Brent wrote:Try it. When you retrieve the results, use $this->request->sanitize instead of request->gethtml.
It cleans the text of bad stuff user might try to include.
If it is only one product per order, you code probably just add the text to the notification email.
We have discussed this and will probably add an option text input field to each product.
It would then be included in the order and orders database and could be used for more than one product per order.
We'll look at it more in the next week.
Users browsing this forum: No registered users and 2 guests