PHP和安全的贝宝付款
[英]PHP and a secure paypal payment
问题描述
I've a security problem.. I've a paypal script that is in a page which get some php variables, those variables are the price of every product and the total of a cart. 
我有一个安全问题。我有一个贝宝(Paypal)脚本,该脚本位于页面中,该脚本获取一些php变量,这些变量是每种产品的价格和购物车的总和。 I have to be sure that the payment is complete but: 我必须确保付款已完成,但:
when the payment is authorized call a page via ajax that store the order in the database, the fact is that if someone call this page via link..the payment will result complete. 当付款被授权后,通过ajax调用将页面存储在数据库中的页面,事实是,如果有人通过链接调用此页面,则付款将完成。 I hope that I've explained good.. 我希望我的解释很好。
1 个解决方案
解决方案1
0 2018-07-23 03:34:18
If users login is needed to access the site, ultimately the page cannot be called by URL. 如果需要用户登录才能访问该站点,则最终无法通过URL调用该页面。 Even if so, it would throw the error that the USER privilege is not accessed. 即使是这样,也会引发错误,指出无法访问USER特权。 This would solve one problem but the corner case where the logged user tries to access the file then it gives privileges and the same problem might raise. 这将解决一个问题,但是在极端情况下,已登录的用户尝试访问文件,然后它授予特权,并且可能会出现相同的问题。
Have you set the window object to be on-click. 您是否将窗口对象设置为单击状态。 So that the ajax is triggered when the on-click event occurs. 这样,在单击事件发生时将触发ajax。
Moreover, the code is needed to help you further with the issues. 而且,需要代码来帮助您进一步解决问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.