From 225560dbb4e26694c638c10d819a477cbbcc9ea0 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Mon, 5 Sep 2011 11:24:50 +0000
Subject: [PATCH] Doxygen

---
 htdocs/langs/ca_ES/companies.lang   |  5 ----
 htdocs/langs/es_ES/companies.lang   |  5 ----
 htdocs/public/paypal/newpayment.php | 38 ++++++++---------------------
 3 files changed, 10 insertions(+), 38 deletions(-)

diff --git a/htdocs/langs/ca_ES/companies.lang b/htdocs/langs/ca_ES/companies.lang
index f53b982db04..15ed7c233f6 100644
--- a/htdocs/langs/ca_ES/companies.lang
+++ b/htdocs/langs/ca_ES/companies.lang
@@ -179,11 +179,6 @@ ProfId2PT=Núm seguretat social
 ProfId3PT=Num reg. comercial
 ProfId4PT=Conservatori
 ProfId5PT=-
-ProfId1RU=OGRN
-ProfId2RU=INN
-ProfId3RU=KPP
-ProfId4RU=OKPO
-ProfId5RU=-
 ProfId1SN=RC
 ProfId2SN=NINEA
 ProfId3SN=- 
diff --git a/htdocs/langs/es_ES/companies.lang b/htdocs/langs/es_ES/companies.lang
index b4dc31069da..06e92f88721 100644
--- a/htdocs/langs/es_ES/companies.lang
+++ b/htdocs/langs/es_ES/companies.lang
@@ -179,11 +179,6 @@ ProfId2PT=Núm. seguridad social
 ProfId3PT=Num reg. comercial
 ProfId4PT=Conservatorio
 ProfId5PT=-
-ProfId1RU=OGRN
-ProfId2RU=INN
-ProfId3RU=KPP
-ProfId4RU=OKPO
-ProfId5RU=-
 ProfId1SN=RC
 ProfId2SN=NINEA
 ProfId3SN=-
diff --git a/htdocs/public/paypal/newpayment.php b/htdocs/public/paypal/newpayment.php
index 065de28665d..c540cdd3030 100755
--- a/htdocs/public/paypal/newpayment.php
+++ b/htdocs/public/paypal/newpayment.php
@@ -87,7 +87,7 @@ $SOURCE=GETPOST("source",'alpha');
 $ref=$REF=GETPOST('ref','alpha');
 $TAG=GETPOST("tag",'alpha');
 $FULLTAG=GETPOST("fulltag",'alpha');		// fulltag is tag with more informations
-$SECUREKEY=GETPOST("securekey");	        // Secure key
+$SECUREKEY=GETPOST("securekey",'alpha');	// Secure key
 
 if (! empty($SOURCE))
 {
@@ -138,35 +138,10 @@ if (empty($PAYPAL_API_SIGNATURE))
     return -1;
 }
 
-// Check security token
-$valid=true;
-if (! empty($conf->global->PAYPAL_SECURITY_TOKEN))
-{
-    if (! empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE))
-    {
-	    if ($REF) $token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . $REF);    // REF always defined if SOURCE is defined
-	    else $token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN);
-    }
-    else
-    {
-        $token = $conf->global->PAYPAL_SECURITY_TOKEN;
-    }
-	if ($SECUREKEY != $token) $valid=false;
-
-	if (! $valid)
-	{
-    	print '<div class="error">Bad value for key.</div>';
-	    //print 'SECUREKEY='.$SECUREKEY.' token='.$token.' valid='.$valid;
-    	exit;
-	}
-}
-
-
 
 /*
  * Actions
  */
-
 if (GETPOST("action") == 'dopayment')
 {
 	$PAYPAL_API_PRICE=price2num(GETPOST("newamount"),'MT');
@@ -262,7 +237,6 @@ print '<input type="hidden" name="action" value="dopayment">'."\n";
 print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">'."\n";
 print '<input type="hidden" name="tag" value="'.GETPOST("tag",'alpha').'">'."\n";
 print '<input type="hidden" name="suffix" value="'.GETPOST("suffix",'alpha').'">'."\n";
-print '<input type="hidden" name="securekey" value="'.$SECUREKEY.'">'."\n";
 print "\n";
 print '<!-- Form to send a Paypal payment -->'."\n";
 print '<!-- PAYPAL_API_SANDBOX = '.$conf->global->PAYPAL_API_SANDBOX.' -->'."\n";
@@ -329,8 +303,16 @@ $found=false;
 $error=0;
 $var=false;
 
+// Check security token
+$valid=true;
+if (! empty($conf->global->PAYPAL_SECURITY_TOKEN) )
+{
+	$token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . $SOURCE . $ref, 2);
+	if ($SECUREKEY != $token) $valid=false;
+}
+
 // Free payment
-if (! GETPOST("source") && $valid)
+if (! GETPOST("source"))
 {
 	$found=true;
 	$tag=GETPOST("tag");