Schroder,
There is no secure way to send such data, as all return links will have to put it through $_GET. I would suggest using cookies and use a verification so set the return link in the Paypal form to return.php?verify=j125as7 (And check that it matches the cookie before extracting the other cookie data).
However, please keep in mind that not all browsers accept cookies. What specific issues were you having with using sessions? I don't see a reason why it wouldn't work...
Regards,
Patrick
|