Merge pull request #19341 from woocommerce/fix/phpcs-includes-gateways

PHPCS fixes for includes/gateways directory
2018-03-10 20:17:24 +00:00 · 2018-03-10 20:17:24 +00:00 · 8b06e0e432
parent d724f50b1c 4e3ba1b73b
commit 8b06e0e432
12 changed files with 741 additions and 541 deletions
--- a/includes/gateways/bacs/class-wc-gateway-bacs.php
+++ b/includes/gateways/bacs/class-wc-gateway-bacs.php
@ -1,7 +1,12 @@
 <?php
 /**
 * Class WC_Gateway_BACS file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
-	exit; // Exit if accessed directly
+	exit; // Exit if accessed directly.
 }
 /**
@ -13,11 +18,14 @@ if ( ! defined( 'ABSPATH' ) ) {
 * @extends     WC_Payment_Gateway
 * @version     2.1.0
 * @package     WooCommerce/Classes/Payment
 * @author      WooThemes
 */
 class WC_Gateway_BACS extends WC_Payment_Gateway {
-	/** @var array Array of locales */
+	/**
 	 * Array of locales
 	 *
 	 * @var array
 	 */
 	public $locale;
 	/**
@ -35,13 +43,14 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 		$this->init_form_fields();
 		$this->init_settings();
-		// Define user set variables
+		// Define user set variables.
 		$this->title        = $this->get_option( 'title' );
 		$this->description  = $this->get_option( 'description' );
 		$this->instructions = $this->get_option( 'instructions' );
-		// BACS account fields shown on the thanks page and in emails
+		// BACS account fields shown on the thanks page and in emails.
-		$this->account_details = get_option( 'woocommerce_bacs_accounts',
+		$this->account_details = get_option(
 			'woocommerce_bacs_accounts',
 			array(
 				array(
 					'account_name'   => $this->get_option( 'account_name' ),
@ -54,12 +63,12 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 			)
 		);
-		// Actions
+		// Actions.
 		add_action( 'woocommerce_update_options_payment_gateways_' . $this->id, array( $this, 'process_admin_options' ) );
 		add_action( 'woocommerce_update_options_payment_gateways_' . $this->id, array( $this, 'save_account_details' ) );
 		add_action( 'woocommerce_thankyou_bacs', array( $this, 'thankyou_page' ) );
-		// Customer Emails
+		// Customer Emails.
 		add_action( 'woocommerce_email_before_order_table', array( $this, 'email_instructions' ), 10, 3 );
 	}
@ -115,24 +124,24 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 		$country = WC()->countries->get_base_country();
 		$locale  = $this->get_country_locale();
-		// Get sortcode label in the $locale array and use appropriate one
+		// Get sortcode label in the $locale array and use appropriate one.
 		$sortcode = isset( $locale[ $country ]['sortcode']['label'] ) ? $locale[ $country ]['sortcode']['label'] : __( 'Sort code', 'woocommerce' );
 		?>
 		<tr valign="top">
-			<th scope="row" class="titledesc"><?php _e( 'Account details', 'woocommerce' ); ?>:</th>
+			<th scope="row" class="titledesc"><?php esc_html_e( 'Account details:', 'woocommerce' ); ?></th>
 			<td class="forminp" id="bacs_accounts">
 				<div class="wc_input_table_wrapper">
 					<table class="widefat wc_input_table sortable" cellspacing="0">
 						<thead>
 							<tr>
 								<th class="sort">&nbsp;</th>
-								<th><?php _e( 'Account name', 'woocommerce' ); ?></th>
+								<th><?php esc_html_e( 'Account name', 'woocommerce' ); ?></th>
-								<th><?php _e( 'Account number', 'woocommerce' ); ?></th>
+								<th><?php esc_html_e( 'Account number', 'woocommerce' ); ?></th>
-								<th><?php _e( 'Bank name', 'woocommerce' ); ?></th>
+								<th><?php esc_html_e( 'Bank name', 'woocommerce' ); ?></th>
-								<th><?php echo $sortcode; ?></th>
+								<th><?php echo esc_html( $sortcode ); ?></th>
-								<th><?php _e( 'IBAN', 'woocommerce' ); ?></th>
+								<th><?php esc_html_e( 'IBAN', 'woocommerce' ); ?></th>
-								<th><?php _e( 'BIC / Swift', 'woocommerce' ); ?></th>
+								<th><?php esc_html_e( 'BIC / Swift', 'woocommerce' ); ?></th>
 							</tr>
 						</thead>
 						<tbody class="accounts">
@ -144,12 +153,12 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 									echo '<tr class="account">
 										<td class="sort"></td>
-										<td><input type="text" value="' . esc_attr( wp_unslash( $account['account_name'] ) ) . '" name="bacs_account_name[' . $i . ']" /></td>
+										<td><input type="text" value="' . esc_attr( wp_unslash( $account['account_name'] ) ) . '" name="bacs_account_name[' . esc_attr( $i ) . ']" /></td>
-										<td><input type="text" value="' . esc_attr( $account['account_number'] ) . '" name="bacs_account_number[' . $i . ']" /></td>
+										<td><input type="text" value="' . esc_attr( $account['account_number'] ) . '" name="bacs_account_number[' . esc_attr( $i ) . ']" /></td>
-										<td><input type="text" value="' . esc_attr( wp_unslash( $account['bank_name'] ) ) . '" name="bacs_bank_name[' . $i . ']" /></td>
+										<td><input type="text" value="' . esc_attr( wp_unslash( $account['bank_name'] ) ) . '" name="bacs_bank_name[' . esc_attr( $i ) . ']" /></td>
-										<td><input type="text" value="' . esc_attr( $account['sort_code'] ) . '" name="bacs_sort_code[' . $i . ']" /></td>
+										<td><input type="text" value="' . esc_attr( $account['sort_code'] ) . '" name="bacs_sort_code[' . esc_attr( $i ) . ']" /></td>
-										<td><input type="text" value="' . esc_attr( $account['iban'] ) . '" name="bacs_iban[' . $i . ']" /></td>
+										<td><input type="text" value="' . esc_attr( $account['iban'] ) . '" name="bacs_iban[' . esc_attr( $i ) . ']" /></td>
-										<td><input type="text" value="' . esc_attr( $account['bic'] ) . '" name="bacs_bic[' . $i . ']" /></td>
+										<td><input type="text" value="' . esc_attr( $account['bic'] ) . '" name="bacs_bic[' . esc_attr( $i ) . ']" /></td>
 									</tr>';
 								}
 							}
@ -157,7 +166,7 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 						</tbody>
 						<tfoot>
 							<tr>
-								<th colspan="7"><a href="#" class="add button"><?php _e( '+ Add account', 'woocommerce' ); ?></a> <a href="#" class="remove_rows button"><?php _e( 'Remove selected account(s)', 'woocommerce' ); ?></a></th>
+								<th colspan="7"><a href="#" class="add button"><?php esc_html_e( '+ Add account', 'woocommerce' ); ?></a> <a href="#" class="remove_rows button"><?php esc_html_e( 'Remove selected account(s)', 'woocommerce' ); ?></a></th>
 							</tr>
 						</tfoot>
 					</table>
@ -196,14 +205,16 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 		$accounts = array();
-		if ( isset( $_POST['bacs_account_name'] ) ) {
+		// phpcs:disable WordPress.CSRF.NonceVerification.NoNonceVerification -- Nonce verification already handled in WC_Admin_Settings::save()
 		if ( isset( $_POST['bacs_account_name'] ) && isset( $_POST['bacs_account_number'] ) && isset( $_POST['bacs_bank_name'] )
 			 && isset( $_POST['bacs_sort_code'] ) && isset( $_POST['bacs_iban'] ) && isset( $_POST['bacs_bic'] ) ) {
-			$account_names   = array_map( 'wc_clean', $_POST['bacs_account_name'] );
+			$account_names   = wc_clean( wp_unslash( $_POST['bacs_account_name'] ) );
-			$account_numbers = array_map( 'wc_clean', $_POST['bacs_account_number'] );
+			$account_numbers = wc_clean( wp_unslash( $_POST['bacs_account_number'] ) );
-			$bank_names      = array_map( 'wc_clean', $_POST['bacs_bank_name'] );
+			$bank_names      = wc_clean( wp_unslash( $_POST['bacs_bank_name'] ) );
-			$sort_codes      = array_map( 'wc_clean', $_POST['bacs_sort_code'] );
+			$sort_codes      = wc_clean( wp_unslash( $_POST['bacs_sort_code'] ) );
-			$ibans           = array_map( 'wc_clean', $_POST['bacs_iban'] );
+			$ibans           = wc_clean( wp_unslash( $_POST['bacs_iban'] ) );
-			$bics            = array_map( 'wc_clean', $_POST['bacs_bic'] );
+			$bics            = wc_clean( wp_unslash( $_POST['bacs_bic'] ) );
 			foreach ( $account_names as $i => $name ) {
 				if ( ! isset( $account_names[ $i ] ) ) {
@ -220,20 +231,20 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 				);
 			}
 		}
 		// phpcs:enable
 		update_option( 'woocommerce_bacs_accounts', $accounts );
 	}
 	/**
 	 * Output for the order received page.
 	 *
-	 * @param int $order_id
+	 * @param int $order_id Order ID.
 	 */
 	public function thankyou_page( $order_id ) {
 		if ( $this->instructions ) {
-			echo wpautop( wptexturize( wp_kses_post( $this->instructions ) ) );
+			echo wp_kses_post( wpautop( wptexturize( wp_kses_post( $this->instructions ) ) ) );
 		}
 		$this->bank_details( $order_id );
@ -242,15 +253,15 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 	/**
 	 * Add content to the WC emails.
 	 *
-	 * @param WC_Order $order
+	 * @param WC_Order $order Order object.
-	 * @param bool $sent_to_admin
+	 * @param bool     $sent_to_admin Sent to admin.
-	 * @param bool $plain_text
+	 * @param bool     $plain_text Email format: plain text or HTML.
 	 */
 	public function email_instructions( $order, $sent_to_admin, $plain_text = false ) {
 		if ( ! $sent_to_admin && 'bacs' === $order->get_payment_method() && $order->has_status( 'on-hold' ) ) {
 			if ( $this->instructions ) {
-				echo wpautop( wptexturize( $this->instructions ) ) . PHP_EOL;
+				echo wp_kses_post( wpautop( wptexturize( $this->instructions ) ) . PHP_EOL );
 			}
 			$this->bank_details( $order->get_id() );
 		}
@ -260,7 +271,7 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 	/**
 	 * Get bank details and place into a list format.
 	 *
-	 * @param int $order_id
+	 * @param int $order_id Order ID.
 	 */
 	private function bank_details( $order_id = '' ) {
@ -268,14 +279,14 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 			return;
 		}
-		// Get order and store in $order
+		// Get order and store in $order.
 		$order = wc_get_order( $order_id );
-		// Get the order country and country $locale
+		// Get the order country and country $locale.
 		$country = $order->get_billing_country();
 		$locale  = $this->get_country_locale();
-		// Get sortcode label in the $locale array and use appropriate one
+		// Get sortcode label in the $locale array and use appropriate one.
 		$sortcode = isset( $locale[ $country ]['sortcode']['label'] ) ? $locale[ $country ]['sortcode']['label'] : __( 'Sort code', 'woocommerce' );
 		$bacs_accounts = apply_filters( 'woocommerce_bacs_accounts', $this->account_details );
@ -293,8 +304,9 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 				$account_html .= '<ul class="wc-bacs-bank-details order_details bacs_details">' . PHP_EOL;
-				// BACS account fields shown on the thanks page and in emails
+				// BACS account fields shown on the thanks page and in emails.
-				$account_fields = apply_filters( 'woocommerce_bacs_account_fields', array(
+				$account_fields = apply_filters(
 					'woocommerce_bacs_account_fields', array(
 						'bank_name'      => array(
 							'label' => __( 'Bank', 'woocommerce' ),
 							'value' => $bacs_account->bank_name,
@ -315,7 +327,8 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 							'label' => __( 'BIC', 'woocommerce' ),
 							'value' => $bacs_account->bic,
 						),
-				), $order_id );
+					), $order_id
 				);
 				foreach ( $account_fields as $field_key => $field ) {
 					if ( ! empty( $field['value'] ) ) {
@ -328,7 +341,7 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 			}
 			if ( $has_details ) {
-				echo '<section class="woocommerce-bacs-bank-details"><h2 class="wc-bacs-bank-details-heading">' . __( 'Our bank details', 'woocommerce' ) . '</h2>' . PHP_EOL . $account_html . '</section>';
+				echo '<section class="woocommerce-bacs-bank-details"><h2 class="wc-bacs-bank-details-heading">' . esc_html__( 'Our bank details', 'woocommerce' ) . '</h2>' . wp_kses_post( PHP_EOL . $account_html ) . '</section>';
 			}
 		}
@ -337,7 +350,7 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 	/**
 	 * Process the payment and return the result.
 	 *
-	 * @param int $order_id
+	 * @param int $order_id Order ID.
 	 * @return array
 	 */
 	public function process_payment( $order_id ) {
@ -345,19 +358,19 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 		$order = wc_get_order( $order_id );
 		if ( $order->get_total() > 0 ) {
-			// Mark as on-hold (we're awaiting the payment)
+			// Mark as on-hold (we're awaiting the payment).
 			$order->update_status( 'on-hold', __( 'Awaiting BACS payment', 'woocommerce' ) );
 		} else {
 			$order->payment_complete();
 		}
-		// Reduce stock levels
+		// Reduce stock levels.
 		wc_reduce_stock_levels( $order_id );
-		// Remove cart
+		// Remove cart.
 		WC()->cart->empty_cart();
-		// Return thankyou redirect
+		// Return thankyou redirect.
 		return array(
 			'result'   => 'success',
 			'redirect' => $this->get_return_url( $order ),
@ -374,8 +387,9 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 		if ( empty( $this->locale ) ) {
-			// Locale information to be used - only those that are not 'Sort Code'
+			// Locale information to be used - only those that are not 'Sort Code'.
-			$this->locale = apply_filters( 'woocommerce_get_bacs_locale', array(
+			$this->locale = apply_filters(
 				'woocommerce_get_bacs_locale', array(
 					'AU' => array(
 						'sortcode' => array(
 							'label' => __( 'BSB', 'woocommerce' ),
@ -416,7 +430,8 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
 							'label' => __( 'Branch code', 'woocommerce' ),
 						),
 					),
-			) );
+				)
 			);
 		}
--- a/includes/gateways/cheque/class-wc-gateway-cheque.php
+++ b/includes/gateways/cheque/class-wc-gateway-cheque.php
@ -1,7 +1,12 @@
 <?php
 /**
 * Class WC_Gateway_Cheque file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
-	exit; // Exit if accessed directly
+	exit; // Exit if accessed directly.
 }
 /**
@ -13,7 +18,6 @@ if ( ! defined( 'ABSPATH' ) ) {
 * @extends     WC_Payment_Gateway
 * @version     2.1.0
 * @package     WooCommerce/Classes/Payment
 * @author 		WooThemes
 */
 class WC_Gateway_Cheque extends WC_Payment_Gateway {
@ -31,16 +35,16 @@ class WC_Gateway_Cheque extends WC_Payment_Gateway {
 		$this->init_form_fields();
 		$this->init_settings();
-		// Define user set variables
+		// Define user set variables.
 		$this->title        = $this->get_option( 'title' );
 		$this->description  = $this->get_option( 'description' );
 		$this->instructions = $this->get_option( 'instructions' );
-		// Actions
+		// Actions.
 		add_action( 'woocommerce_update_options_payment_gateways_' . $this->id, array( $this, 'process_admin_options' ) );
 		add_action( 'woocommerce_thankyou_cheque', array( $this, 'thankyou_page' ) );
-		// Customer Emails
+		// Customer Emails.
 		add_action( 'woocommerce_email_before_order_table', array( $this, 'email_instructions' ), 10, 3 );
 	}
@ -85,7 +89,7 @@ class WC_Gateway_Cheque extends WC_Payment_Gateway {
 	 */
 	public function thankyou_page() {
 		if ( $this->instructions ) {
-			echo wpautop( wptexturize( $this->instructions ) );
+			echo wp_kses_post( wpautop( wptexturize( $this->instructions ) ) );
 		}
 	}
@ -93,20 +97,20 @@ class WC_Gateway_Cheque extends WC_Payment_Gateway {
 	 * Add content to the WC emails.
 	 *
 	 * @access public
-	 * @param WC_Order $order
+	 * @param WC_Order $order Order object.
-	 * @param bool $sent_to_admin
+	 * @param bool     $sent_to_admin Sent to admin.
-	 * @param bool $plain_text
+	 * @param bool     $plain_text Email format: plain text or HTML.
 	 */
 	public function email_instructions( $order, $sent_to_admin, $plain_text = false ) {
 		if ( $this->instructions && ! $sent_to_admin && 'cheque' === $order->get_payment_method() && $order->has_status( 'on-hold' ) ) {
-			echo wpautop( wptexturize( $this->instructions ) ) . PHP_EOL;
+			echo wp_kses_post( wpautop( wptexturize( $this->instructions ) ) . PHP_EOL );
 		}
 	}
 	/**
 	 * Process the payment and return the result.
 	 *
-	 * @param int $order_id
+	 * @param int $order_id Order ID.
 	 * @return array
 	 */
 	public function process_payment( $order_id ) {
@ -114,19 +118,19 @@ class WC_Gateway_Cheque extends WC_Payment_Gateway {
 		$order = wc_get_order( $order_id );
 		if ( $order->get_total() > 0 ) {
-			// Mark as on-hold (we're awaiting the cheque)
+			// Mark as on-hold (we're awaiting the cheque).
 			$order->update_status( 'on-hold', _x( 'Awaiting check payment', 'Check payment method', 'woocommerce' ) );
 		} else {
 			$order->payment_complete();
 		}
-		// Reduce stock levels
+		// Reduce stock levels.
 		wc_reduce_stock_levels( $order_id );
-		// Remove cart
+		// Remove cart.
 		WC()->cart->empty_cart();
-		// Return thankyou redirect
+		// Return thankyou redirect.
 		return array(
 			'result'   => 'success',
 			'redirect' => $this->get_return_url( $order ),
--- a/includes/gateways/class-wc-payment-gateway-cc.php
+++ b/includes/gateways/class-wc-payment-gateway-cc.php
@ -1,4 +1,10 @@
 <?php
 /**
 * Class WC_Payment_Gateway_CC file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }
@ -8,13 +14,13 @@ if ( ! defined( 'ABSPATH' ) ) {
 *
 * @since       2.6.0
 * @package     WooCommerce/Classes
 * @author 		WooThemes
 */
 class WC_Payment_Gateway_CC extends WC_Payment_Gateway {
 	/**
 	 * Builds our payment fields area - including tokenization fields for logged
 	 * in users, and the actual payment fields.
 	 *
 	 * @since 2.6.0
 	 */
 	public function payment_fields() {
@ -34,7 +40,7 @@ class WC_Payment_Gateway_CC extends WC_Payment_Gateway {
 	 * Gateways which support tokenization do not require names - we don't want the data to post to the server.
 	 *
 	 * @since  2.6.0
-	 * @param  string $name
+	 * @param  string $name Field name.
 	 * @return string
 	 */
 	public function field_name( $name ) {
@ -43,6 +49,7 @@ class WC_Payment_Gateway_CC extends WC_Payment_Gateway {
 	/**
 	 * Outputs fields for entering credit card information.
 	 *
 	 * @since 2.6.0
 	 */
 	public function form() {
@ -77,7 +84,7 @@ class WC_Payment_Gateway_CC extends WC_Payment_Gateway {
 			<?php do_action( 'woocommerce_credit_card_form_start', $this->id ); ?>
 			<?php
 			foreach ( $fields as $field ) {
-				echo $field;
+				echo $field; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
 			}
 			?>
 			<?php do_action( 'woocommerce_credit_card_form_end', $this->id ); ?>
@ -86,7 +93,7 @@ class WC_Payment_Gateway_CC extends WC_Payment_Gateway {
 		<?php
 		if ( $this->supports( 'credit_card_form_cvc_on_saved_method' ) ) {
-			echo '<fieldset>' . $cvc_field . '</fieldset>';
+			echo '<fieldset>' . $cvc_field . '</fieldset>'; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
 		}
 	}
 }
--- a/includes/gateways/class-wc-payment-gateway-echeck.php
+++ b/includes/gateways/class-wc-payment-gateway-echeck.php
@ -1,20 +1,26 @@
 <?php
 /**
 * Class WC_Payment_Gateway_eCheck file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }
 /**
- * eCheck Payment Gateway
+ * Class for eCheck Payment Gateway
 *
 * @since       2.6.0
 * @package     WooCommerce/Classes
 * @author 		WooThemes
 */
-class WC_Payment_Gateway_eCheck extends WC_Payment_Gateway {
+class WC_Payment_Gateway_ECheck extends WC_Payment_Gateway {
 	/**
 	 * Builds our payment fields area - including tokenization fields for logged
 	 * in users, and the actual payment fields.
 	 *
 	 * @since 2.6.0
 	 */
 	public function payment_fields() {
@ -30,6 +36,7 @@ class WC_Payment_Gateway_eCheck extends WC_Payment_Gateway {
 	/**
 	 * Outputs fields for entering eCheck information.
 	 *
 	 * @since 2.6.0
 	 */
 	public function form() {
@ -53,11 +60,12 @@ class WC_Payment_Gateway_eCheck extends WC_Payment_Gateway {
 			<?php do_action( 'woocommerce_echeck_form_start', $this->id ); ?>
 			<?php
 			foreach ( $fields as $field ) {
-					echo $field;
+				echo $field; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
 			}
 			?>
 			<?php do_action( 'woocommerce_echeck_form_end', $this->id ); ?>
 			<div class="clear"></div>
-		</fieldset><?php
+		</fieldset>
 		<?php
 	}
 }
--- a/includes/gateways/cod/class-wc-gateway-cod.php
+++ b/includes/gateways/cod/class-wc-gateway-cod.php
@ -1,7 +1,12 @@
 <?php
 /**
 * Class WC_Gateway_COD file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
-	exit; // Exit if accessed directly
+	exit; // Exit if accessed directly.
 }
 /**
@ -13,7 +18,6 @@ if ( ! defined( 'ABSPATH' ) ) {
 * @extends     WC_Payment_Gateway
 * @version     2.1.0
 * @package     WooCommerce/Classes/Payment
 * @author 		WooThemes
 */
 class WC_Gateway_COD extends WC_Payment_Gateway {
@ -21,14 +25,14 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 	 * Constructor for the gateway.
 	 */
 	public function __construct() {
-		// Setup general properties
+		// Setup general properties.
 		$this->setup_properties();
-		// Load the settings
+		// Load the settings.
 		$this->init_form_fields();
 		$this->init_settings();
-		// Get settings
+		// Get settings.
 		$this->title              = $this->get_option( 'title' );
 		$this->description        = $this->get_option( 'description' );
 		$this->instructions       = $this->get_option( 'instructions' );
@ -39,7 +43,7 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 		add_action( 'woocommerce_thankyou_' . $this->id, array( $this, 'thankyou_page' ) );
 		add_filter( 'woocommerce_payment_complete_order_status', array( $this, 'change_payment_complete_order_status' ), 10, 3 );
-		// Customer Emails
+		// Customer Emails.
 		add_action( 'woocommerce_email_before_order_table', array( $this, 'email_instructions' ), 10, 3 );
 	}
@ -124,7 +128,7 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 		$order          = null;
 		$needs_shipping = false;
-		// Test if shipping is needed first
+		// Test if shipping is needed first.
 		if ( WC()->cart && WC()->cart->needs_shipping() ) {
 			$needs_shipping = true;
 		} elseif ( is_page( wc_get_page_id( 'checkout' ) ) && 0 < get_query_var( 'order-pay' ) ) {
@ -132,7 +136,7 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 			$order    = wc_get_order( $order_id );
 			// Test if order needs shipping.
-			if ( 0 < sizeof( $order->get_items() ) ) {
+			if ( 0 < count( $order->get_items() ) ) {
 				foreach ( $order->get_items() as $item ) {
 					$_product = $item->get_product();
 					if ( $_product && $_product->needs_shipping() ) {
@ -145,7 +149,7 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 		$needs_shipping = apply_filters( 'woocommerce_cart_needs_shipping', $needs_shipping );
-		// Virtual order, with virtual disabled
+		// Virtual order, with virtual disabled.
 		if ( ! $this->enable_for_virtual && ! $needs_shipping ) {
 			return false;
 		}
@ -153,10 +157,11 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 		// Only apply if all packages are being shipped via chosen method, or order is virtual.
 		if ( ! empty( $this->enable_for_methods ) && $needs_shipping ) {
 			$chosen_shipping_methods         = array();
 			$chosen_shipping_methods_session = WC()->session->get( 'chosen_shipping_methods' );
 			if ( is_object( $order ) ) {
 				$chosen_shipping_methods = array_unique( array_map( 'wc_get_string_before_colon', $order->get_shipping_methods() ) );
-			} elseif ( $chosen_shipping_methods_session = WC()->session->get( 'chosen_shipping_methods' ) ) {
+			} elseif ( $chosen_shipping_methods_session ) {
 				$chosen_shipping_methods = array_unique( array_map( 'wc_get_string_before_colon', $chosen_shipping_methods_session ) );
 			}
@ -172,26 +177,26 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 	/**
 	 * Process the payment and return the result.
 	 *
-	 * @param int $order_id
+	 * @param int $order_id Order ID.
 	 * @return array
 	 */
 	public function process_payment( $order_id ) {
 		$order = wc_get_order( $order_id );
 		if ( $order->get_total() > 0 ) {
-			// Mark as processing or on-hold (payment won't be taken until delivery)
+			// Mark as processing or on-hold (payment won't be taken until delivery).
 			$order->update_status( apply_filters( 'woocommerce_cod_process_payment_order_status', $order->has_downloadable_item() ? 'on-hold' : 'processing', $order ), __( 'Payment to be made upon delivery.', 'woocommerce' ) );
 		} else {
 			$order->payment_complete();
 		}
-		// Reduce stock levels
+		// Reduce stock levels.
 		wc_reduce_stock_levels( $order_id );
-		// Remove cart
+		// Remove cart.
 		WC()->cart->empty_cart();
-		// Return thankyou redirect
+		// Return thankyou redirect.
 		return array(
 			'result'   => 'success',
 			'redirect' => $this->get_return_url( $order ),
@ -203,7 +208,7 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 	 */
 	public function thankyou_page() {
 		if ( $this->instructions ) {
-			echo wpautop( wptexturize( $this->instructions ) );
+			echo wp_kses_post( wpautop( wptexturize( $this->instructions ) ) );
 		}
 	}
@ -211,9 +216,9 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 	 * Change payment complete order status to completed for COD orders.
 	 *
 	 * @since  3.1.0
-	 * @param  string $status
+	 * @param  string         $status Current order status.
-	 * @param  int $order_id
+	 * @param  int            $order_id Order ID.
-	 * @param  WC_Order $order
+	 * @param  WC_Order|false $order Order object.
 	 * @return string
 	 */
 	public function change_payment_complete_order_status( $status, $order_id = 0, $order = false ) {
@ -227,13 +232,13 @@ class WC_Gateway_COD extends WC_Payment_Gateway {
 	 * Add content to the WC emails.
 	 *
 	 * @access public
-	 * @param WC_Order $order
+	 * @param WC_Order $order Order object.
-	 * @param bool $sent_to_admin
+	 * @param bool     $sent_to_admin  Sent to admin.
-	 * @param bool $plain_text
+	 * @param bool     $plain_text Email format: plain text or HTML.
 	 */
 	public function email_instructions( $order, $sent_to_admin, $plain_text = false ) {
 		if ( $this->instructions && ! $sent_to_admin && $this->id === $order->get_payment_method() ) {
-			echo wpautop( wptexturize( $this->instructions ) ) . PHP_EOL;
+			echo wp_kses_post( wpautop( wptexturize( $this->instructions ) ) . PHP_EOL );
 		}
 	}
 }
--- a/includes/gateways/paypal/class-wc-gateway-paypal.php
+++ b/includes/gateways/paypal/class-wc-gateway-paypal.php
@ -8,7 +8,6 @@
 * @extends     WC_Payment_Gateway
 * @version     2.3.0
 * @package     WooCommerce/Classes/Payment
 * @author 		WooThemes
 */
 if ( ! defined( 'ABSPATH' ) ) {
@ -20,10 +19,18 @@ if ( ! defined( 'ABSPATH' ) ) {
 */
 class WC_Gateway_Paypal extends WC_Payment_Gateway {
-	/** @var bool Whether or not logging is enabled */
+	/**
 	 * Whether or not logging is enabled
 	 *
 	 * @var bool
 	 */
 	public static $log_enabled = false;
-	/** @var WC_Logger Logger instance */
+	/**
 	 * Logger instance
 	 *
 	 * @var WC_Logger
 	 */
 	public static $log = false;
 	/**
@ -34,6 +41,7 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 		$this->has_fields        = false;
 		$this->order_button_text = __( 'Proceed to PayPal', 'woocommerce' );
 		$this->method_title      = __( 'PayPal', 'woocommerce' );
 		/* translators: %s: Link to WC system status page */
 		$this->method_description = sprintf( __( 'PayPal Standard sends customers to PayPal to enter their payment information. PayPal IPN requires fsockopen/cURL support to update order statuses after payment. Check the <a href="%s">system status</a> page for more details.', 'woocommerce' ), admin_url( 'admin.php?page=wc-status' ) );
 		$this->supports           = array(
 			'products',
@ -56,6 +64,7 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 		self::$log_enabled = $this->debug;
 		if ( $this->testmode ) {
 			/* translators: %s: Link to PayPal sandbox testing guide page */
 			$this->description .= ' ' . sprintf( __( 'SANDBOX ENABLED. You can use sandbox testing accounts only. See the <a href="%s">PayPal Sandbox Testing Guide</a> for more details.', 'woocommerce' ), 'https://developer.paypal.com/docs/classic/lifecycle/ug_sandbox/' );
 			$this->description  = trim( $this->description );
 		}
@ -68,11 +77,11 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 		if ( ! $this->is_valid_for_use() ) {
 			$this->enabled = 'no';
 		} else {
-			include_once( dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-ipn-handler.php' );
+			include_once dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-ipn-handler.php';
 			new WC_Gateway_Paypal_IPN_Handler( $this->testmode, $this->receiver_email );
 			if ( $this->identity_token ) {
-				include_once( dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-pdt-handler.php' );
+				include_once dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-pdt-handler.php';
 				new WC_Gateway_Paypal_PDT_Handler( $this->testmode, $this->identity_token );
 			}
 		}
@ -82,8 +91,8 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	 * Logging method.
 	 *
 	 * @param string $message Log message.
-	 * @param string $level   Optional. Default 'info'.
+	 * @param string $level Optional. Default 'info'. Possible values:
-	 *     emergency|alert|critical|error|warning|notice|info|debug
+	 *                      emergency|alert|critical|error|warning|notice|info|debug.
 	 */
 	public static function log( $message, $level = 'info' ) {
 		if ( self::$log_enabled ) {
@ -96,6 +105,7 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	/**
 	 * Get gateway icon.
 	 *
 	 * @return string
 	 */
 	public function get_icon() {
@ -113,7 +123,8 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	/**
 	 * Get the link for an icon based on country.
-	 * @param  string $country
+	 *
 	 * @param  string $country Country two letter code.
 	 * @return string
 	 */
 	protected function get_icon_url( $country ) {
@ -121,9 +132,9 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 		$home_counties = array( 'BE', 'CZ', 'DK', 'HU', 'IT', 'JP', 'NL', 'NO', 'ES', 'SE', 'TR', 'IN' );
 		$countries     = array( 'DZ', 'AU', 'BH', 'BQ', 'BW', 'CA', 'CN', 'CW', 'FI', 'FR', 'DE', 'GR', 'HK', 'ID', 'JO', 'KE', 'KW', 'LU', 'MY', 'MA', 'OM', 'PH', 'PL', 'PT', 'QA', 'IE', 'RU', 'BL', 'SX', 'MF', 'SA', 'SG', 'SK', 'KR', 'SS', 'TW', 'TH', 'AE', 'GB', 'US', 'VN' );
-		if ( in_array( $country, $home_counties ) ) {
+		if ( in_array( $country, $home_counties, true ) ) {
 			return $url . '/webapps/mpp/home';
-		} elseif ( in_array( $country, $countries ) ) {
+		} elseif ( in_array( $country, $countries, true ) ) {
 			return $url . '/webapps/mpp/paypal-popup';
 		} else {
 			return $url . '/cgi-bin/webscr?cmd=xpt/Marketing/general/WIPaypal-outside';
@ -138,62 +149,62 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	 */
 	protected function get_icon_image( $country ) {
 		switch ( $country ) {
-			case 'US' :
+			case 'US':
-			case 'NZ' :
+			case 'NZ':
-			case 'CZ' :
+			case 'CZ':
-			case 'HU' :
+			case 'HU':
-			case 'MY' :
+			case 'MY':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'TR' :
+			case 'TR':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_paypal_odeme_secenekleri.jpg';
 				break;
-			case 'GB' :
+			case 'GB':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/Logo/AM_mc_vs_ms_ae_UK.png';
 				break;
-			case 'MX' :
+			case 'MX':
 				$icon = array(
 					'https://www.paypal.com/es_XC/Marketing/i/banner/paypal_visa_mastercard_amex.png',
 					'https://www.paypal.com/es_XC/Marketing/i/banner/paypal_debit_card_275x60.gif',
 				);
 				break;
-			case 'FR' :
+			case 'FR':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_paypal_moyens_paiement_fr.jpg';
 				break;
-			case 'AU' :
+			case 'AU':
 				$icon = 'https://www.paypalobjects.com/webstatic/en_AU/mktg/logo/Solutions-graphics-1-184x80.jpg';
 				break;
-			case 'DK' :
+			case 'DK':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_PayPal_betalingsmuligheder_dk.jpg';
 				break;
-			case 'RU' :
+			case 'RU':
 				$icon = 'https://www.paypalobjects.com/webstatic/ru_RU/mktg/business/pages/logo-center/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'NO' :
+			case 'NO':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/banner_pl_just_pp_319x110.jpg';
 				break;
-			case 'CA' :
+			case 'CA':
 				$icon = 'https://www.paypalobjects.com/webstatic/en_CA/mktg/logo-image/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'HK' :
+			case 'HK':
 				$icon = 'https://www.paypalobjects.com/webstatic/en_HK/mktg/logo/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'SG' :
+			case 'SG':
 				$icon = 'https://www.paypalobjects.com/webstatic/en_SG/mktg/Logos/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'TW' :
+			case 'TW':
 				$icon = 'https://www.paypalobjects.com/webstatic/en_TW/mktg/logos/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'TH' :
+			case 'TH':
 				$icon = 'https://www.paypalobjects.com/webstatic/en_TH/mktg/Logos/AM_mc_vs_dc_ae.jpg';
 				break;
-			case 'JP' :
+			case 'JP':
 				$icon = 'https://www.paypal.com/ja_JP/JP/i/bnr/horizontal_solution_4_jcb.gif';
 				break;
-			case 'IN' :
+			case 'IN':
 				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo/AM_mc_vs_dc_ae.jpg';
 				break;
-			default :
+			default:
 				$icon = WC_HTTPS::force_https_url( WC()->plugin_url() . '/includes/gateways/paypal/assets/images/paypal.png' );
 				break;
 		}
@ -202,10 +213,18 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	/**
 	 * Check if this gateway is enabled and available in the user's country.
 	 *
 	 * @return bool
 	 */
 	public function is_valid_for_use() {
-		return in_array( get_woocommerce_currency(), apply_filters( 'woocommerce_paypal_supported_currencies', array( 'AUD', 'BRL', 'CAD', 'MXN', 'NZD', 'HKD', 'SGD', 'USD', 'EUR', 'JPY', 'TRY', 'NOK', 'CZK', 'DKK', 'HUF', 'ILS', 'MYR', 'PHP', 'PLN', 'SEK', 'CHF', 'TWD', 'THB', 'GBP', 'RMB', 'RUB', 'INR' ) ) );
+		return in_array(
 			get_woocommerce_currency(),
 			apply_filters(
 				'woocommerce_paypal_supported_currencies',
 				array( 'AUD', 'BRL', 'CAD', 'MXN', 'NZD', 'HKD', 'SGD', 'USD', 'EUR', 'JPY', 'TRY', 'NOK', 'CZK', 'DKK', 'HUF', 'ILS', 'MYR', 'PHP', 'PLN', 'SEK', 'CHF', 'TWD', 'THB', 'GBP', 'RMB', 'RUB', 'INR' )
 			),
 			true
 		);
 	}
 	/**
@ -219,7 +238,11 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 			parent::admin_options();
 		} else {
 			?>
-			<div class="inline error"><p><strong><?php _e( 'Gateway disabled', 'woocommerce' ); ?></strong>: <?php _e( 'PayPal does not support your store currency.', 'woocommerce' ); ?></p></div>
+			<div class="inline error">
 				<p>
 					<strong><?php esc_html_e( 'Gateway disabled', 'woocommerce' ); ?></strong>: <?php esc_html_e( 'PayPal does not support your store currency.', 'woocommerce' ); ?>
 				</p>
 			</div>
 			<?php
 		}
 	}
@ -228,12 +251,13 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	 * Initialise Gateway Settings Form Fields.
 	 */
 	public function init_form_fields() {
-		$this->form_fields = include( 'includes/settings-paypal.php' );
+		$this->form_fields = include 'includes/settings-paypal.php';
 	}
 	/**
 	 * Get the transaction URL.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return string
 	 */
 	public function get_transaction_url( $order ) {
@ -247,11 +271,12 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	/**
 	 * Process the payment and return the result.
-	 * @param  int $order_id
+	 *
 	 * @param  int $order_id Order ID.
 	 * @return array
 	 */
 	public function process_payment( $order_id ) {
-		include_once( dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-request.php' );
+		include_once dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-request.php';
 		$order          = wc_get_order( $order_id );
 		$paypal_request = new WC_Gateway_Paypal_Request( $this );
@ -264,7 +289,8 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	/**
 	 * Can the order be refunded via PayPal?
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return bool
 	 */
 	public function can_refund_order( $order ) {
@ -275,7 +301,7 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	 * Init the API class and set the username/password etc.
 	 */
 	protected function init_api() {
-		include_once( dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-api-handler.php' );
+		include_once dirname( __FILE__ ) . '/includes/class-wc-gateway-paypal-api-handler.php';
 		WC_Gateway_Paypal_API_Handler::$api_username  = $this->testmode ? $this->get_option( 'sandbox_api_username' ) : $this->get_option( 'api_username' );
 		WC_Gateway_Paypal_API_Handler::$api_password  = $this->testmode ? $this->get_option( 'sandbox_api_password' ) : $this->get_option( 'api_password' );
@ -285,9 +311,10 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	/**
 	 * Process a refund if supported.
-	 * @param  int    $order_id
+	 *
-	 * @param  float  $amount
+	 * @param  int    $order_id Order ID.
-	 * @param  string $reason
+	 * @param  float  $amount Refund amount.
 	 * @param  string $reason Refund reason.
 	 * @return bool|WP_Error
 	 */
 	public function process_refund( $order_id, $amount = null, $reason = '' ) {
@ -309,21 +336,23 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 		$this->log( 'Refund Result: ' . wc_print_r( $result, true ) );
-		switch ( strtolower( $result->ACK ) ) {
+		switch ( strtolower( $result->ACK ) ) { // phpcs:ignore WordPress.NamingConventions.ValidVariableName.NotSnakeCaseMemberVar
 			case 'success':
 			case 'successwithwarning':
-				$order->add_order_note( sprintf( __( 'Refunded %1$s - Refund ID: %2$s', 'woocommerce' ), $result->GROSSREFUNDAMT, $result->REFUNDTRANSACTIONID ) );
+				$order->add_order_note(
 					/* translators: 1: Refund amount, 2: Refund ID */
 					sprintf( __( 'Refunded %1$s - Refund ID: %2$s', 'woocommerce' ), $result->GROSSREFUNDAMT, $result->REFUNDTRANSACTIONID ) // phpcs:ignore WordPress.NamingConventions.ValidVariableName.NotSnakeCaseMemberVar
 				);
 				return true;
 			break;
 		}
-		return isset( $result->L_LONGMESSAGE0 ) ? new WP_Error( 'error', $result->L_LONGMESSAGE0 ) : false;
+		return isset( $result->L_LONGMESSAGE0 ) ? new WP_Error( 'error', $result->L_LONGMESSAGE0 ) : false; // phpcs:ignore WordPress.NamingConventions.ValidVariableName.NotSnakeCaseMemberVar
 	}
 	/**
 	 * Capture payment when the order is changed from on-hold to complete or processing
 	 *
-	 * @param  int $order_id
+	 * @param  int $order_id Order ID.
 	 */
 	public function capture_payment( $order_id ) {
 		$order = wc_get_order( $order_id );
@ -334,24 +363,29 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 			if ( is_wp_error( $result ) ) {
 				$this->log( 'Capture Failed: ' . $result->get_error_message(), 'error' );
 				/* translators: %s: Paypal gateway error message */
 				$order->add_order_note( sprintf( __( 'Payment could not captured: %s', 'woocommerce' ), $result->get_error_message() ) );
 				return;
 			}
 			$this->log( 'Capture Result: ' . wc_print_r( $result, true ) );
 			// phpcs:disable WordPress.NamingConventions.ValidVariableName.NotSnakeCaseMemberVar
 			if ( ! empty( $result->PAYMENTSTATUS ) ) {
 				switch ( $result->PAYMENTSTATUS ) {
-					case 'Completed' :
+					case 'Completed':
 						/* translators: 1: Amount, 2: Authorization ID, 3: Transaction ID */
 						$order->add_order_note( sprintf( __( 'Payment of %1$s was captured - Auth ID: %2$s, Transaction ID: %3$s', 'woocommerce' ), $result->AMT, $result->AUTHORIZATIONID, $result->TRANSACTIONID ) );
 						update_post_meta( $order->get_id(), '_paypal_status', $result->PAYMENTSTATUS );
 						update_post_meta( $order->get_id(), '_transaction_id', $result->TRANSACTIONID );
 						break;
-					default :
+					default:
 						/* translators: 1: Authorization ID, 2: Payment status */
 						$order->add_order_note( sprintf( __( 'Payment could not captured - Auth ID: %1$s, Status: %2$s', 'woocommerce' ), $result->AUTHORIZATIONID, $result->PAYMENTSTATUS ) );
 						break;
 				}
 			}
 			// phpcs:enable
 		}
 	}
@ -362,7 +396,7 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
 	 */
 	public function admin_scripts() {
 		$screen    = get_current_screen();
-		$screen_id = $screen ? $screen->id: '';
+		$screen_id = $screen ? $screen->id : '';
 		if ( 'woocommerce_page_wc-settings' !== $screen_id ) {
 			return;
--- a/includes/gateways/paypal/includes/class-wc-gateway-paypal-api-handler.php
+++ b/includes/gateways/paypal/includes/class-wc-gateway-paypal-api-handler.php
@ -1,4 +1,9 @@
 <?php
 /**
 * Class WC_Gateway_Paypal_API_Handler file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
@ -6,27 +11,45 @@ if ( ! defined( 'ABSPATH' ) ) {
 /**
 * Handles Refunds and other API requests such as capture.
 *
 * @since 3.0.0
 */
 class WC_Gateway_Paypal_API_Handler {
-	/** @var string API Username */
+	/**
 	 * API Username
 	 *
 	 * @var string
 	 */
 	public static $api_username;
-	/** @var string API Password */
+	/**
 	 * API Password
 	 *
 	 * @var string
 	 */
 	public static $api_password;
-	/** @var string API Signature */
+	/**
 	 * API Signature
 	 *
 	 * @var string
 	 */
 	public static $api_signature;
-	/** @var bool Sandbox */
+	/**
 	 * Sandbox
 	 *
 	 * @var bool
 	 */
 	public static $sandbox = false;
 	/**
 	 * Get capture request args.
 	 * See https://developer.paypal.com/docs/classic/api/merchant/DoCapture_API_Operation_NVP/.
-	 * @param  WC_Order $order
+	 *
-	 * @param  float    $amount
+	 * @param  WC_Order $order Order object.
 	 * @param  float    $amount Amount.
 	 * @return array
 	 */
 	public static function get_capture_request( $order, $amount = null ) {
@ -46,9 +69,10 @@ class WC_Gateway_Paypal_API_Handler {
 	/**
 	 * Get refund request args.
-	 * @param  WC_Order $order
+	 *
-	 * @param  float    $amount
+	 * @param  WC_Order $order Order object.
-	 * @param  string   $reason
+	 * @param  float    $amount Refund amount.
 	 * @param  string   $reason Refund reason.
 	 * @return array
 	 */
 	public static function get_refund_request( $order, $amount = null, $reason = '' ) {
@ -72,8 +96,9 @@ class WC_Gateway_Paypal_API_Handler {
 	/**
 	 * Capture an authorization.
-	 * @param  WC_Order $order
+	 *
-	 * @param  float $amount
+	 * @param  WC_Order $order Order object.
 	 * @param  float    $amount Amount.
 	 * @return object Either an object of name value pairs for a success, or a WP_ERROR object.
 	 */
 	public static function do_capture( $order, $amount = null ) {
@ -103,9 +128,10 @@ class WC_Gateway_Paypal_API_Handler {
 	/**
 	 * Refund an order via PayPal.
-	 * @param  WC_Order $order
+	 *
-	 * @param  float    $amount
+	 * @param  WC_Order $order Order object.
-	 * @param  string   $reason
+	 * @param  float    $amount Refund amount.
 	 * @param  string   $reason Refund reason.
 	 * @return object Either an object of name value pairs for a success, or a WP_ERROR object.
 	 */
 	public static function refund_transaction( $order, $amount = null, $reason = '' ) {
@ -136,12 +162,32 @@ class WC_Gateway_Paypal_API_Handler {
 /**
 * Here for backwards compatibility.
 *
 * @since 3.0.0
 */
 class WC_Gateway_Paypal_Refund extends WC_Gateway_Paypal_API_Handler {
 	/**
 	 * Get refund request args. Proxy to WC_Gateway_Paypal_API_Handler::get_refund_request().
 	 *
 	 * @param WC_Order $order Order object.
 	 * @param float    $amount Refund amount.
 	 * @param string   $reason Refund reason.
 	 *
 	 * @return array
 	 */
 	public static function get_request( $order, $amount = null, $reason = '' ) {
 		return self::get_refund_request( $order, $amount, $reason );
 	}
 	/**
 	 * Process an order refund.
 	 *
 	 * @param  WC_Order $order Order object.
 	 * @param  float    $amount Refund amount.
 	 * @param  string   $reason Refund reason.
 	 * @param  bool     $sandbox Whether to use sandbox mode or not.
 	 * @return object Either an object of name value pairs for a success, or a WP_ERROR object.
 	 */
 	public static function refund_order( $order, $amount = null, $reason = '', $sandbox = false ) {
 		if ( $sandbox ) {
 			self::$sandbox = $sandbox;
--- a/includes/gateways/paypal/includes/class-wc-gateway-paypal-pdt-handler.php
+++ b/includes/gateways/paypal/includes/class-wc-gateway-paypal-pdt-handler.php
@ -1,24 +1,33 @@
 <?php
 /**
 * Class WC_Gateway_Paypal_PDT_Handler file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }
-include_once( dirname( __FILE__ ) . '/class-wc-gateway-paypal-response.php' );
+require_once dirname( __FILE__ ) . '/class-wc-gateway-paypal-response.php';
 /**
 * Handle PDT Responses from PayPal.
 */
 class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
-	/** @var string identity_token for PDT support */
+	/**
 	 * Identity token for PDT support
 	 *
 	 * @var string
 	 */
 	protected $identity_token;
 	/**
 	 * Constructor.
 	 *
-	 * @param bool $sandbox
+	 * @param bool   $sandbox Whether to use sandbox mode or not.
-	 * @param string $identity_token
+	 * @param string $identity_token Identity token for PDT support.
 	 */
 	public function __construct( $sandbox = false, $identity_token = '' ) {
 		add_action( 'woocommerce_thankyou_paypal', array( $this, 'check_response' ) );
@ -48,7 +57,7 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
 		// Post back to get a response.
 		$response = wp_safe_remote_post( $this->sandbox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr', $pdt );
-		if ( is_wp_error( $response ) || strpos( $response['body'], "SUCCESS" ) !== 0 ) {
+		if ( is_wp_error( $response ) || strpos( $response['body'], 'SUCCESS' ) !== 0 ) {
 			return false;
 		}
@ -57,7 +66,7 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
 		$transaction_results = array();
 		foreach ( $transaction_result as $line ) {
-			$line                            = explode( "=", $line );
+			$line                            = explode( '=', $line );
 			$transaction_results[ $line[0] ] = isset( $line[1] ) ? $line[1] : '';
 		}
@ -78,12 +87,14 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
 			return;
 		}
-		$order_id    = wc_clean( stripslashes( $_REQUEST['cm'] ) );
+		$order_id    = wc_clean( wp_unslash( $_REQUEST['cm'] ) );
-		$status      = wc_clean( strtolower( stripslashes( $_REQUEST['st'] ) ) );
+		$status      = wc_clean( strtolower( wp_unslash( $_REQUEST['st'] ) ) ); // phpcs:ignore WordPress.VIP.ValidatedSanitizedInput.InputNotSanitized
-		$amount      = wc_clean( stripslashes( $_REQUEST['amt'] ) );
+		$amount      = wc_clean( wp_unslash( $_REQUEST['amt'] ) ); // phpcs:ignore WordPress.VIP.ValidatedSanitizedInput.InputNotValidated
-		$transaction = wc_clean( stripslashes( $_REQUEST['tx'] ) );
+		$transaction = wc_clean( wp_unslash( $_REQUEST['tx'] ) );
-		if ( ! ( $order = $this->get_paypal_order( $order_id ) ) || ! $order->has_status( 'pending' ) ) {
+		$order = $this->get_paypal_order( $order_id );
 		if ( ! $order || ! $order->has_status( 'pending' ) ) {
 			return false;
 		}
@ -96,8 +107,9 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
 			update_post_meta( $order->get_id(), '_transaction_id', $transaction );
 			if ( 'completed' === $status ) {
-				if ( $order->get_total() != $amount ) {
+				if ( $order->get_total() !== $amount ) {
 					WC_Gateway_Paypal::log( 'Payment error: Amounts do not match (amt ' . $amount . ')', 'error' );
 					/* translators: 1: Payment amount */
 					$this->payment_on_hold( $order, sprintf( __( 'Validation error: PayPal amounts do not match (amt %s).', 'woocommerce' ), $amount ) );
 				} else {
 					$this->payment_complete( $order, $transaction, __( 'PDT payment completed', 'woocommerce' ) );
@ -123,6 +135,7 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
 				if ( 'authorization' === $transaction_result['pending_reason'] ) {
 					$this->payment_on_hold( $order, __( 'Payment authorized. Change payment status to processing or complete to capture funds.', 'woocommerce' ) );
 				} else {
 					/* translators: 1: Pending reason */
 					$this->payment_on_hold( $order, sprintf( __( 'Payment pending (%s).', 'woocommerce' ), $transaction_result['pending_reason'] ) );
 				}
 			}
--- a/includes/gateways/paypal/includes/class-wc-gateway-paypal-request.php
+++ b/includes/gateways/paypal/includes/class-wc-gateway-paypal-request.php
@ -1,4 +1,9 @@
 <?php
 /**
 * Class WC_Gateway_Paypal_Request file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
@ -11,25 +16,29 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Stores line items to send to PayPal.
 	 *
 	 * @var array
 	 */
 	protected $line_items = array();
 	/**
 	 * Pointer to gateway making the request.
 	 *
 	 * @var WC_Gateway_Paypal
 	 */
 	protected $gateway;
 	/**
 	 * Endpoint for requests from PayPal.
 	 *
 	 * @var string
 	 */
 	protected $notify_url;
 	/**
 	 * Constructor.
-	 * @param WC_Gateway_Paypal $gateway
+	 *
 	 * @param WC_Gateway_Paypal $gateway Paypal gateway object.
 	 */
 	public function __construct( $gateway ) {
 		$this->gateway    = $gateway;
@ -38,8 +47,9 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get the PayPal request URL for an order.
-	 * @param  WC_Order $order
+	 *
-	 * @param  bool     $sandbox
+	 * @param  WC_Order $order Order object.
 	 * @param  bool     $sandbox Whether to use sandbox mode or not.
 	 * @return string
 	 */
 	public function get_request_url( $order, $sandbox = false ) {
@ -57,8 +67,8 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Limit length of an arg.
 	 *
-	 * @param  string  $string
+	 * @param  string  $string Argument to limit.
-	 * @param  integer $limit
+	 * @param  integer $limit Limit size in characters.
 	 * @return string
 	 */
 	protected function limit_length( $string, $limit = 127 ) {
@ -70,13 +80,15 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get PayPal Args for passing to PP.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return array
 	 */
 	protected function get_paypal_args( $order ) {
 		WC_Gateway_Paypal::log( 'Generating payment form for order ' . $order->get_order_number() . '. Notify URL: ' . $this->notify_url );
-		return apply_filters( 'woocommerce_paypal_args', array_merge(
+		return apply_filters(
 			'woocommerce_paypal_args', array_merge(
 				array(
 					'cmd'           => '_cart',
 					'business'      => $this->gateway->get_option( 'email' ),
@ -92,7 +104,12 @@ class WC_Gateway_Paypal_Request {
 					'paymentaction' => $this->gateway->get_option( 'paymentaction' ),
 					'bn'            => 'WooThemes_Cart',
 					'invoice'       => $this->limit_length( $this->gateway->get_option( 'invoice_prefix' ) . $order->get_order_number(), 127 ),
-				'custom'        => json_encode( array( 'order_id' => $order->get_id(), 'order_key' => $order->get_order_key() ) ),
+					'custom'        => wp_json_encode(
 						array(
 							'order_id'  => $order->get_id(),
 							'order_key' => $order->get_order_key(),
 						)
 					),
 					'notify_url'    => $this->limit_length( $this->notify_url, 255 ),
 					'first_name'    => $this->limit_length( $order->get_billing_first_name(), 32 ),
 					'last_name'     => $this->limit_length( $order->get_billing_last_name(), 64 ),
@ -107,16 +124,18 @@ class WC_Gateway_Paypal_Request {
 				$this->get_phone_number_args( $order ),
 				$this->get_shipping_args( $order ),
 				$this->get_line_item_args( $order )
-		), $order );
+			), $order
 		);
 	}
 	/**
 	 * Get phone number args for paypal request.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return array
 	 */
 	protected function get_phone_number_args( $order ) {
-		if ( in_array( $order->get_billing_country(), array( 'US', 'CA' ) ) ) {
+		if ( in_array( $order->get_billing_country(), array( 'US', 'CA' ), true ) ) {
 			$phone_number = str_replace( array( '(', '-', ' ', ')', '.' ), '', $order->get_billing_phone() );
 			$phone_number = ltrim( $phone_number, '+1' );
 			$phone_args   = array(
@ -134,17 +153,18 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get shipping args for paypal request.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return array
 	 */
 	protected function get_shipping_args( $order ) {
 		$shipping_args = array();
-		if ( 'yes' == $this->gateway->get_option( 'send_shipping' ) ) {
+		if ( 'yes' === $this->gateway->get_option( 'send_shipping' ) ) {
 			$shipping_args['address_override'] = $this->gateway->get_option( 'address_override' ) === 'yes' ? 1 : 0;
 			$shipping_args['no_shipping']      = 0;
-			// If we are sending shipping, send shipping address instead of billing
+			// If we are sending shipping, send shipping address instead of billing.
 			$shipping_args['first_name'] = $this->limit_length( $order->get_shipping_first_name(), 32 );
 			$shipping_args['last_name']  = $this->limit_length( $order->get_shipping_last_name(), 64 );
 			$shipping_args['address1']   = $this->limit_length( $order->get_shipping_address_1(), 100 );
@ -162,7 +182,8 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get line item args for paypal request.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return array
 	 */
 	protected function get_line_item_args( $order ) {
@ -185,17 +206,17 @@ class WC_Gateway_Paypal_Request {
 			if ( $order->get_shipping_total() > 0 && $order->get_shipping_total() < 999.99 && $this->number_format( $order->get_shipping_total() + $order->get_shipping_tax(), $order ) !== $this->number_format( $order->get_total(), $order ) ) {
 				$line_item_args['shipping_1'] = $this->number_format( $order->get_shipping_total(), $order );
 			} elseif ( $order->get_shipping_total() > 0 ) {
 				/* translators: %s: Order shipping method */
 				$this->add_line_item( sprintf( __( 'Shipping via %s', 'woocommerce' ), $order->get_shipping_method() ), 1, $this->number_format( $order->get_shipping_total(), $order ) );
 			}
 			$line_item_args = array_merge( $line_item_args, $this->get_line_items() );
-
+		} else {
 			/**
 			 * Send order as a single item.
 			 *
 			 * For shipping, we longer use shipping_1 because paypal ignores it if *any* shipping rules are within paypal, and paypal ignores anything over 5 digits (999.99 is the max).
 			 */
 		} else {
 			$this->delete_line_items();
@ -209,6 +230,7 @@ class WC_Gateway_Paypal_Request {
 			if ( $order->get_shipping_total() > 0 && $order->get_shipping_total() < 999.99 && $this->number_format( $order->get_shipping_total() + $order->get_shipping_tax(), $order ) !== $this->number_format( $order->get_total(), $order ) ) {
 				$line_item_args['shipping_1'] = $this->number_format( $order->get_shipping_total() + $order->get_shipping_tax(), $order );
 			} elseif ( $order->get_shipping_total() > 0 ) {
 				/* translators: %s: Order shipping method */
 				$this->add_line_item( sprintf( __( 'Shipping via %s', 'woocommerce' ), $order->get_shipping_method() ), 1, $this->number_format( $order->get_shipping_total() + $order->get_shipping_tax(), $order ) );
 			}
@ -220,7 +242,8 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get order item names as a string.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return string
 	 */
 	protected function get_order_item_names( $order ) {
@ -228,13 +251,17 @@ class WC_Gateway_Paypal_Request {
 		foreach ( $order->get_items() as $item ) {
 			$item_name = $item->get_name();
-			$item_meta = strip_tags( wc_display_item_meta( $item, array(
+			$item_meta = strip_tags(
-				'before'    => "",
+				wc_display_item_meta(
-				'separator' => ", ",
+					$item, array(
-				'after'     => "",
+						'before'    => '',
 						'separator' => ', ',
 						'after'     => '',
 						'echo'      => false,
 						'autop'     => false,
-			) ) );
+					)
 				)
 			);
 			if ( $item_meta ) {
 				$item_name .= ' (' . $item_meta . ')';
@ -248,19 +275,24 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get order item names as a string.
-	 * @param  WC_Order $order
+	 *
-	 * @param  array $item
+	 * @param  WC_Order      $order Order object.
 	 * @param  WC_Order_Item $item Order item object.
 	 * @return string
 	 */
 	protected function get_order_item_name( $order, $item ) {
 		$item_name = $item->get_name();
-		$item_meta = strip_tags( wc_display_item_meta( $item, array(
+		$item_meta = strip_tags(
-			'before'    => "",
+			wc_display_item_meta(
-			'separator' => ", ",
+				$item, array(
-			'after'     => "",
+					'before'    => '',
 					'separator' => ', ',
 					'after'     => '',
 					'echo'      => false,
 					'autop'     => false,
-		) ) );
+				)
 			)
 		);
 		if ( $item_meta ) {
 			$item_name .= ' (' . $item_meta . ')';
@ -285,14 +317,15 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get line items to send to paypal.
-	 * @param  WC_Order $order
+	 *
 	 * @param  WC_Order $order Order object.
 	 * @return bool
 	 */
 	protected function prepare_line_items( $order ) {
 		$this->delete_line_items();
 		$calculated_total = 0;
-		// Products
+		// Products.
 		foreach ( $order->get_items( array( 'line_item', 'fee' ) ) as $item ) {
 			if ( 'fee' === $item['type'] ) {
 				$item_line_total   = $this->number_format( $item['line_total'], $order );
@ -312,7 +345,7 @@ class WC_Gateway_Paypal_Request {
 		}
 		// Check for mismatched totals.
-		if ( $this->number_format( $calculated_total + $order->get_total_tax() + $this->round( $order->get_shipping_total(), $order ) - $this->round( $order->get_total_discount(), $order ), $order ) != $this->number_format( $order->get_total(), $order ) ) {
+		if ( $this->number_format( $calculated_total + $order->get_total_tax() + $this->round( $order->get_shipping_total(), $order ) - $this->round( $order->get_total_discount(), $order ), $order ) !== $this->number_format( $order->get_total(), $order ) ) {
 			return false;
 		}
@ -321,25 +354,28 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Add PayPal Line Item.
-	 * @param  string  $item_name
+	 *
-	 * @param  int     $quantity
+	 * @param  string $item_name Item name.
-	 * @param  float   $amount
+	 * @param  int    $quantity Item quantity.
-	 * @param  string  $item_number
+	 * @param  float  $amount Amount.
 	 * @param  string $item_number Item number.
 	 * @return bool successfully added or not
 	 */
 	protected function add_line_item( $item_name, $quantity = 1, $amount = 0.0, $item_number = '' ) {
-		$index = ( sizeof( $this->line_items ) / 4 ) + 1;
+		$index = ( count( $this->line_items ) / 4 ) + 1;
 		if ( $amount < 0 || $index > 9 ) {
 			return false;
 		}
-		$item = apply_filters( 'woocommerce_paypal_line_item', array(
+		$item = apply_filters(
 			'woocommerce_paypal_line_item', array(
 				'item_name'   => html_entity_decode( wc_trim_string( $item_name ? $item_name : __( 'Item', 'woocommerce' ), 127 ), ENT_NOQUOTES, 'UTF-8' ),
 				'quantity'    => (int) $quantity,
 				'amount'      => wc_float_to_string( (float) $amount ),
 				'item_number' => $item_number,
-		), $item_name, $quantity, $amount, $item_number );
+			), $item_name, $quantity, $amount, $item_number
 		);
 		$this->line_items[ 'item_name_' . $index ]   = $this->limit_length( $item['item_name'], 127 );
 		$this->line_items[ 'quantity_' . $index ]    = $item['quantity'];
@ -351,8 +387,9 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Get the state to send to paypal.
-	 * @param  string $cc
+	 *
-	 * @param  string $state
+	 * @param  string $cc Country two letter code.
 	 * @param  string $state State code.
 	 * @return string
 	 */
 	protected function get_paypal_state( $cc, $state ) {
@ -371,11 +408,12 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Check if currency has decimals.
-	 * @param  string $currency
+	 *
 	 * @param  string $currency Currency to check.
 	 * @return bool
 	 */
 	protected function currency_has_decimals( $currency ) {
-		if ( in_array( $currency, array( 'HUF', 'JPY', 'TWD' ) ) ) {
+		if ( in_array( $currency, array( 'HUF', 'JPY', 'TWD' ), true ) ) {
 			return false;
 		}
@ -384,8 +422,9 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Round prices.
-	 * @param  double $price
+	 *
-	 * @param  WC_Order $order
+	 * @param  double   $price Price to round.
 	 * @param  WC_Order $order Order object.
 	 * @return double
 	 */
 	protected function round( $price, $order ) {
@ -400,8 +439,9 @@ class WC_Gateway_Paypal_Request {
 	/**
 	 * Format prices.
-	 * @param  float|int $price
+	 *
-	 * @param  WC_Order $order
+	 * @param  float|int $price Price to format.
 	 * @param  WC_Order  $order Order object.
 	 * @return string
 	 */
 	protected function number_format( $price, $order ) {
--- a/includes/gateways/paypal/includes/class-wc-gateway-paypal-response.php
+++ b/includes/gateways/paypal/includes/class-wc-gateway-paypal-response.php
@ -1,4 +1,9 @@
 <?php
 /**
 * Class WC_Gateway_Paypal_Response file.
 *
 * @package WooCommerce\Gateways
 */
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
@ -9,27 +14,34 @@ if ( ! defined( 'ABSPATH' ) ) {
 */
 abstract class WC_Gateway_Paypal_Response {
-	/** @var bool Sandbox mode */
+	/**
 	 * Sandbox mode
 	 *
 	 * @var bool
 	 */
 	protected $sandbox = false;
 	/**
 	 * Get the order from the PayPal 'Custom' variable.
-	 * @param  string $raw_custom JSON Data passed back by PayPal
+	 *
 	 * @param  string $raw_custom JSON Data passed back by PayPal.
 	 * @return bool|WC_Order object
 	 */
 	protected function get_paypal_order( $raw_custom ) {
 		// We have the data in the correct format, so get the order.
-		if ( ( $custom = json_decode( $raw_custom ) ) && is_object( $custom ) ) {
+		$custom = wp_json_decode( $raw_custom );
 		if ( $custom && is_object( $custom ) ) {
 			$order_id  = $custom->order_id;
 			$order_key = $custom->order_key;
 		// Nothing was found.
 		} else {
 			// Nothing was found.
 			WC_Gateway_Paypal::log( 'Order ID and key were not found in "custom".', 'error' );
 			return false;
 		}
-		if ( ! $order = wc_get_order( $order_id ) ) {
+		$order = wc_get_order( $order_id );
 		if ( ! $order ) {
 			// We have an invalid $order_id, probably because invoice_prefix has changed.
 			$order_id = wc_get_order_id_by_order_key( $order_key );
 			$order    = wc_get_order( $order_id );
@ -45,9 +57,10 @@ abstract class WC_Gateway_Paypal_Response {
 	/**
 	 * Complete order, add transaction ID and note.
-	 * @param  WC_Order $order
+	 *
-	 * @param  string   $txn_id
+	 * @param  WC_Order $order Order object.
-	 * @param  string   $note
+	 * @param  string   $txn_id Transaction ID.
 	 * @param  string   $note Payment note.
 	 */
 	protected function payment_complete( $order, $txn_id = '', $note = '' ) {
 		$order->add_order_note( $note );
@ -56,8 +69,9 @@ abstract class WC_Gateway_Paypal_Response {
 	/**
 	 * Hold order and add note.
-	 * @param  WC_Order $order
+	 *
-	 * @param  string   $reason
+	 * @param  WC_Order $order Order object.
 	 * @param  string   $reason Reason why the payment is on hold.
 	 */
 	protected function payment_on_hold( $order, $reason = '' ) {
 		$order->update_status( 'on-hold', $reason );
--- a/includes/gateways/simplify-commerce/class-wc-addons-gateway-simplify-commerce.php
+++ b/includes/gateways/simplify-commerce/class-wc-addons-gateway-simplify-commerce.php
@ -101,12 +101,14 @@ class WC_Addons_Gateway_Simplify_Commerce extends WC_Gateway_Simplify_Commerce {
 			}
 			// Create customer
-			$customer = Simplify_Customer::createCustomer( array(
+			$customer = Simplify_Customer::createCustomer(
 				array(
 					'token'     => $cart_token,
 					'email'     => $order->get_billing_email(),
 					'name'      => trim( $order->get_formatted_billing_full_name() ),
 					'reference' => $order->get_id(),
-			) );
+				)
 			);
 			if ( is_object( $customer ) && '' != $customer->id ) {
 				$this->save_subscription_meta( $order->get_id(), $customer->id );
@ -194,12 +196,14 @@ class WC_Addons_Gateway_Simplify_Commerce extends WC_Gateway_Simplify_Commerce {
 				}
 				// Create customer
-				$customer = Simplify_Customer::createCustomer( array(
+				$customer = Simplify_Customer::createCustomer(
 					array(
 						'token'     => $cart_token,
 						'email'     => $order->get_billing_email(),
 						'name'      => trim( $order->get_formatted_billing_full_name() ),
 						'reference' => $order->get_id(),
-				) );
+					)
 				);
 				if ( is_object( $customer ) && '' != $customer->id ) {
 					$customer_id = wc_clean( $customer->id );
@ -241,7 +245,6 @@ class WC_Addons_Gateway_Simplify_Commerce extends WC_Gateway_Simplify_Commerce {
 					'redirect' => '',
 				);
 			}
 		} else {
 			return parent::process_standard_payments( $order, $cart_token );
 		}
@ -261,12 +264,11 @@ class WC_Addons_Gateway_Simplify_Commerce extends WC_Gateway_Simplify_Commerce {
 		if ( 'standard' == $this->mode && ( $this->order_contains_subscription( $order->get_id() ) || ( function_exists( 'wcs_is_subscription' ) && wcs_is_subscription( $order_id ) ) ) ) {
 			return $this->process_subscription( $order, $cart_token );
 		// Processing pre-order
 		} elseif ( 'standard' == $this->mode && $this->order_contains_pre_order( $order->get_id() ) ) {
 			// Processing pre-order.
 			return $this->process_pre_order( $order, $cart_token );
 		// Processing regular product
 		} else {
 			// Processing regular product.
 			return parent::process_payment( $order_id );
 		}
 	}
@ -299,13 +301,15 @@ class WC_Addons_Gateway_Simplify_Commerce extends WC_Gateway_Simplify_Commerce {
 		try {
 			// Charge the customer
-			$payment = Simplify_Payment::createPayment( array(
+			$payment = Simplify_Payment::createPayment(
 				array(
 					'amount'      => $amount * 100, // In cents.
 					'customer'    => $customer_id,
 					'description' => sprintf( __( '%1$s - Order #%2$s', 'woocommerce' ), esc_html( get_bloginfo( 'name', 'display' ) ), $order->get_order_number() ),
 					'currency'    => strtoupper( get_woocommerce_currency() ),
 					'reference'   => $order->get_id(),
-			) );
+				)
 			);
 		} catch ( Exception $e ) {
@ -440,13 +444,15 @@ class WC_Addons_Gateway_Simplify_Commerce extends WC_Gateway_Simplify_Commerce {
 			}
 			// Charge the customer
-			$payment = Simplify_Payment::createPayment( array(
+			$payment = Simplify_Payment::createPayment(
 				array(
 					'amount'      => $order->get_total() * 100, // In cents.
 					'customer'    => $customer_id,
 					'description' => trim( substr( $pre_order_name, 0, 1024 ) ),
 					'currency'    => strtoupper( get_woocommerce_currency() ),
 					'reference'   => $order->get_id(),
-			) );
+				)
 			);
 			if ( 'APPROVED' == $payment->paymentStatus ) {
 				// Payment complete
--- a/includes/gateways/simplify-commerce/class-wc-gateway-simplify-commerce.php
+++ b/includes/gateways/simplify-commerce/class-wc-gateway-simplify-commerce.php
@ -74,7 +74,7 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 	 */
 	protected function init_simplify_sdk() {
 		// Include lib
-		require_once( dirname( __FILE__ ) . '/includes/Simplify.php' );
+		require_once dirname( __FILE__ ) . '/includes/Simplify.php';
 		Simplify::$publicKey  = $this->public_key;
 		Simplify::$privateKey = $this->private_key;
@ -301,7 +301,8 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 		wp_enqueue_script( 'simplify-commerce', 'https://www.simplify.com/commerce/v1/simplify.js', array( 'jquery' ), WC_VERSION, true );
 		wp_enqueue_script( 'wc-simplify-commerce', WC()->plugin_url() . '/includes/gateways/simplify-commerce/assets/js/simplify-commerce.js', array( 'simplify-commerce', 'wc-credit-card-form' ), WC_VERSION, true );
-		wp_localize_script( 'wc-simplify-commerce', 'Simplify_commerce_params', array(
+		wp_localize_script(
 			'wc-simplify-commerce', 'Simplify_commerce_params', array(
 				'key'           => $this->public_key,
 				'card.number'   => __( 'Card number', 'woocommerce' ),
 				'card.expMonth' => __( 'Expiry month', 'woocommerce' ),
@ -309,7 +310,8 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 				'is_invalid'    => __( 'is invalid', 'woocommerce' ),
 				'mode'          => $this->mode,
 				'is_ssl'        => is_ssl(),
-		) );
+			)
 		);
 	}
 	public function add_payment_method() {
@ -356,11 +358,13 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 			$customer = Simplify_Customer::findCustomer( $customer_token->get_token() ); // get updated customer with new set card
 			$token    = $customer_token;
 		} else {
-			$customer = Simplify_Customer::createCustomer( array(
+			$customer = Simplify_Customer::createCustomer(
 				array(
 					'token' => $cart_token,
 					'email' => $customer_info['email'],
 					'name'  => $customer_info['name'],
-			) );
+				)
 			);
 			$token    = new WC_Payment_Token_CC();
 			$token->set_token( $customer->id );
 		}
@ -615,7 +619,8 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 	 * @return array
 	 */
 	protected function get_hosted_payments_args( $order ) {
-		$args = apply_filters( 'woocommerce_simplify_commerce_hosted_args', array(
+		$args = apply_filters(
 			'woocommerce_simplify_commerce_hosted_args', array(
 				'sc-key'          => $this->public_key,
 				'amount'          => $order->get_total() * 100,
 				'reference'       => $order->get_id(),
@ -630,7 +635,8 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 				'address-zip'     => $order->get_billing_postcode(),
 				'address-country' => $order->get_billing_country(),
 				'operation'       => 'create.token',
-		), $order->get_id() );
+			), $order->get_id()
 		);
 		return $args;
 	}
@ -726,12 +732,14 @@ class WC_Gateway_Simplify_Commerce extends WC_Payment_Gateway_CC {
 		try {
 			$payment_id = get_post_meta( $order_id, '_transaction_id', true );
-			$refund = Simplify_Refund::createRefund( array(
+			$refund = Simplify_Refund::createRefund(
 				array(
 					'amount'    => $amount * 100, // In cents.
 					'payment'   => $payment_id,
 					'reason'    => $reason,
 					'reference' => $order_id,
-			) );
+				)
 			);
 			if ( 'APPROVED' == $refund->paymentStatus ) {
 				return true;