From 1c0061d7f8474235f10c2164f8ab792623463b01 Mon Sep 17 00:00:00 2001
From: Marcel Werk <burntime@woltlab.com>
Date: Tue, 11 May 2021 17:53:49 +0200
Subject: [PATCH] Prevent invalid or done IPN from being sent again

---
 .../install/files/lib/action/PaypalCallbackAction.class.php    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php b/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php
index fd194811fe..6a09dce837 100644
--- a/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php
+++ b/wcfsetup/install/files/lib/action/PaypalCallbackAction.class.php
@@ -43,10 +43,12 @@ class PaypalCallbackAction extends AbstractAction
                 $reply = $request->getReply();
                 $content = $reply['body'];
             } catch (SystemException $e) {
+                @\header('HTTP/1.1 500 Internal Server Error');
                 throw new SystemException('connection to paypal.com failed: ' . $e->getMessage());
             }
 
             if (\strpos($content, "VERIFIED") === false) {
+                @\header('HTTP/1.1 500 Internal Server Error');
                 throw new SystemException('request not validated');
             }
 
@@ -117,7 +119,6 @@ class PaypalCallbackAction extends AbstractAction
 
             $this->executed();
         } catch (SystemException $e) {
-            @\header('HTTP/1.1 500 Internal Server Error');
             echo $e->getMessage();
             $e->getExceptionID(); // log error
 
-- 
2.20.1