Is my custom purchase feature creating a security vulnerability?

@certified-code , you helped me get this code to work in the first place, do you think my process keeps the data secure enough secure?