This is pretty amazing. But I really don't like these:
^ I agree with this. You should be letting paypal manage this part, and not take on security like this. Paypal doesn't have APIs and redirects for nothing.
Yahhh paypal is easily processed and doesn't require any user info to be entered on your site.
My preferred method is send the current session UID to paypal with the donation so when you receive it back it's directly credited to the character you are logged into the website with when donating. You would of course still have it associated with email so if someone complains they were on wrong character or w/e then the donations are still there and logged.
I've done an automated paypal donation page once, after confirmation, it automatically used to generate the Card ID and Password and send to user e-mail.