[jherzog]

Ok, To make this happen I plan on adding a section to skin1/mail/html/order_notification_admin.tpl. But this template would need the variable $order['extra']['advinfo'].

This variable is set in include/func/func.order.php
In the function func_select_order() ~line 119.

It is not available for this template because the area type is not right. Hence it does not satisfy this if() statement:
if (defined('AREA_TYPE') && AREA_TYPE != 'C' && isset($order['extra']['advinfo']))

Any suggestions on what I should do?

I could:
1) directly query the database and and decrypt this information. But doing this type of php in a TPL is not ideal.
2) I could remove or modify this if() statement.

Removing the if statement is easiest but seems, at first, like a security risk. But how sensitive is this data to begin with? I do not store cc numbers and this if() statement does not return cc numbers, only authorization codes. Even if a malicious person figured out a way to access this exemption (which won't be straight forward) I don't think they could do anything harmful with the information.

The data in this variable is something like:
--- Advanced info ---
Reason: Approved: AuthCode: 010101;
PNRef: E19E3A285702 AVS info: International AVS result: N;
AVS result: Street match: Match;
Zip match: No Match CAVV info: No Match

I appreciate any opinions
Jed
xcart 4.2.x