You don't have to encrypt. Simply take the 'custom' variable, and, among other things you might need to put in there, add a hash of the price and product number, like so:
$sCustom .= '|' . md5($sSalt . $sProduct . $sPrice);
Then, when the IPN is processed, ensure that this hash was not disturbed with what is received back. If it was, then block the transaction.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
