Is my custom purchase feature creating a security vulnerability?

It answers a lot of questions and creates a few more … I’ve messaged you …