Code: Select all
<?php
// Text
Added my url admin url to line 5
$_['text_new_received'] = 'You have received an order. Complete here <a href="http://www.MYSITEURL.com/admin/">Complete it here</a>.';
Code: Select all
https://www.yoursite.com/admin/index.php?route=sale/order/info&token=eded3b2cfe36fb1ceeaecfef9da85535&order_id=2092You are correct but you forget that this email is being sent to an Admin Only. If this was a public email then yes that would apply but as long as your email is going to only you.....there is nothing wrong with passing this URL. Besides, they would have to login to create a session token regardless.asdco wrote:placing links in emails is like making another hole for the snakes to crawl in. If you think its a trivial matter go to google and type ANY cart name and then the word hacks. You will be surprised how many pages of hacks and hackers there are out there trying to break into your store. Making things easier for yourself also makes it easier for a hacker.
Users browsing this forum: No registered users and 16 guests
