Lines 368-369 of e24PaymentPipe.inc.php:
$i = strpos($s, ":"); if ($i == -1) {
That check should be $i === false since strpos returns FALSE when the string is not found. Also, when the query string is built none of the parameter values are escaped with urlencode or rawurlencode.
Lines 368-369 of e24PaymentPipe.inc.php:
$i = strpos($s, ":"); if ($i == -1) {That check should be $i === false since strpos returns FALSE when the string is not found. Also, when the query string is built none of the parameter values are escaped with urlencode or rawurlencode.