Hi I am creating a module on Prestashop. When I do the validation of the module I get a warning in the Security Tab, 'No modifier method used. This value will be cleaned automatically before being displayed.' Can someone explain what this means? I googled it but didn't understand it.
In PrestaShop 1.6, you have to escape Smarty variables in tpl files :
{$my_var|escape:'html_all':'UTF-8'} <- 1.6 way
In 1.7, escaping is automatic therefore you should not add it yourself
{$my_var} <- 1.7 way
and if you want to display it raw you add nofilter to the variable
{$my_var nofilter}
If your module is for 1.7 only this security message is useless but if it's compatible 1.6, you have to be sure to escape the variable for this version.