Validating payment amounts with WorldPay

[mradil]

We are using WorldPay to process payments for a tiered membership system, for which the payment amount varies dependent upon the membership tier selected.The payment is passed to WorldPay via a form post from a number of hidden fields, including:\[code\]<input type="hidden" name="amount" value="http://stackoverflow.com/questions/15544633/295.00" />\[/code\]Essentially, the form is submitted via POST to WorldPay and the user follows a number of steps to process their payment. Once complete, the user is redirected to a specified confirmation page.This appears to be the typical manner in which WorldPay accepts payments. There's an obvious issue here, in that the value of the hidden field could easily be tampered with by anyone with a basic knowledge of HTML. The form is posted directly to WorldPay, so we have no PostBack in which to validate the amount against the membership tier.We have the option to validate the payment amount when a payment notification is returned to us from WorldPay by routing the callback through a handler before the confirmation page; however, I would like to avoid the situation where user submits a tampered form, pays the incorrect amount and receives no membership, then has to contact the company to have their money returned.How might we validate that the amount being submitted is correct before processing payment?