Hello, I want to emulate a POST request to Paypal. Originally a POST request is sent from the user (through a form) and the user is redirected to paypal's site. Now, what I want to do is to emulate a POST request (so that the surfer can't see some of the hidden fields of the form) and to deter tampering. (If they could see all the fields, they could just create their own form , and just change the amount).
Possible solution: fsockopen to emulate POST, but that doesn;t redirect the user, using header will direct the user to the paypal site, but then I have to use a GET request and then once again variables are visible and modifiable. Desired solution: a PHP script (toPaypal.php, say) that is called when a surfer wants to buy something for a product for $5 , say. The Product form will direct to the toPaypal.php script that creates a POST request and sends the request and the surefer to Paypal. Any ideas? or did I just make this confusing? One solution I guess is to just double check the total amount credited to the merchant account matches the product. But then I ask this question out of curosity. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
