Price Variable on PayPal Form
Hi
Here (for example), is the form variable created by eCart for the amount being submitted to PayPal from the Checkout Page
<input type="hidden" name="amount_<?php echo $ShoppingCart_Index+1; ?>" id="amount_<?php echo $ShoppingCart_Index+1; ?>" value="<?php echo WA_eCart_FormatNumber($ShoppingCart->DisplayInfo("Price") - (($ShoppingCart->DisplayInfo("Price")/$ShoppingCart->TotalColumn("TotalPrice")) * $ShoppingCart->GetDiscounts()), false, 2) ?>" />
Using the browser element inspector, what is there to stop an individual from changing the value of this variable, before submitting to PayPal. I just did this and it is possible to do and PayPal shows the amount I manipulated. This means of course, that say this variable holds a total value of £100.00, I could manipulate it to £1.00 and PayPal at this point in the process would have no problem in processing as the value passed from the checkout page?
Advice real quick would be cool on this one please :-)
Regards
Andrew
PS: If this is a dumb question, please simply point me in the right direction, as looking through the eCart behaviour dialogues, I cannot see anyway of (for example) hashing the form output?
PSS: I should also say this is for PayPal Standard