From: Marcel Werk Date: Thu, 18 Sep 2014 20:23:31 +0000 (+0200) Subject: Added check for business address X-Git-Tag: 2.1.0_Alpha_1~327 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=52a7d20878861ab7babb0aba68936c6e450cf649;p=GitHub%2FWoltLab%2FWCF.git Added check for business address --- diff --git a/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php b/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php index 93e1bbf1cc..747be579d0 100644 --- a/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php +++ b/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php @@ -43,10 +43,10 @@ class PaypalCallbackAction extends AbstractAction { } // Check that receiver_email is your Primary PayPal email - if (!isset($_POST['receiver_email']) || (strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS))) { - throw new SystemException('invalid receiver_email'); + if (strtolower($_POST['business']) != strtolower(PAYPAL_EMAIL_ADDRESS) && (strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS))) { + throw new SystemException('invalid business or receiver_email'); } - + // get token if (!isset($_POST['custom'])) { throw new SystemException('invalid custom item');