Paypal Developer's question?
in Paypal we send an return address for example "OrderSuccess.php" - which would let the script know if the order was a success. Question how do we ensure the return to orderSuccess is from paypal, and not user entered, etc? does paypal return any fields/variables to the success script?
More Questions From This User See All
Answers & Comments
Verified answer
Its been a while since I've done it but I freshened up real quick at the url below. When paypal sends the user to the RETURNURL they append a query variable token (ie $_GET['token']) which you can use to verify that the payment truly did go through.