Like you, I spent some time trying to avoid this obfuscation for my
users but had no luck -- obviously, Paypal has set it up that way on
purpose to encourage Paypal usage.
I know it is possible to do it, because the peepcode.com website does
it. As the developer of the website didn't even bother encrypting the
params, I tried to look at the html code, but I was not able to identify
any param that could alter this behaviour. It is probably a hidden
option somewhere in the paypal Business profile.
Seperately, from the recesses of my brain here's one more little "tip"
if you adopt the plugin [...]
The code in this plugin is an absolute joke. Very php-compliant. Some
methods simply call other methods without doing anything at all except
passing the exact same args. I am also fed up having to hunt for these
class vars scattered all over the place.
I would not recommend using this plugin as is, it is better to
understand it and refactor it... a lot.
By the way, why do you use SSL for the IPN? Isn't Paypal's notification
PS: the developer of the Rails plugin by Paypal is a developer of