From 2c2889a6317c5871fa5d6421257883ee15673b98 Mon Sep 17 00:00:00 2001
From: clavaque <clavaque@gmail.com>
Date: Thu, 3 Dec 2020 04:37:08 +0100
Subject: [PATCH] Check PayPal post var is not empty before using it

---
 src/includes/classes/paypal-utilities.inc.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/includes/classes/paypal-utilities.inc.php b/src/includes/classes/paypal-utilities.inc.php
index 0bc2444e..e90845b2 100644
--- a/src/includes/classes/paypal-utilities.inc.php
+++ b/src/includes/classes/paypal-utilities.inc.php
@@ -61,9 +61,11 @@ public static function paypal_postvars()
 											{
 												foreach(preg_split("/[\r\n]+/", preg_replace("/^SUCCESS/i", "", $response)) as $varline)
 													{
-														list($key, $value) = preg_split("/\=/", $varline, 2);
-														if(strlen($key = trim($key)) && strlen($value = trim($value)))
-															$postvars[$key] = trim(stripslashes(urldecode($value)));
+														if (!empty($varline)) {
+															list($key, $value) = preg_split("/\=/", $varline, 2);
+															if (strlen($key = trim($key)) && strlen($value = trim($value)))
+																$postvars[$key] = trim(stripslashes(urldecode($value)));
+														}
 													}
 												$postvars = self::paypal_postvars_back_compat($postvars); // From verified data.