Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

mharrisr

Archived
  • Posts

    7
  • Joined

  • Last visited

Posts posted by mharrisr

  1. a lot of people have complained about this. it isn't a hack. it's simply the fact of somebody getting to checkout_confirmation & then manually typing checkout_process.php and getting the success page.

     

    if i offered downloads, i would offer an alternative method of supplying the download. say, after the payment has been manually verified.

     

    Will the contribution "PayPal_Shopping_Cart_IPN" help resolve this issue? Please reply.

  2. But Still this problem persists in another way not through query string, I have a serious issue in my site where people are hacking the files with out paying with paypal. When I try to test this process I have ensured that the paypal payment system is not secured when I am going to paypal and try with the specific success url I can see the download files in the page. I am worried about this unsecured payment process when I use paypal. Can you please help me to avoid this situation?
  3. In a word NO

     

    How are they hacking your files atm?

     

    Security Pro attempts to clean the variables created by the querystring at source. It is a layer of defence but you still have to ensure that your files and the server are secure.

     

    But Still this problem persists in another way not through query string, I have a serious issue in my site where people are hacking the files with out paying with paypal. When I try to test this process I have ensured that the paypal payment system is not secured before going to paypal when I try with the specific success url I can see the download files in the page. I am worried about this unsecured payment process when I use paypal. Can you please help me to avoid this situation?

×
×
  • Create New...