diff --git a/app/Http/Controllers/ClientPortalController.php b/app/Http/Controllers/ClientPortalController.php
index 35da46b81651..fa396a68240b 100644
--- a/app/Http/Controllers/ClientPortalController.php
+++ b/app/Http/Controllers/ClientPortalController.php
@@ -173,8 +173,8 @@ class ClientPortalController extends BaseController
 
         foreach ($account->account_gateways as $accountGateway) {
             $paymentDriver = $accountGateway->paymentDriver($invitation);
-            $links = array_merge($links, $paymentDriver->tokenLinks($invitation->invoice));
-            $links = array_merge($links, $paymentDriver->paymentLinks($invitation->invoice));
+            $links = array_merge($links, $paymentDriver->tokenLinks());
+            $links = array_merge($links, $paymentDriver->paymentLinks());
         }
 
         return $links;
diff --git a/app/Ninja/PaymentDrivers/BasePaymentDriver.php b/app/Ninja/PaymentDrivers/BasePaymentDriver.php
index 9b6f00f6e58b..700c4c6e5bad 100644
--- a/app/Ninja/PaymentDrivers/BasePaymentDriver.php
+++ b/app/Ninja/PaymentDrivers/BasePaymentDriver.php
@@ -121,6 +121,12 @@ class BasePaymentDriver
 
         $gateway = $this->accountGateway->gateway;
 
+        if ( ! $this->meetsGatewayTypeLimits($this->gatewayType)) {
+            // The customer must have hacked the URL
+            Session::flash('error', trans('texts.limits_not_met'));
+            return redirect()->to('view/' . $this->invitation->invitation_key);
+        }
+
         if ($this->isGatewayType(GATEWAY_TYPE_TOKEN) || $gateway->is_offsite) {
             if (Session::has('error')) {
                 Session::reflash();
@@ -735,7 +741,7 @@ class BasePaymentDriver
         return $this->createPayment($ref);
     }
 
-    public function tokenLinks($invoice)
+    public function tokenLinks()
     {
         if ( ! $this->customer()) {
             return [];
@@ -749,7 +755,7 @@ class BasePaymentDriver
                 continue;
             }
 
-            if ( !$this->invoiceMeetsGatewayTypeLimits($invoice, $paymentMethod->payment_type->gateway_type_id) ) {
+            if ( ! $this->meetsGatewayTypeLimits($paymentMethod->payment_type->gateway_type_id)) {
                 continue;
             }
 
@@ -776,7 +782,7 @@ class BasePaymentDriver
         return $links;
     }
 
-    public function paymentLinks($invoice)
+    public function paymentLinks()
     {
         $links = [];
 
@@ -785,7 +791,7 @@ class BasePaymentDriver
                 continue;
             }
 
-            if ( !$this->invoiceMeetsGatewayTypeLimits($invoice, $gatewayTypeId) ) {
+            if ( ! $this->meetsGatewayTypeLimits($gatewayTypeId)) {
                 continue;
             }
 
@@ -798,7 +804,8 @@ class BasePaymentDriver
         return $links;
     }
 
-    protected function invoiceMeetsGatewayTypeLimits( $invoice, $gatewayTypeId ) {
+    protected function meetsGatewayTypeLimits($gatewayTypeId)
+    {
         if ( !$gatewayTypeId ) {
             return true;
         }
@@ -807,6 +814,8 @@ class BasePaymentDriver
             '=', $gatewayTypeId)->first();
 
         if ($accountGatewaySettings) {
+            $invoice = $this->invoice();
+
             if ($accountGatewaySettings->min_limit && $invoice->balance < $accountGatewaySettings->min_limit) {
                 return false;
             }
diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php
index f7d3dc07f3f4..ed1806f38ce7 100644
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@@ -2106,6 +2106,7 @@ $LANG = array(
     'enable_max' => 'Enable max',
     'min' => 'Min',
     'max' => 'Max',
+    'limits_not_met' => 'This invoice does not meet the limits for that payment type.',
 
 );