Merge pull request #19437 from woocommerce/fix/checkout-class-phpcs
Fixed includes/class-wc-checkout.php PHPCS violations
This commit is contained in:
commit
e957b05aea
|
@ -1,18 +1,17 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
if ( ! defined( 'ABSPATH' ) ) {
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Main checkout class.
|
* Checkout functionality
|
||||||
*
|
*
|
||||||
* The WooCommerce checkout class handles the checkout process, collecting user data and processing the payment.
|
* The WooCommerce checkout class handles the checkout process, collecting user data and processing the payment.
|
||||||
*
|
*
|
||||||
* @class WC_Checkout
|
|
||||||
* @package WooCommerce/Classes
|
* @package WooCommerce/Classes
|
||||||
* @category Class
|
* @version 3.4.0
|
||||||
* @author WooThemes
|
*/
|
||||||
|
|
||||||
|
defined( 'ABSPATH' ) || exit;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checkout class.
|
||||||
*/
|
*/
|
||||||
class WC_Checkout {
|
class WC_Checkout {
|
||||||
|
|
||||||
|
@ -32,6 +31,7 @@ class WC_Checkout {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds posted data for backwards compatibility.
|
* Holds posted data for backwards compatibility.
|
||||||
|
*
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $legacy_posted_data = array();
|
protected $legacy_posted_data = array();
|
||||||
|
@ -60,11 +60,13 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* See if variable is set. Used to support legacy public variables which are no longer defined.
|
* See if variable is set. Used to support legacy public variables which are no longer defined.
|
||||||
*
|
*
|
||||||
* @param string $key
|
* @param string $key Key.
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function __isset( $key ) {
|
public function __isset( $key ) {
|
||||||
return in_array( $key, array(
|
return in_array(
|
||||||
|
$key,
|
||||||
|
array(
|
||||||
'enable_signup',
|
'enable_signup',
|
||||||
'enable_guest_checkout',
|
'enable_guest_checkout',
|
||||||
'must_create_account',
|
'must_create_account',
|
||||||
|
@ -74,14 +76,16 @@ class WC_Checkout {
|
||||||
'payment_method',
|
'payment_method',
|
||||||
'customer_id',
|
'customer_id',
|
||||||
'shipping_methods',
|
'shipping_methods',
|
||||||
) );
|
),
|
||||||
|
true
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the legacy public variables for backwards compatibility.
|
* Sets the legacy public variables for backwards compatibility.
|
||||||
*
|
*
|
||||||
* @param string $key
|
* @param string $key Key.
|
||||||
* @param mixed $value
|
* @param mixed $value Value.
|
||||||
*/
|
*/
|
||||||
public function __set( $key, $value ) {
|
public function __set( $key, $value ) {
|
||||||
switch ( $key ) {
|
switch ( $key ) {
|
||||||
|
@ -118,12 +122,11 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Gets the legacy public variables for backwards compatibility.
|
* Gets the legacy public variables for backwards compatibility.
|
||||||
*
|
*
|
||||||
* @param string $key
|
* @param string $key Key.
|
||||||
*
|
|
||||||
* @return array|string
|
* @return array|string
|
||||||
*/
|
*/
|
||||||
public function __get( $key ) {
|
public function __get( $key ) {
|
||||||
if ( in_array( $key, array( 'posted', 'shipping_method', 'payment_method' ) ) && empty( $this->legacy_posted_data ) ) {
|
if ( in_array( $key, array( 'posted', 'shipping_method', 'payment_method' ), true ) && empty( $this->legacy_posted_data ) ) {
|
||||||
$this->legacy_posted_data = $this->get_posted_data();
|
$this->legacy_posted_data = $this->get_posted_data();
|
||||||
}
|
}
|
||||||
switch ( $key ) {
|
switch ( $key ) {
|
||||||
|
@ -263,20 +266,22 @@ class WC_Checkout {
|
||||||
* 528 - Cannot create tax item.
|
* 528 - Cannot create tax item.
|
||||||
* 529 - Cannot create coupon item.
|
* 529 - Cannot create coupon item.
|
||||||
*
|
*
|
||||||
* @throws Exception
|
* @throws Exception When checkout validation fails.
|
||||||
* @param $data Posted data.
|
* @param array $data Posted data.
|
||||||
* @return int|WP_ERROR
|
* @return int|WP_ERROR
|
||||||
*/
|
*/
|
||||||
public function create_order( $data ) {
|
public function create_order( $data ) {
|
||||||
// Give plugins the opportunity to create an order themselves.
|
// Give plugins the opportunity to create an order themselves.
|
||||||
if ( $order_id = apply_filters( 'woocommerce_create_order', null, $this ) ) {
|
$order_id = apply_filters( 'woocommerce_create_order', null, $this );
|
||||||
|
if ( $order_id ) {
|
||||||
return $order_id;
|
return $order_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$order_id = absint( WC()->session->get( 'order_awaiting_payment' ) );
|
$order_id = absint( WC()->session->get( 'order_awaiting_payment' ) );
|
||||||
$cart_hash = md5( json_encode( wc_clean( WC()->cart->get_cart_for_session() ) ) . WC()->cart->total );
|
$cart_hash = md5( wp_json_encode( wc_clean( WC()->cart->get_cart_for_session() ) ) . WC()->cart->total );
|
||||||
$available_gateways = WC()->payment_gateways->get_available_payment_gateways();
|
$available_gateways = WC()->payment_gateways->get_available_payment_gateways();
|
||||||
|
$order = $order_id ? wc_get_order( $order_id ) : null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If there is an order pending payment, we can resume it here so
|
* If there is an order pending payment, we can resume it here so
|
||||||
|
@ -284,7 +289,7 @@ class WC_Checkout {
|
||||||
* different items or cost, create a new order. We use a hash to
|
* different items or cost, create a new order. We use a hash to
|
||||||
* detect changes which is based on cart items + order total.
|
* detect changes which is based on cart items + order total.
|
||||||
*/
|
*/
|
||||||
if ( $order_id && ( $order = wc_get_order( $order_id ) ) && $order->has_cart_hash( $cart_hash ) && $order->has_status( array( 'pending', 'failed' ) ) ) {
|
if ( $order && $order->has_cart_hash( $cart_hash ) && $order->has_status( array( 'pending', 'failed' ) ) ) {
|
||||||
// Action for 3rd parties.
|
// Action for 3rd parties.
|
||||||
do_action( 'woocommerce_resume_order', $order_id );
|
do_action( 'woocommerce_resume_order', $order_id );
|
||||||
|
|
||||||
|
@ -301,7 +306,7 @@ class WC_Checkout {
|
||||||
// Store custom fields prefixed with wither shipping_ or billing_. This is for backwards compatibility with 2.6.x.
|
// Store custom fields prefixed with wither shipping_ or billing_. This is for backwards compatibility with 2.6.x.
|
||||||
// TODO: Fix conditional to only include shipping/billing address fields in a smarter way without str(i)pos.
|
// TODO: Fix conditional to only include shipping/billing address fields in a smarter way without str(i)pos.
|
||||||
} elseif ( ( 0 === stripos( $key, 'billing_' ) || 0 === stripos( $key, 'shipping_' ) )
|
} elseif ( ( 0 === stripos( $key, 'billing_' ) || 0 === stripos( $key, 'shipping_' ) )
|
||||||
&& ! in_array( $key, array( 'shipping_method', 'shipping_total', 'shipping_tax' ) ) ) {
|
&& ! in_array( $key, array( 'shipping_method', 'shipping_total', 'shipping_tax' ), true ) ) {
|
||||||
$order->update_meta_data( '_' . $key, $value );
|
$order->update_meta_data( '_' . $key, $value );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -329,6 +334,7 @@ class WC_Checkout {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust order before save.
|
* Action hook to adjust order before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_create_order', $order, $data );
|
do_action( 'woocommerce_checkout_create_order', $order, $data );
|
||||||
|
@ -347,20 +353,22 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Add line items to the order.
|
* Add line items to the order.
|
||||||
*
|
*
|
||||||
* @param WC_Order $order
|
* @param WC_Order $order Order instance.
|
||||||
* @param WC_Cart $cart
|
* @param WC_Cart $cart Cart instance.
|
||||||
*/
|
*/
|
||||||
public function create_order_line_items( &$order, $cart ) {
|
public function create_order_line_items( &$order, $cart ) {
|
||||||
foreach ( $cart->get_cart() as $cart_item_key => $values ) {
|
foreach ( $cart->get_cart() as $cart_item_key => $values ) {
|
||||||
/**
|
/**
|
||||||
* Filter hook to get initial item object.
|
* Filter hook to get initial item object.
|
||||||
|
*
|
||||||
* @since 3.1.0
|
* @since 3.1.0
|
||||||
*/
|
*/
|
||||||
$item = apply_filters( 'woocommerce_checkout_create_order_line_item_object', new WC_Order_Item_Product(), $cart_item_key, $values, $order );
|
$item = apply_filters( 'woocommerce_checkout_create_order_line_item_object', new WC_Order_Item_Product(), $cart_item_key, $values, $order );
|
||||||
$product = $values['data'];
|
$product = $values['data'];
|
||||||
$item->legacy_values = $values; // @deprecated For legacy actions.
|
$item->legacy_values = $values; // @deprecated For legacy actions.
|
||||||
$item->legacy_cart_item_key = $cart_item_key; // @deprecated For legacy actions.
|
$item->legacy_cart_item_key = $cart_item_key; // @deprecated For legacy actions.
|
||||||
$item->set_props( array(
|
$item->set_props(
|
||||||
|
array(
|
||||||
'quantity' => $values['quantity'],
|
'quantity' => $values['quantity'],
|
||||||
'variation' => $values['variation'],
|
'variation' => $values['variation'],
|
||||||
'subtotal' => $values['line_subtotal'],
|
'subtotal' => $values['line_subtotal'],
|
||||||
|
@ -368,19 +376,23 @@ class WC_Checkout {
|
||||||
'subtotal_tax' => $values['line_subtotal_tax'],
|
'subtotal_tax' => $values['line_subtotal_tax'],
|
||||||
'total_tax' => $values['line_tax'],
|
'total_tax' => $values['line_tax'],
|
||||||
'taxes' => $values['line_tax_data'],
|
'taxes' => $values['line_tax_data'],
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
if ( $product ) {
|
if ( $product ) {
|
||||||
$item->set_props( array(
|
$item->set_props(
|
||||||
|
array(
|
||||||
'name' => $product->get_name(),
|
'name' => $product->get_name(),
|
||||||
'tax_class' => $product->get_tax_class(),
|
'tax_class' => $product->get_tax_class(),
|
||||||
'product_id' => $product->is_type( 'variation' ) ? $product->get_parent_id() : $product->get_id(),
|
'product_id' => $product->is_type( 'variation' ) ? $product->get_parent_id() : $product->get_id(),
|
||||||
'variation_id' => $product->is_type( 'variation' ) ? $product->get_id() : 0,
|
'variation_id' => $product->is_type( 'variation' ) ? $product->get_id() : 0,
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
$item->set_backorder_meta();
|
$item->set_backorder_meta();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust item before save.
|
* Action hook to adjust item before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_create_order_line_item', $item, $cart_item_key, $values, $order );
|
do_action( 'woocommerce_checkout_create_order_line_item', $item, $cart_item_key, $values, $order );
|
||||||
|
@ -393,15 +405,16 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Add fees to the order.
|
* Add fees to the order.
|
||||||
*
|
*
|
||||||
* @param WC_Order $order
|
* @param WC_Order $order Order instance.
|
||||||
* @param WC_Cart $cart
|
* @param WC_Cart $cart Cart instance.
|
||||||
*/
|
*/
|
||||||
public function create_order_fee_lines( &$order, $cart ) {
|
public function create_order_fee_lines( &$order, $cart ) {
|
||||||
foreach ( $cart->get_fees() as $fee_key => $fee ) {
|
foreach ( $cart->get_fees() as $fee_key => $fee ) {
|
||||||
$item = new WC_Order_Item_Fee();
|
$item = new WC_Order_Item_Fee();
|
||||||
$item->legacy_fee = $fee; // @deprecated For legacy actions.
|
$item->legacy_fee = $fee; // @deprecated For legacy actions.
|
||||||
$item->legacy_fee_key = $fee_key; // @deprecated For legacy actions.
|
$item->legacy_fee_key = $fee_key; // @deprecated For legacy actions.
|
||||||
$item->set_props( array(
|
$item->set_props(
|
||||||
|
array(
|
||||||
'name' => $fee->name,
|
'name' => $fee->name,
|
||||||
'tax_class' => $fee->taxable ? $fee->tax_class : 0,
|
'tax_class' => $fee->taxable ? $fee->tax_class : 0,
|
||||||
'amount' => $fee->amount,
|
'amount' => $fee->amount,
|
||||||
|
@ -410,10 +423,12 @@ class WC_Checkout {
|
||||||
'taxes' => array(
|
'taxes' => array(
|
||||||
'total' => $fee->tax_data,
|
'total' => $fee->tax_data,
|
||||||
),
|
),
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust item before save.
|
* Action hook to adjust item before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_create_order_fee_item', $item, $fee_key, $fee, $order );
|
do_action( 'woocommerce_checkout_create_order_fee_item', $item, $fee_key, $fee, $order );
|
||||||
|
@ -426,18 +441,18 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Add shipping lines to the order.
|
* Add shipping lines to the order.
|
||||||
*
|
*
|
||||||
* @param WC_Order $order
|
* @param WC_Order $order Order Instance.
|
||||||
* @param array $chosen_shipping_methods
|
* @param array $chosen_shipping_methods Chosen shipping methods.
|
||||||
* @param array $packages
|
* @param array $packages Packages.
|
||||||
*/
|
*/
|
||||||
public function create_order_shipping_lines( &$order, $chosen_shipping_methods, $packages ) {
|
public function create_order_shipping_lines( &$order, $chosen_shipping_methods, $packages ) {
|
||||||
foreach ( $packages as $package_key => $package ) {
|
foreach ( $packages as $package_key => $package ) {
|
||||||
if ( isset( $chosen_shipping_methods[ $package_key ], $package['rates'][ $chosen_shipping_methods[ $package_key ] ] ) ) {
|
if ( isset( $chosen_shipping_methods[ $package_key ], $package['rates'][ $chosen_shipping_methods[ $package_key ] ] ) ) {
|
||||||
/** @var WC_Shipping_Rate $shipping_rate */
|
|
||||||
$shipping_rate = $package['rates'][ $chosen_shipping_methods[ $package_key ] ];
|
$shipping_rate = $package['rates'][ $chosen_shipping_methods[ $package_key ] ];
|
||||||
$item = new WC_Order_Item_Shipping();
|
$item = new WC_Order_Item_Shipping();
|
||||||
$item->legacy_package_key = $package_key; // @deprecated For legacy actions.
|
$item->legacy_package_key = $package_key; // @deprecated For legacy actions.
|
||||||
$item->set_props( array(
|
$item->set_props(
|
||||||
|
array(
|
||||||
'method_title' => $shipping_rate->label,
|
'method_title' => $shipping_rate->label,
|
||||||
'method_id' => $shipping_rate->method_id,
|
'method_id' => $shipping_rate->method_id,
|
||||||
'instance_id' => $shipping_rate->instance_id,
|
'instance_id' => $shipping_rate->instance_id,
|
||||||
|
@ -445,7 +460,8 @@ class WC_Checkout {
|
||||||
'taxes' => array(
|
'taxes' => array(
|
||||||
'total' => $shipping_rate->taxes,
|
'total' => $shipping_rate->taxes,
|
||||||
),
|
),
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
|
|
||||||
foreach ( $shipping_rate->get_meta_data() as $key => $value ) {
|
foreach ( $shipping_rate->get_meta_data() as $key => $value ) {
|
||||||
$item->add_meta_data( $key, $value, true );
|
$item->add_meta_data( $key, $value, true );
|
||||||
|
@ -453,6 +469,7 @@ class WC_Checkout {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust item before save.
|
* Action hook to adjust item before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_create_order_shipping_item', $item, $package_key, $package, $order );
|
do_action( 'woocommerce_checkout_create_order_shipping_item', $item, $package_key, $package, $order );
|
||||||
|
@ -466,24 +483,27 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Add tax lines to the order.
|
* Add tax lines to the order.
|
||||||
*
|
*
|
||||||
* @param WC_Order $order
|
* @param WC_Order $order Order instance.
|
||||||
* @param WC_Cart $cart
|
* @param WC_Cart $cart Cart instance.
|
||||||
*/
|
*/
|
||||||
public function create_order_tax_lines( &$order, $cart ) {
|
public function create_order_tax_lines( &$order, $cart ) {
|
||||||
foreach ( array_keys( $cart->get_cart_contents_taxes() + $cart->get_shipping_taxes() + $cart->get_fee_taxes() ) as $tax_rate_id ) {
|
foreach ( array_keys( $cart->get_cart_contents_taxes() + $cart->get_shipping_taxes() + $cart->get_fee_taxes() ) as $tax_rate_id ) {
|
||||||
if ( $tax_rate_id && apply_filters( 'woocommerce_cart_remove_taxes_zero_rate_id', 'zero-rated' ) !== $tax_rate_id ) {
|
if ( $tax_rate_id && apply_filters( 'woocommerce_cart_remove_taxes_zero_rate_id', 'zero-rated' ) !== $tax_rate_id ) {
|
||||||
$item = new WC_Order_Item_Tax();
|
$item = new WC_Order_Item_Tax();
|
||||||
$item->set_props( array(
|
$item->set_props(
|
||||||
|
array(
|
||||||
'rate_id' => $tax_rate_id,
|
'rate_id' => $tax_rate_id,
|
||||||
'tax_total' => $cart->get_tax_amount( $tax_rate_id ),
|
'tax_total' => $cart->get_tax_amount( $tax_rate_id ),
|
||||||
'shipping_tax_total' => $cart->get_shipping_tax_amount( $tax_rate_id ),
|
'shipping_tax_total' => $cart->get_shipping_tax_amount( $tax_rate_id ),
|
||||||
'rate_code' => WC_Tax::get_rate_code( $tax_rate_id ),
|
'rate_code' => WC_Tax::get_rate_code( $tax_rate_id ),
|
||||||
'label' => WC_Tax::get_rate_label( $tax_rate_id ),
|
'label' => WC_Tax::get_rate_label( $tax_rate_id ),
|
||||||
'compound' => WC_Tax::is_compound( $tax_rate_id ),
|
'compound' => WC_Tax::is_compound( $tax_rate_id ),
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust item before save.
|
* Action hook to adjust item before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_create_order_tax_item', $item, $tax_rate_id, $order );
|
do_action( 'woocommerce_checkout_create_order_tax_item', $item, $tax_rate_id, $order );
|
||||||
|
@ -497,21 +517,24 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Add coupon lines to the order.
|
* Add coupon lines to the order.
|
||||||
*
|
*
|
||||||
* @param WC_Order $order
|
* @param WC_Order $order Order instance.
|
||||||
* @param WC_Cart $cart
|
* @param WC_Cart $cart Cart instance.
|
||||||
*/
|
*/
|
||||||
public function create_order_coupon_lines( &$order, $cart ) {
|
public function create_order_coupon_lines( &$order, $cart ) {
|
||||||
foreach ( $cart->get_coupons() as $code => $coupon ) {
|
foreach ( $cart->get_coupons() as $code => $coupon ) {
|
||||||
$item = new WC_Order_Item_Coupon();
|
$item = new WC_Order_Item_Coupon();
|
||||||
$item->set_props( array(
|
$item->set_props(
|
||||||
|
array(
|
||||||
'code' => $code,
|
'code' => $code,
|
||||||
'discount' => $cart->get_coupon_discount_amount( $code ),
|
'discount' => $cart->get_coupon_discount_amount( $code ),
|
||||||
'discount_tax' => $cart->get_coupon_discount_tax_amount( $code ),
|
'discount_tax' => $cart->get_coupon_discount_tax_amount( $code ),
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
$item->add_meta_data( 'coupon_data', $coupon->get_data() );
|
$item->add_meta_data( 'coupon_data', $coupon->get_data() );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust item before save.
|
* Action hook to adjust item before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_create_order_coupon_item', $item, $code, $coupon, $order );
|
do_action( 'woocommerce_checkout_create_order_coupon_item', $item, $code, $coupon, $order );
|
||||||
|
@ -525,10 +548,8 @@ class WC_Checkout {
|
||||||
* See if a fieldset should be skipped.
|
* See if a fieldset should be skipped.
|
||||||
*
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*
|
* @param string $fieldset_key Fieldset key.
|
||||||
* @param string $fieldset_key
|
* @param array $data Posted data.
|
||||||
* @param array $data
|
|
||||||
*
|
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
protected function maybe_skip_fieldset( $fieldset_key, $data ) {
|
protected function maybe_skip_fieldset( $fieldset_key, $data ) {
|
||||||
|
@ -550,12 +571,12 @@ class WC_Checkout {
|
||||||
public function get_posted_data() {
|
public function get_posted_data() {
|
||||||
$skipped = array();
|
$skipped = array();
|
||||||
$data = array(
|
$data = array(
|
||||||
'terms' => (int) isset( $_POST['terms'] ),
|
'terms' => (int) isset( $_POST['terms'] ), // WPCS: input var ok, CSRF ok.
|
||||||
'createaccount' => (int) ! empty( $_POST['createaccount'] ),
|
'createaccount' => (int) ! empty( $_POST['createaccount'] ), // WPCS: input var ok, CSRF ok.
|
||||||
'payment_method' => isset( $_POST['payment_method'] ) ? wc_clean( $_POST['payment_method'] ) : '',
|
'payment_method' => isset( $_POST['payment_method'] ) ? wc_clean( wp_unslash( $_POST['payment_method'] ) ) : '', // WPCS: input var ok, CSRF ok.
|
||||||
'shipping_method' => isset( $_POST['shipping_method'] ) ? wc_clean( $_POST['shipping_method'] ) : '',
|
'shipping_method' => isset( $_POST['shipping_method'] ) ? wc_clean( wp_unslash( $_POST['shipping_method'] ) ) : '', // WPCS: input var ok, CSRF ok.
|
||||||
'ship_to_different_address' => ! empty( $_POST['ship_to_different_address'] ) && ! wc_ship_to_billing_address_only(),
|
'ship_to_different_address' => ! empty( $_POST['ship_to_different_address'] ) && ! wc_ship_to_billing_address_only(), // WPCS: input var ok, CSRF ok.
|
||||||
'woocommerce_checkout_update_totals' => isset( $_POST['woocommerce_checkout_update_totals'] ),
|
'woocommerce_checkout_update_totals' => isset( $_POST['woocommerce_checkout_update_totals'] ), // WPCS: input var ok, CSRF ok.
|
||||||
);
|
);
|
||||||
foreach ( $this->get_checkout_fields() as $fieldset_key => $fieldset ) {
|
foreach ( $this->get_checkout_fields() as $fieldset_key => $fieldset ) {
|
||||||
if ( $this->maybe_skip_fieldset( $fieldset_key, $data ) ) {
|
if ( $this->maybe_skip_fieldset( $fieldset_key, $data ) ) {
|
||||||
|
@ -567,16 +588,16 @@ class WC_Checkout {
|
||||||
|
|
||||||
switch ( $type ) {
|
switch ( $type ) {
|
||||||
case 'checkbox':
|
case 'checkbox':
|
||||||
$value = isset( $_POST[ $key ] ) ? 1 : '';
|
$value = isset( $_POST[ $key ] ) ? 1 : ''; // WPCS: input var ok, CSRF ok.
|
||||||
break;
|
break;
|
||||||
case 'multiselect':
|
case 'multiselect':
|
||||||
$value = isset( $_POST[ $key ] ) ? implode( ', ', wc_clean( $_POST[ $key ] ) ) : '';
|
$value = isset( $_POST[ $key ] ) ? implode( ', ', wc_clean( wp_unslash( $_POST[ $key ] ) ) ) : ''; // WPCS: input var ok, CSRF ok.
|
||||||
break;
|
break;
|
||||||
case 'textarea':
|
case 'textarea':
|
||||||
$value = isset( $_POST[ $key ] ) ? wc_sanitize_textarea( $_POST[ $key ] ) : '';
|
$value = isset( $_POST[ $key ] ) ? wc_sanitize_textarea( wp_unslash( $_POST[ $key ] ) ) : ''; // WPCS: input var ok, CSRF ok.
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
$value = isset( $_POST[ $key ] ) ? wc_clean( $_POST[ $key ] ) : '';
|
$value = isset( $_POST[ $key ] ) ? wc_clean( wp_unslash( $_POST[ $key ] ) ) : ''; // WPCS: input var ok, CSRF ok.
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -584,7 +605,7 @@ class WC_Checkout {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( in_array( 'shipping', $skipped ) && ( WC()->cart->needs_shipping_address() || wc_ship_to_billing_address_only() ) ) {
|
if ( in_array( 'shipping', $skipped, true ) && ( WC()->cart->needs_shipping_address() || wc_ship_to_billing_address_only() ) ) {
|
||||||
foreach ( $this->get_checkout_fields( 'shipping' ) as $key => $field ) {
|
foreach ( $this->get_checkout_fields( 'shipping' ) as $key => $field ) {
|
||||||
$data[ $key ] = isset( $data[ 'billing_' . substr( $key, 9 ) ] ) ? $data[ 'billing_' . substr( $key, 9 ) ] : '';
|
$data[ $key ] = isset( $data[ 'billing_' . substr( $key, 9 ) ] ) ? $data[ 'billing_' . substr( $key, 9 ) ] : '';
|
||||||
}
|
}
|
||||||
|
@ -601,7 +622,7 @@ class WC_Checkout {
|
||||||
*
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
* @param array $data An array of posted data.
|
* @param array $data An array of posted data.
|
||||||
* @param WP_Error $errors
|
* @param WP_Error $errors Validation error.
|
||||||
*/
|
*/
|
||||||
protected function validate_posted_data( &$data, &$errors ) {
|
protected function validate_posted_data( &$data, &$errors ) {
|
||||||
foreach ( $this->get_checkout_fields() as $fieldset_key => $fieldset ) {
|
foreach ( $this->get_checkout_fields() as $fieldset_key => $fieldset ) {
|
||||||
|
@ -627,16 +648,17 @@ class WC_Checkout {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( in_array( 'postcode', $format ) ) {
|
if ( in_array( 'postcode', $format, true ) ) {
|
||||||
$country = isset( $data[ $fieldset_key . '_country' ] ) ? $data[ $fieldset_key . '_country' ] : WC()->customer->{"get_{$fieldset_key}_country"}();
|
$country = isset( $data[ $fieldset_key . '_country' ] ) ? $data[ $fieldset_key . '_country' ] : WC()->customer->{"get_{$fieldset_key}_country"}();
|
||||||
$data[ $key ] = wc_format_postcode( $data[ $key ], $country );
|
$data[ $key ] = wc_format_postcode( $data[ $key ], $country );
|
||||||
|
|
||||||
if ( '' !== $data[ $key ] && ! WC_Validation::is_postcode( $data[ $key ], $country ) ) {
|
if ( '' !== $data[ $key ] && ! WC_Validation::is_postcode( $data[ $key ], $country ) ) {
|
||||||
|
/* translators: %s: field name */
|
||||||
$errors->add( 'validation', sprintf( __( '%s is not a valid postcode / ZIP.', 'woocommerce' ), '<strong>' . esc_html( $field_label ) . '</strong>' ) );
|
$errors->add( 'validation', sprintf( __( '%s is not a valid postcode / ZIP.', 'woocommerce' ), '<strong>' . esc_html( $field_label ) . '</strong>' ) );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( in_array( 'phone', $format ) ) {
|
if ( in_array( 'phone', $format, true ) ) {
|
||||||
$data[ $key ] = wc_format_phone_number( $data[ $key ] );
|
$data[ $key ] = wc_format_phone_number( $data[ $key ] );
|
||||||
|
|
||||||
if ( '' !== $data[ $key ] && ! WC_Validation::is_phone( $data[ $key ] ) ) {
|
if ( '' !== $data[ $key ] && ! WC_Validation::is_phone( $data[ $key ] ) ) {
|
||||||
|
@ -645,7 +667,7 @@ class WC_Checkout {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( in_array( 'email', $format ) && '' !== $data[ $key ] ) {
|
if ( in_array( 'email', $format, true ) && '' !== $data[ $key ] ) {
|
||||||
$data[ $key ] = sanitize_email( $data[ $key ] );
|
$data[ $key ] = sanitize_email( $data[ $key ] );
|
||||||
|
|
||||||
if ( ! is_email( $data[ $key ] ) ) {
|
if ( ! is_email( $data[ $key ] ) ) {
|
||||||
|
@ -655,11 +677,11 @@ class WC_Checkout {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( '' !== $data[ $key ] && in_array( 'state', $format ) ) {
|
if ( '' !== $data[ $key ] && in_array( 'state', $format, true ) ) {
|
||||||
$country = isset( $data[ $fieldset_key . '_country' ] ) ? $data[ $fieldset_key . '_country' ] : WC()->customer->{"get_{$fieldset_key}_country"}();
|
$country = isset( $data[ $fieldset_key . '_country' ] ) ? $data[ $fieldset_key . '_country' ] : WC()->customer->{"get_{$fieldset_key}_country"}();
|
||||||
$valid_states = WC()->countries->get_states( $country );
|
$valid_states = WC()->countries->get_states( $country );
|
||||||
|
|
||||||
if ( ! empty( $valid_states ) && is_array( $valid_states ) && sizeof( $valid_states ) > 0 ) {
|
if ( ! empty( $valid_states ) && is_array( $valid_states ) && count( $valid_states ) > 0 ) {
|
||||||
$valid_state_values = array_map( 'wc_strtoupper', array_flip( array_map( 'wc_strtoupper', $valid_states ) ) );
|
$valid_state_values = array_map( 'wc_strtoupper', array_flip( array_map( 'wc_strtoupper', $valid_states ) ) );
|
||||||
$data[ $key ] = wc_strtoupper( $data[ $key ] );
|
$data[ $key ] = wc_strtoupper( $data[ $key ] );
|
||||||
|
|
||||||
|
@ -668,7 +690,7 @@ class WC_Checkout {
|
||||||
$data[ $key ] = $valid_state_values[ $data[ $key ] ];
|
$data[ $key ] = $valid_state_values[ $data[ $key ] ];
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! in_array( $data[ $key ], $valid_state_values ) ) {
|
if ( ! in_array( $data[ $key ], $valid_state_values, true ) ) {
|
||||||
/* translators: 1: state field 2: valid states */
|
/* translators: 1: state field 2: valid states */
|
||||||
$errors->add( 'validation', sprintf( __( '%1$s is not valid. Please enter one of the following: %2$s', 'woocommerce' ), '<strong>' . esc_html( $field_label ) . '</strong>', implode( ', ', $valid_states ) ) );
|
$errors->add( 'validation', sprintf( __( '%1$s is not valid. Please enter one of the following: %2$s', 'woocommerce' ), '<strong>' . esc_html( $field_label ) . '</strong>', implode( ', ', $valid_states ) ) );
|
||||||
}
|
}
|
||||||
|
@ -688,13 +710,13 @@ class WC_Checkout {
|
||||||
*
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
* @param array $data An array of posted data.
|
* @param array $data An array of posted data.
|
||||||
* @param WP_Error $errors
|
* @param WP_Error $errors Validation errors.
|
||||||
*/
|
*/
|
||||||
protected function validate_checkout( &$data, &$errors ) {
|
protected function validate_checkout( &$data, &$errors ) {
|
||||||
$this->validate_posted_data( $data, $errors );
|
$this->validate_posted_data( $data, $errors );
|
||||||
$this->check_cart_items();
|
$this->check_cart_items();
|
||||||
|
|
||||||
if ( empty( $data['woocommerce_checkout_update_totals'] ) && ! empty( $_POST['terms-field'] ) && empty( $data['terms'] ) && apply_filters( 'woocommerce_checkout_show_terms', wc_get_page_id( 'terms' ) > 0 ) ) {
|
if ( empty( $data['woocommerce_checkout_update_totals'] ) && ! empty( $_POST['terms-field'] ) && empty( $data['terms'] ) && apply_filters( 'woocommerce_checkout_show_terms', wc_get_page_id( 'terms' ) > 0 ) ) { // WPCS: input var ok, CSRF ok.
|
||||||
$errors->add( 'terms', __( 'You must accept our Terms & Conditions.', 'woocommerce' ) );
|
$errors->add( 'terms', __( 'You must accept our Terms & Conditions.', 'woocommerce' ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -703,7 +725,8 @@ class WC_Checkout {
|
||||||
|
|
||||||
if ( empty( $shipping_country ) ) {
|
if ( empty( $shipping_country ) ) {
|
||||||
$errors->add( 'shipping', __( 'Please enter an address to continue.', 'woocommerce' ) );
|
$errors->add( 'shipping', __( 'Please enter an address to continue.', 'woocommerce' ) );
|
||||||
} elseif ( ! in_array( WC()->customer->get_shipping_country(), array_keys( WC()->countries->get_shipping_countries() ) ) ) {
|
} elseif ( ! in_array( WC()->customer->get_shipping_country(), array_keys( WC()->countries->get_shipping_countries() ), true ) ) {
|
||||||
|
/* translators: %s: shipping location */
|
||||||
$errors->add( 'shipping', sprintf( __( 'Unfortunately <strong>we do not ship %s</strong>. Please enter an alternative shipping address.', 'woocommerce' ), WC()->countries->shipping_to_prefix() . ' ' . WC()->customer->get_shipping_country() ) );
|
$errors->add( 'shipping', sprintf( __( 'Unfortunately <strong>we do not ship %s</strong>. Please enter an alternative shipping address.', 'woocommerce' ), WC()->countries->shipping_to_prefix() . ' ' . WC()->customer->get_shipping_country() ) );
|
||||||
} else {
|
} else {
|
||||||
$chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' );
|
$chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' );
|
||||||
|
@ -733,9 +756,9 @@ class WC_Checkout {
|
||||||
* Set address field for customer.
|
* Set address field for customer.
|
||||||
*
|
*
|
||||||
* @since 3.0.7
|
* @since 3.0.7
|
||||||
* @param $field string to update
|
* @param string $field String to update.
|
||||||
* @param $key
|
* @param string $key Field key.
|
||||||
* @param $data array of data to get the value from
|
* @param array $data Array of data to get the value from.
|
||||||
*/
|
*/
|
||||||
protected function set_customer_address_fields( $field, $key, $data ) {
|
protected function set_customer_address_fields( $field, $key, $data ) {
|
||||||
if ( isset( $data[ "billing_{$field}" ] ) ) {
|
if ( isset( $data[ "billing_{$field}" ] ) ) {
|
||||||
|
@ -751,7 +774,7 @@ class WC_Checkout {
|
||||||
* Update customer and session data from the posted checkout data.
|
* Update customer and session data from the posted checkout data.
|
||||||
*
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
* @param array $data
|
* @param array $data Posted data.
|
||||||
*/
|
*/
|
||||||
protected function update_session( $data ) {
|
protected function update_session( $data ) {
|
||||||
// Update both shipping and billing to the passed billing address first if set.
|
// Update both shipping and billing to the passed billing address first if set.
|
||||||
|
@ -767,7 +790,7 @@ class WC_Checkout {
|
||||||
array_walk( $address_fields, array( $this, 'set_customer_address_fields' ), $data );
|
array_walk( $address_fields, array( $this, 'set_customer_address_fields' ), $data );
|
||||||
WC()->customer->save();
|
WC()->customer->save();
|
||||||
|
|
||||||
// Update customer shipping and payment method to posted method
|
// Update customer shipping and payment method to posted method.
|
||||||
$chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' );
|
$chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' );
|
||||||
|
|
||||||
if ( is_array( $data['shipping_method'] ) ) {
|
if ( is_array( $data['shipping_method'] ) ) {
|
||||||
|
@ -788,8 +811,8 @@ class WC_Checkout {
|
||||||
* Process an order that does require payment.
|
* Process an order that does require payment.
|
||||||
*
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
* @param int $order_id
|
* @param int $order_id Order ID.
|
||||||
* @param string $payment_method
|
* @param string $payment_method Payment method.
|
||||||
*/
|
*/
|
||||||
protected function process_order_payment( $order_id, $payment_method ) {
|
protected function process_order_payment( $order_id, $payment_method ) {
|
||||||
$available_gateways = WC()->payment_gateways->get_available_payment_gateways();
|
$available_gateways = WC()->payment_gateways->get_available_payment_gateways();
|
||||||
|
@ -798,13 +821,13 @@ class WC_Checkout {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Store Order ID in session so it can be re-used after payment failure
|
// Store Order ID in session so it can be re-used after payment failure.
|
||||||
WC()->session->set( 'order_awaiting_payment', $order_id );
|
WC()->session->set( 'order_awaiting_payment', $order_id );
|
||||||
|
|
||||||
// Process Payment
|
// Process Payment.
|
||||||
$result = $available_gateways[ $payment_method ]->process_payment( $order_id );
|
$result = $available_gateways[ $payment_method ]->process_payment( $order_id );
|
||||||
|
|
||||||
// Redirect to success/confirmation/payment page
|
// Redirect to success/confirmation/payment page.
|
||||||
if ( isset( $result['result'] ) && 'success' === $result['result'] ) {
|
if ( isset( $result['result'] ) && 'success' === $result['result'] ) {
|
||||||
$result = apply_filters( 'woocommerce_payment_successful_result', $result, $order_id );
|
$result = apply_filters( 'woocommerce_payment_successful_result', $result, $order_id );
|
||||||
|
|
||||||
|
@ -821,7 +844,7 @@ class WC_Checkout {
|
||||||
* Process an order that doesn't require payment.
|
* Process an order that doesn't require payment.
|
||||||
*
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
* @param int $order_id
|
* @param int $order_id Order ID.
|
||||||
*/
|
*/
|
||||||
protected function process_order_without_payment( $order_id ) {
|
protected function process_order_without_payment( $order_id ) {
|
||||||
$order = wc_get_order( $order_id );
|
$order = wc_get_order( $order_id );
|
||||||
|
@ -829,10 +852,12 @@ class WC_Checkout {
|
||||||
wc_empty_cart();
|
wc_empty_cart();
|
||||||
|
|
||||||
if ( is_ajax() ) {
|
if ( is_ajax() ) {
|
||||||
wp_send_json( array(
|
wp_send_json(
|
||||||
|
array(
|
||||||
'result' => 'success',
|
'result' => 'success',
|
||||||
'redirect' => apply_filters( 'woocommerce_checkout_no_payment_needed_redirect', $order->get_checkout_order_received_url(), $order ),
|
'redirect' => apply_filters( 'woocommerce_checkout_no_payment_needed_redirect', $order->get_checkout_order_received_url(), $order ),
|
||||||
) );
|
)
|
||||||
|
);
|
||||||
} else {
|
} else {
|
||||||
wp_safe_redirect(
|
wp_safe_redirect(
|
||||||
apply_filters( 'woocommerce_checkout_no_payment_needed_redirect', $order->get_checkout_order_received_url(), $order )
|
apply_filters( 'woocommerce_checkout_no_payment_needed_redirect', $order->get_checkout_order_received_url(), $order )
|
||||||
|
@ -843,8 +868,9 @@ class WC_Checkout {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new customer account if needed.
|
* Create a new customer account if needed.
|
||||||
* @param array $data
|
*
|
||||||
* @throws Exception
|
* @throws Exception When not able to create customer.
|
||||||
|
* @param array $data Posted data.
|
||||||
*/
|
*/
|
||||||
protected function process_customer( $data ) {
|
protected function process_customer( $data ) {
|
||||||
$customer_id = apply_filters( 'woocommerce_checkout_customer_id', get_current_user_id() );
|
$customer_id = apply_filters( 'woocommerce_checkout_customer_id', get_current_user_id() );
|
||||||
|
@ -861,10 +887,10 @@ class WC_Checkout {
|
||||||
wp_set_current_user( $customer_id );
|
wp_set_current_user( $customer_id );
|
||||||
wc_set_customer_auth_cookie( $customer_id );
|
wc_set_customer_auth_cookie( $customer_id );
|
||||||
|
|
||||||
// As we are now logged in, checkout will need to refresh to show logged in data
|
// As we are now logged in, checkout will need to refresh to show logged in data.
|
||||||
WC()->session->set( 'reload_checkout', true );
|
WC()->session->set( 'reload_checkout', true );
|
||||||
|
|
||||||
// Also, recalculate cart totals to reveal any role-based discounts that were unavailable before registering
|
// Also, recalculate cart totals to reveal any role-based discounts that were unavailable before registering.
|
||||||
WC()->cart->calculate_totals();
|
WC()->cart->calculate_totals();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -903,6 +929,7 @@ class WC_Checkout {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action hook to adjust customer before save.
|
* Action hook to adjust customer before save.
|
||||||
|
*
|
||||||
* @since 3.0.0
|
* @since 3.0.0
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_checkout_update_customer', $customer, $data );
|
do_action( 'woocommerce_checkout_update_customer', $customer, $data );
|
||||||
|
@ -918,7 +945,7 @@ class WC_Checkout {
|
||||||
*/
|
*/
|
||||||
protected function send_ajax_failure_response() {
|
protected function send_ajax_failure_response() {
|
||||||
if ( is_ajax() ) {
|
if ( is_ajax() ) {
|
||||||
// only print notices if not reloading the checkout, otherwise they're lost in the page reload
|
// Only print notices if not reloading the checkout, otherwise they're lost in the page reload.
|
||||||
if ( ! isset( WC()->session->reload_checkout ) ) {
|
if ( ! isset( WC()->session->reload_checkout ) ) {
|
||||||
ob_start();
|
ob_start();
|
||||||
wc_print_notices();
|
wc_print_notices();
|
||||||
|
@ -940,10 +967,12 @@ class WC_Checkout {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Process the checkout after the confirm order button is pressed.
|
* Process the checkout after the confirm order button is pressed.
|
||||||
|
*
|
||||||
|
* @throws Exception When validation fails.
|
||||||
*/
|
*/
|
||||||
public function process_checkout() {
|
public function process_checkout() {
|
||||||
try {
|
try {
|
||||||
if ( empty( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-process_checkout' ) ) {
|
if ( empty( $_POST['_wpnonce'] ) || ! wp_verify_nonce( sanitize_key( wp_unslash( $_POST['_wpnonce'] ) ), 'woocommerce-process_checkout' ) ) { // WPCS: input var ok.
|
||||||
WC()->session->set( 'refresh_totals', true );
|
WC()->session->set( 'refresh_totals', true );
|
||||||
throw new Exception( __( 'We were unable to process your order, please try again.', 'woocommerce' ) );
|
throw new Exception( __( 'We were unable to process your order, please try again.', 'woocommerce' ) );
|
||||||
}
|
}
|
||||||
|
@ -954,6 +983,7 @@ class WC_Checkout {
|
||||||
do_action( 'woocommerce_before_checkout_process' );
|
do_action( 'woocommerce_before_checkout_process' );
|
||||||
|
|
||||||
if ( WC()->cart->is_empty() ) {
|
if ( WC()->cart->is_empty() ) {
|
||||||
|
/* translators: %s: shop cart url */
|
||||||
throw new Exception( sprintf( __( 'Sorry, your session has expired. <a href="%s" class="wc-backward">Return to shop</a>', 'woocommerce' ), esc_url( wc_get_page_permalink( 'shop' ) ) ) );
|
throw new Exception( sprintf( __( 'Sorry, your session has expired. <a href="%s" class="wc-backward">Return to shop</a>', 'woocommerce' ), esc_url( wc_get_page_permalink( 'shop' ) ) ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -998,8 +1028,8 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Get a posted address field after sanitization and validation.
|
* Get a posted address field after sanitization and validation.
|
||||||
*
|
*
|
||||||
* @param string $key
|
* @param string $key Field key.
|
||||||
* @param string $type billing for shipping
|
* @param string $type Type of address. Available options: 'billing' or 'shipping'.
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function get_posted_address_data( $key, $type = 'billing' ) {
|
public function get_posted_address_data( $key, $type = 'billing' ) {
|
||||||
|
@ -1014,12 +1044,12 @@ class WC_Checkout {
|
||||||
/**
|
/**
|
||||||
* Gets the value either from the posted data, or from the users meta data.
|
* Gets the value either from the posted data, or from the users meta data.
|
||||||
*
|
*
|
||||||
* @param string $input
|
* @param string $input Input key.
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function get_value( $input ) {
|
public function get_value( $input ) {
|
||||||
if ( ! empty( $_POST[ $input ] ) ) {
|
if ( ! empty( $_POST[ $input ] ) ) { // WPCS: input var ok, CSRF OK.
|
||||||
return wc_clean( $_POST[ $input ] );
|
return wc_clean( wp_unslash( $_POST[ $input ] ) ); // WPCS: input var ok, CSRF OK.
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@
|
||||||
</rule>
|
</rule>
|
||||||
<rule ref="WordPress.VIP.ValidatedSanitizedInput">
|
<rule ref="WordPress.VIP.ValidatedSanitizedInput">
|
||||||
<properties>
|
<properties>
|
||||||
<property name="customSanitizingFunctions" type="array" value="wc_clean,wc_sanitize_tooltip,wc_format_decimal,wc_stock_amount,wc_sanitize_permalink" />
|
<property name="customSanitizingFunctions" type="array" value="wc_clean,wc_sanitize_tooltip,wc_format_decimal,wc_stock_amount,wc_sanitize_permalink,wc_sanitize_textarea" />
|
||||||
</properties>
|
</properties>
|
||||||
</rule>
|
</rule>
|
||||||
<rule ref="WordPress.XSS.EscapeOutput">
|
<rule ref="WordPress.XSS.EscapeOutput">
|
||||||
|
|
Loading…
Reference in New Issue