[anykey]

The website is beautiful, but I don't even think the notion of a "javascript shopping cart" should exist. It's stupidly dangerous. This is real money we're talking about! Wow.

Also, this confused me for a few seconds...I thought dials went clockwise ;) http://i.imgur.com/QEl7v.png

[reitzensteinm]

It's not a big deal. Just do a check on the backend. You can swap price tags in stores too, and they most certainly will not honor it if they realize.

I've done a mid 5 figure number of transactions through PayPal for digital goods, and I don't use the encrypted links (mainly because Flash doesn't support them). There have been a remarkably small number of fraud attempts (<0.1%).

One guy bought a game for $0.01, then initiated a chargeback when it didn't arrive. I raised my eyebrows, issued a refund, and the matter was over.

Not being able to trust the client is intrinsic to JS shopping carts, but I don't think this is a critical flaw.

Although I don't see what prevents merging the JS cart with a web based cart on the checkout page. Send the contents, and the page with the big 'click to charge card' button is generated server side.

[rshm]

Actual transaction happens in Paypal's page. Not for a complete e-commerce site, but for simple usages with few products i beleive this is a good solution.