I am looking at the merits and dangers of using http://www.pmwiki.org/wiki/Cookbook/PayPalCart which is based on http://www.pmwiki.org/wiki/Cookbook/PayPalButtons2
On that page XES mentions a danger of using paypal button code unencrypted saying "people can change your prices and essentially hijack your purchases if you don't encrypt." What does this mean? Does it mean a customer can submit a payment (to Paypal) for an item with a changed price? I can see that this may not be noticed by the seller if he does not verify the amount paid to what is really asked. Or does it just mean that prices can be changed on the wiki page, which will not be a problem if editing is restricted to the site owner and trusted workers. What other scenarios are there for "hijacking purchases"? PayPalCart looks attractive to me, from POV of site editing. I'd like to understand the dangers of using this recipe (or PayPalbuttons2). Basically I am looking for a simple payment processing integration with PmWiki, for selling dozens of craft items individually through a PmWiki client site. Thanks for any thoughts on this! ~Hans _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
