Index: /changelog
===================================================================
--- /changelog	(revision 7689)
+++ /changelog	(revision 7690)
@@ -345,2 +345,3 @@
 - Bugfix: Plugin zur AbwÃ€rtskompatibilitÃ€t alter DownloadProduktlinks entwickelt (https://wpshopgermany.maennchen1.de/wp-content/uploads/wpsg_downloadredirect.zip)
 - Bugfix: Versandartauswahl bei Downloadprodukten, und Option "Versand per Mail" inaktiv korrigiert / Task #709
+- Bugfix: Korrektur Weiterleitung nach Bestellerstellung im Backend / Task #713
Index: /controller/wpsg_OrderController.class.php
===================================================================
--- /controller/wpsg_OrderController.class.php	(revision 7689)
+++ /controller/wpsg_OrderController.class.php	(revision 7690)
@@ -197,12 +197,12 @@
                 								
                 $order_id = $this->db->ImportQuery(WPSG_TBL_ORDER, Array(
-                    'payment_key' => wpsg_q(wpsg_sinput("key", $_REQUEST['add_payment'])),
+                    'payment_key' => wpsg_q($_REQUEST['add_payment']),
                     'payment_bruttonetto' => wpsg_q($this->shop->getBackendTaxview()),
-					'payment_tax_key' => wpsg_q($this->shop->arPayment[wpsg_sinput("key", $_REQUEST['add_payment'])]['mwst_key']),
-					'payment_set' => wpsg_q($this->shop->arPayment[wpsg_sinput("key", $_REQUEST['add_payment'])]['price']),
-					'shipping_key' => wpsg_q(wpsg_sinput("key", $_REQUEST['add_shipping'])),
+					'payment_tax_key' => wpsg_q($this->shop->arPayment[$_REQUEST['add_payment']]['mwst_key']),
+					'payment_set' => wpsg_q($this->shop->arPayment[$_REQUEST['add_payment']]['price']),
+					'shipping_key' => wpsg_q($_REQUEST['add_shipping']),
 					'shipping_bruttonetto' => wpsg_q($this->shop->getBackendTaxview()),
-					'shipping_tax_key' => wpsg_q($this->shop->arShipping[wpsg_sinput("key", $_REQUEST['add_shipping'])]['mwst_key']),
-					'shipping_set' => wpsg_q($this->shop->arShipping[wpsg_sinput("key", $_REQUEST['add_shipping'])]['price']),
+					'shipping_tax_key' => wpsg_q($this->shop->arShipping[$_REQUEST['add_shipping']]['mwst_key']),
+					'shipping_set' => wpsg_q($this->shop->arShipping[$_REQUEST['add_shipping']]['price']),
                     'price_frontend' => $this->shop->getFrontendTaxview(),
                     'cdate' => 'NOW()',
@@ -238,6 +238,6 @@
                 
                 $this->addBackendMessage(__('Die neue Bestellung wurde vorbereitet.', 'wpsg'));
-                
-                $this->redirect(wp_nonce_url(WPSG_URL_WP.'wp-admin/admin.php?page=wpsg-Order&action=view&edit_id='.$order_id, 'wpsg-order-edit-'.$order_id));
+	
+				$this->redirect(wpsg_admin_url('Order', 'view', ['edit_id' => $order_id]));
                                 
             }
Index: /controller/wpsg_ShopController.class.php
===================================================================
--- /controller/wpsg_ShopController.class.php	(revision 7689)
+++ /controller/wpsg_ShopController.class.php	(revision 7690)
@@ -442,15 +442,15 @@
 			// Betreffs der E-Mails vordefinieren
 			$this->checkDefault('wpsg_global_betreff', 'Allgemeiner Betreff', false, true);
-			$this->checkDefault('wpsg_global_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>');
+			$this->checkDefault('wpsg_global_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>', false, false, WPSG_SANITIZE_EMAILNAME);
 
 			$this->checkDefault('wpsg_adminmail_betreff', 'Eingang einer neuen Bestellung', false, true);
-			$this->checkDefault('wpsg_adminmail_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>');
+			$this->checkDefault('wpsg_adminmail_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>', false, false, WPSG_SANITIZE_EMAILNAME);
 			$this->checkDefault('wpsg_adminmail_empfaenger', 'bestellungen@'.$_SERVER['HTTP_HOST']);
 
 			$this->checkDefault('wpsg_kundenmail_betreff', 'BestellbestÃ€tigung', false, true);
-			$this->checkDefault('wpsg_kundenmail_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>');
+			$this->checkDefault('wpsg_kundenmail_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>', false, false, WPSG_SANITIZE_EMAILNAME );
 
 			$this->checkDefault('wpsg_status_betreff', 'StatusÃ€nderung Ihrer Bestellung', false, true);
-			$this->checkDefault('wpsg_status_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>');
+			$this->checkDefault('wpsg_status_absender', 'Shop XYZ <shop@'.$_SERVER['HTTP_HOST'].'>', false, false, WPSG_SANITIZE_EMAILNAME);
 
 			$this->checkDefault('wpsg_path_upload_multiblog', 'uploads/sites/%blog_id%/', true);
@@ -3042,20 +3042,24 @@
 
 		} // public function getStoreLanguages()
-
+		
 		/**
 		 * PrÃŒft die Einstellungen und setzt sie ggf. auf einen Standardwert
-		 */
-		public function checkDefault($name, $value, $force_global = false, $translation = false)
-		{
-
-			if ($this->get_option($name, $force_global) === false)
-			{
-
-				$this->update_option($name, $value, $force_global);
-
-				if ($translation === true)
-				{
-
-					$this->addTranslationString($name, $value);
+		 * @param $name
+		 * @param $value
+		 * @param bool $force_global
+		 * @param bool $translation
+		 * @param null $sanitize_type
+		 * @param array $sanitize_params
+		 * @throws \wpsg\Exception
+		 */
+		public function checkDefault($name, $value, $force_global = false, $translation = false, $sanitize_type = null, $sanitize_params = []) {
+
+			if ($this->get_option($name, $force_global) === false) {
+
+				$this->update_option($name, $value, $force_global, false, $sanitize_type, $sanitize_params);
+
+				if ($translation === true) {
+
+					$this->addTranslationString($name, $value, $sanitize_type, $sanitize_params);
 
 				}
Index: /model/wpsg_order.class.php
===================================================================
--- /model/wpsg_order.class.php	(revision 7689)
+++ /model/wpsg_order.class.php	(revision 7690)
@@ -434,8 +434,10 @@
 		 * Gibt die verwendete Zahlungsart der Bestellung zurÃŒck
 		 */
-		public function getPaymentID()
-		{
-			
-			return $this->data['type_payment'];
+		public function getPaymentID() {
+			
+			$order_payment_key = $this->__get('payment_key');
+			if (!wpsg_isSizedString($shipping_key) && wpsg_isSizedString($this->__get('type_payment'))) $order_payment_key = $this->__get('type_payment');
+			
+			return $order_payment_key; 
 			
 		} // public function getPaymentID()
@@ -444,7 +446,8 @@
 		 * @return String Name der verwendeten Zahlungsart
 		 */
-		public function getPaymentLabel()
-		{
-
+		public function getPaymentLabel() {
+			
+			$order_payment_ke = $this->getPaymentID();
+			
 			if (!array_key_exists($this->getPaymentID(), $this->shop->arPayment)) return wpsg_translate(__('Deaktivierte Zahlungsart (#1#)', 'wpsg'), $this->getPaymentID());
 			else return $this->shop->arPayment[$this->getPaymentID()]['name'];
@@ -455,12 +458,13 @@
 		 * @return String Name der verwendeten Versandart
 		 */
-		public function getShippingLabel()
-		{
-
-			if (preg_match('/(.*)-(.*)/', $this->type_shipping))
+		public function getShippingLabel() {
+			
+			$order_shipping_key = $this->getShippingID();
+
+			if (preg_match('/(.*)-(.*)/', $order_shipping_key))
 			{
 
 				// Versandart ist zusammengesetzt
-				$arShippingKey = explode('-', $this->type_shipping);
+				$arShippingKey = explode('-', $order_shipping_key);
 				$arShippingNames = array();
 
@@ -478,5 +482,5 @@
 			{
 
-				return $this->shop->getShippingName($this->type_shipping);
+				return $this->shop->getShippingName($order_shipping_key);
 
 			}
@@ -487,8 +491,10 @@
 		 * @return String Key der verwendeten Versandart
 		 */
-		public function getShippingID()
-		{
-
-			return $this->data['type_shipping'];
+		public function getShippingID() {
+			
+			$order_shipping_key = $this->__get('shipping_key');
+			if (!wpsg_isSizedString($shipping_key) && wpsg_isSizedString($this->__get('type_shipping'))) $order_shipping_key = $this->__get('type_shipping');
+			
+			return $order_shipping_key;
 
 		} // public function getShippingID()