Kenneth Downs wrote:
> The last one left that I have is the sticky issue of a paypal IPN
> transaction coming in. I believe it applies generally to financial
> transactions. The user is sent by our application to the Paypal site.
> When they pay, paypal sends a POST with various information that we
> need. The user does not see this, it is behind the scenes. The POST
> request must run as an anonymous user because I have no state
> whatsoever. But the request must also commit financial data. This
> creates a vulnerability, at least in theory. There are fields contained
> in the transaction meant to allow confirmation and prevent fraud, but I
> just don't like that idea of running anonymously and committing
> financial data.
>
> In this case it seems creating a stored procedure will not automatically
> help, as then we just execute the SP anonymously, and it strikes me as
> no different.
>
> Has anybody pondered this and come up with anything?
>
In response to the incoming IPN you can create a connection back to the
paypal server to validate it. Iirc, you basically just send the entire
request back again and it returns 'VERIFIED'.
Only then do you act upon the IPN data (remember to double check all the
prices etc, to catch any instance in which a user might have faked the
handover from your site to Paypal).
Regards, Dave.