Quick Mod - Disable Paypal Subscription for first invoice.

[KuJoe]

For those of you who accept Paypal and have "Require Shipping Address" and "Client Address Matching" selected, you might notice that these 2 things are not enforced when somebody pays with a Paypal Subscription, this has allowed quite a few stolen Paypal issues with us because if they click the Subscription button, it doesn't check or ask for any address info so they can pay with a stolen verified US account and still pass the Maxmind check by using their country for the order. For a few weeks we just forced one time payments but some clients wanted to setup subscriptions so here we are.

 

Just edit the viewinvoice.tpl file in /templates/YOURTEMPLATE/ with the following:

Find:

{$paymentbutton}

Replace with:

{php}
global $allowsub;
$userid = $this->_tpl_vars['clientsdetails']['userid'];
$result = mysql_query("SELECT id FROM tblinvoices WHERE userid=$userid AND status='Paid'");
if (mysql_num_rows($result) > 0) {
$this->assign('allowsub','1');
}
{/php}
{if $allowsub eq "1"}
{$paymentbutton}
{else}
{$paymentbutton|replace:'<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but20.gif" border="0" name="submit" alt="Subscribe with PayPal for Automatic Payments">':' '}
{/if}

That's it, it's very basic but it meets my needs for now. I tested this with a few accounts and new orders and it worked properly (although it's probably not 100% foolproof since clients can see the Paypal Subscription info in the page source).

 

Don't forget to delete the viewinvoice file from the template cache folder (templates_c is the default name I think).