
Originally Posted by
Absolute
1 - depends on how you handle your own data. You need to ensure that it is handled in the same way as all other data being passed. So if it is added to an array, and tehn passed to a zen_db_perform() function this handles the injection checking. If you are creating the insert, then you need to ensure you use zen_db_prepare_input() or similar, however, this function can only be RUN ONCE one your data, oterhwise you will create more problems than you solve!
2 - Making fields required is handled by the checkout page header_php.php file. If you are submitted the shipping page, it would be within includes/modules/pages/checkout_shipping/header_php.php. Chek that the data is set correctly, and if not, raise the error. You'll see similar examples within this file.
Absolute
Thanks for the prompt reply.
Im using the exact example given in the 2nd post in this thread, just repeating the process for the amount of feilds I need (changing there names of course)
so in includes/modules/pages/checkout_shipping/header_php.php
this line
PHP Code:
if (zen_not_null($_POST['frequent_code'])) {
$_SESSION['frequent_code'] = zen_db_prepare_input($_POST['frequent_code']);
}
$frequent_code = $_SESSION['frequent_code'];
Im assuming takes care of it 
Once again, thanks for the help and prompt reply