Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

checkout page source


richiet737

Recommended Posts

Hi,

I have searched for an answer to this problem and I apologise if it has been covered and just ask that you point me in the right direction please.

 

On my site, which delivers products by download, you go through the purchasing process until you get to the penultimate page that asks you to to confirm your order before sending you off to paypal to pay. If you view the source on this page you can read the return page that paypal will return you to once the transaction is complete. Cutting and pasting this php address into your browser will bypass paypal and take you to the download page where you can download without paying.

 

Is there a way of encrypting this so that the source cannot be read.

Rich

Link to comment
Share on other sites

Hi,

I have searched for an answer to this problem and I apologise if it has been covered and just ask that you point me in the right direction please.

 

On my site, which delivers products by download, you go through the purchasing process until you get to the penultimate page that asks you to to confirm your order before sending you off to paypal to pay. If you view the source on this page you can read the return page that paypal will return you to once the transaction is complete. Cutting and pasting this php address into your browser will bypass paypal and take you to the download page where you can download without paying.

 

Is there a way of encrypting this so that the source cannot be read.

Rich

There is a long thread about this vulnerability somewhere.

 

As I recall (and I could be mistaken) the crux was you need to install the "Superdownload Store" contribution.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...