I am quite worried about this piece of news:
http://www.smartertechnology.com/c/a/Smarter-Strategies/Free-Shopping-Security-Flaws-Found-in-Major-Online-Stores/
Is there a solution?
Thank you
//validate order total
bool validateOrderTotal = this.SettingManager.GetSettingValueBoolean("PaymentMethod.PaypalStandard.ValidateOrderTotal", true);
if (validateOrderTotal &&
!total.Equals(order.OrderTotal))
{
string errorStr = string.Format("PayPal PDT. Returned order total {0} doesn't equal order total {1}", total, order.OrderTotal);
this.LogService.InsertLog(LogTypeEnum.OrderError, errorStr, errorStr);
Response.Redirect(CommonHelper.GetStoreLocation());
}
//mark order as paid
if (this.OrderService.CanMarkOrderAsPaid(order))
{
this.OrderService.MarkOrderAsPaid(order.OrderId);
}