Home/ Questions/Q 6847575
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T00:45:41+00:00

I have a Pay Now button from Paypal on my website. However, anyone can

  • 0

I have a “Pay Now” button from Paypal on my website. However, anyone can easily modify the amount they have to pay.

Here’s the code that PayPal generated:

<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="xxx">
<input type="hidden" name="lc" value="CA">
<input type="hidden" name="amount" value="**1000.00**">
<input type="hidden" name="currency_code" value="CAD">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="0">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynowCC_LG.gif:NonHostedGuest">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>

Anyone can change the “1000.00” to “100.00”. Is there a way to prevent this or a better way to accept payments?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    take a look at Securing Your Website Payments Standard Buttons it outlines some of things you can do to protect yourself from this. One of the things is to create buttons with their online tool, and save them. When a purchase is made, they compare it with the saved button and check to make sure they are the same.

    • 0