NEXT-36122 - Allow empty string in order customer comment

[M-arcus]

1. Why is this change necessary?

https://issues.shopware.com/issues/NEXT-36122

2. What does this change do, exactly?

Add AllowHtml() flag to definition of field customerComment in OrderDefinition to allow sanitized HTML in customer comments.

3. Describe each step to reproduce the issue or behavior.

Before pressing buy on the checkout page, enter "<3" as the customer comment. An exception is thrown. Similar behavior in the API.

4. Please link to the relevant issues (if any).

https://issues.shopware.com/issues/NEXT-36122

5. Checklist

• I have rebased my changes to remove merge conflicts
• I have written tests and verified that they fail without my change
• I have created a changelog file with all necessary information about my changes
• I have written or adjusted the documentation according to my changes
• This change has comments for package types, values, functions, and non-obvious lines of code
• I have read the contribution requirements and fulfil them.

[mstegmeyer]

I think, this would not be a good solution, we don't want to have HTML content in the DB.

How about the flag AllowEmptyString instead?

[M-arcus]

@mstegmeyer
Good idea, but that will mean, that comments like '<3 my comment about the delivery' will be saved as empty string, right?

[Bird87ZA]

@mstegmeyer Good idea, but that will mean, that comments like '<3 my comment about the delivery' will be saved as empty string, right?

No. It will be saved as my comment about the delivery.

When a field does not have AllowHtml(), it will run strip_tags on the input field. Because it strips tags, <3 is removed, and the input now contains an empty string, which causes the exception to be thrown.

[M-arcus]

I have changed the flag to AllowEmptyString() and tested it with the comment. Sadly, the comment still gets removed, because strip_tags removes the entire part after <3

But at least it saves the order now.

[Bird87ZA]

Ah I see. This is unfortunately how PHP's strip_tags work. If you have an alternative, you can make a change here.

If you are fine with this limitation, then just fix the PHP Lint failure.

[M-arcus]

@Bird87ZA
Fixed. No idea why https://github.com/shopware/shopware/actions/runs/9172715717/job/25219862488?pr=3710 fails.

[shopware-github-importer]

Hello,

thank you for creating this pull request.
I have opened an issue on our Issue Tracker for you. See the issue link: https://issues.shopware.com/issues/NEXT-36122

Please use this issue to track the state of your pull request.

[Bird87ZA]

Your PR has been merged! Thanks for your contribution 💙