Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Pay Pal fraud with downloadable items


Guest

Recommended Posts

Hi,

I recently installed OSCommerce in conjunction with PayPal and downloadable products. I had a customer today who registered a fake customer ID and got to download the products for free without pay. I managed to easily fake a purchase myself to get to the downloads without paying.

It's so easy you just remove a part of the link. This is the original link sent to paypal

https://www.paypal.com/cgi-bin/webscr?amoun...php&cmd=_xclick

 

When you just paste http://domain.com/fonts/checkout_process.php

It acts as if you have actually paid. Is there a way to secure this? Or do I have to get back to manually processing orders?

 

 

Thanks for any suggestions!

Link to comment
Share on other sites

Hi,

I recently installed OSCommerce in conjunction with PayPal and downloadable products. I had a customer today who registered a fake customer ID and got to download the products for free without pay. I managed to easily fake a purchase myself to get to the downloads without paying.

It's so easy you just remove a part of the link. This is the original link sent to paypal

https://www.paypal.com/cgi-bin/webscr?amoun...php&cmd=_xclick

 

When you just paste http://domain.com/fonts/checkout_process.php

It acts as if you have actually paid. Is there a way to secure this? Or do I have to get back to manually processing orders?

Thanks for any suggestions!

 

Install the paypal shopping cart ipn contribution #1753 and they will not be able to change the price on you.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

Hi Richard, Thanks for your quick reply. I just checked out PayPal IPN, I can't understand a thing :( Is there an additional easy to install module in OSCommerce available?

 

Thanks in advance,

Ellinor

 

Install the paypal shopping cart ipn contribution #1753 and they will not be able to change the price on you.

Link to comment
Share on other sites

I found it! Thanks :)

 

Hi Richard, Thanks for your quick reply. I just checked out PayPal IPN, I can't understand a thing  :( Is there an additional easy to install module in OSCommerce available?

 

Thanks in advance,

Ellinor

Link to comment
Share on other sites

If you are referring to the standard PayPal module available within osCommerce, prices can be altered using this module. It's only the IPN module where prices can't be altered, and, in addition to installing the IPN module in osCommerce, you also have to sign up for it with PayPal.

 

Vger

I found it! Thanks :)

Link to comment
Share on other sites

I found this: http://www.oscommerce.com/community/contributions,1753 Will that help?

 

Thanks

 

If you are referring to the standard PayPal module available within osCommerce, prices can be altered using this module.  It's only the IPN module where prices can't be altered, and, in addition to installing the IPN module in osCommerce, you also have to sign up for it with PayPal.

 

Vger

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...