But now at work Im realise it thats not safe everybody can see from where the script come? in checkoutsimulator? I'm confused, when I'm make a buy button at paypal self.. the code looks totally others and no path to my server etc.? like this >> http://www.phpkobo.com/scripts/NE201-106/web/sim/sim.php and this >> http://www.phpkobo.com/scripts/NE201-106/web/ipn/ipn.php at paypal looks liek this https://www.paypal.com/cgi-bin/webscr I'm confussed right now... someone say you can't trust paypal buttons and someone say you need a script like yours.? an at the point 8 till the end of your Installation Guide i dont understand it anymore... and the path things etc. paypal generates auto another path to for the buy buttons.? right.? I'm confussed and tired right now. would like to have a better guide to install it. video.?

Don't worry about exposing your IPN URL. If someone trys to access your IPN pretending to be PayPal, the script will deny the access. No one can pretend to be PayPal!