to check out www.paypaldev.com there you can find a wack of info on this. I learned alot from there forum.

Good luck