}
// Check that receiver_email is your Primary PayPal email
- if (!isset($_POST['receiver_email']) || (strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS))) {
- throw new SystemException('invalid receiver_email');
+ if (strtolower($_POST['business']) != strtolower(PAYPAL_EMAIL_ADDRESS) && (strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS))) {
+ throw new SystemException('invalid business or receiver_email');
}
-
+
// get token
if (!isset($_POST['custom'])) {
throw new SystemException('invalid custom item');