408
seCure develoPment For mobIle APPs
about the transaction that just completed. If payment was successful, then save the
retrievedpurchase details in the database and make the products available to thebuyer.
beginPurchase.php
//ensure authenticated session
//if not logged in, redirect to named file parameter and exit
$sm->checkLoggedInStatus(LOGIN);
//process request from shopping cart page
//begin paypal purchase process
//format shopping cart data into paypal API
//request paypal purchase token for this transaction
//unset GET and REQUEST - Not used for this file
unset($_GET);
unset($_REQUEST);
//there are no user variables sent form this request
//all data is already in the session cart variable
//accept POST request only
if($_POST)
{
//unset POST ...