Actual process : We are doing some javascript calculation and stored in hidden fields then send to the payment process.
Problem is : hackers are changed the hidden field values using the Mozilla Firefox Web Developer add-ons(Forms->Display Form Fields) and do the payments
There is any way to resolve this option?
Please replay ASAP.....
Thanks in advance
Urgent : Problem with Web Developer Add-ons
Moderator: General Moderators
Re: Urgent : Problem with Web Developer Add-ons
Don't save them in hidden fields maybe? 
Re: Urgent : Problem with Web Developer Add-ons
Never, ever, EVER, trust anything a user gives you. Especially don't count on Javascript to execute properly. The Javascript should only be there to improve the user interface - for giving the user immediate feedback without needing a page load. You should always be doing the calculations server-side as well.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Re: Urgent : Problem with Web Developer Add-ons
Thanks for your valuable reply ....
Another Problem is : I am sending the values to payapl through hidden field only ...... so they can change the values
they is any other way to send the parameters to paypal ?
Another Problem is : I am sending the values to payapl through hidden field only ...... so they can change the values
they is any other way to send the parameters to paypal ?
Re: Urgent : Problem with Web Developer Add-ons
Use cURL. It's definitely not good to send confidential information from the client side.
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Urgent : Problem with Web Developer Add-ons
PayPal's IPN or the other service (what ever it was called) will send you the details about the transaction, when they arrive, you need to recalculate and make a comparison to see whether the payment was fraudulent or not.arulkumar wrote:Thanks for your valuable reply ....
Another Problem is : I am sending the values to payapl through hidden field only ...... so they can change the values
they is any other way to send the parameters to paypal ?
Re: Urgent : Problem with Web Developer Add-ons
Thanks for your help...
I have fixed the issue....
I have fixed the issue....