Issues in abstract-wc-payment-gateway.php (master) - Issues in master - woothemes/woocommerce - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1182)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/abstracts/abstract-wc-payment-gateway.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * WooCommerce Payment Gateway class.
 *
 * Extended by individual payment gateways to handle payments.
 *
 * @class       WC_Payment_Gateway
 * @extends     WC_Settings_API
 * @version     2.1.0
 * @package     WooCommerce/Abstracts
 * @category    Abstract Class
 * @author      WooThemes
 */
abstract class WC_Payment_Gateway extends WC_Settings_API {

	/**
	 * Set if the place order button should be renamed on selection.
	 * @var string
	 */
	public $order_button_text;

	/**
	 * yes or no based on whether the method is enabled.
	 * @var string
	 */
	public $enabled = 'yes';

	/**
	 * Payment method title for the frontend.
	 * @var string
	 */
	public $title;

	/**
	 * Payment method description for the frontend.
	 * @var string
	 */
	public $description;

	/**
	 * Chosen payment method id.
	 * @var bool
	 */
	public $chosen;

	/**
	 * Gateway title.
	 * @var string
	 */
	public $method_title = '';

	/**
	 * Gateway description.
	 * @var string
	 */
	public $method_description = '';

	/**
	 * True if the gateway shows fields on the checkout.
	 * @var bool
	 */
	public $has_fields;

	/**
	 * Countries this gateway is allowed for.
	 * @var array
	 */
	public $countries;

	/**
	 * Available for all counties or specific.
	 * @var string
	 */
	public $availability;

	/**
	 * Icon for the gateway.
	 * @var string
	 */
	public $icon;

	/**
	 * Supported features such as 'default_credit_card_form', 'refunds'.
	 * @var array
	 */
	public $supports = array( 'products' );

	/**
	 * Maximum transaction amount, zero does not define a maximum.
	 * @var int
	 */
	public $max_amount = 0;

	/**
	 * Optional URL to view a transaction.
	 * @var string
	 */
	public $view_transaction_url = '';

	/**
	 * Optional label to show for "new payment method" in the payment
	 * method/token selection radio selection.
	 * @var string
	 */
	public $new_method_label = '';

	/**
	 * Contains a users saved tokens for this gateway.
	 * @var array
	 */
	protected $tokens = array();

	/**
	 * Returns a users saved tokens for this gateway.
	 * @since 2.6.0
	 * @return array
	 */
	public function get_tokens() {
		if ( sizeof( $this->tokens ) > 0 ) {
			return $this->tokens;
		}

		if ( is_user_logged_in() && $this->supports( 'tokenization' ) ) {
			$this->tokens = WC_Payment_Tokens::get_customer_tokens( get_current_user_id(), $this->id );
		}

		return $this->tokens;
	}

	/**
	 * Return the title for admin screens.
	 * @return string
	 */
	public function get_method_title() {
		return apply_filters( 'woocommerce_gateway_method_title', $this->method_title, $this );
	}

	/**
	 * Return the description for admin screens.
	 * @return string
	 */
	public function get_method_description() {
		return apply_filters( 'woocommerce_gateway_method_description', $this->method_description, $this );
	}

	/**
	 * Output the gateway settings screen.
	 */
	public function admin_options() {
		echo '<h2>' . esc_html( $this->get_method_title() ) . '</h2>';
		echo wp_kses_post( wpautop( $this->get_method_description() ) );
		parent::admin_options();
	}

	/**
	 * Init settings for gateways.
	 */
	public function init_settings() {
		parent::init_settings();
		$this->enabled  = ! empty( $this->settings['enabled'] ) && 'yes' === $this->settings['enabled'] ? 'yes' : 'no';
	}

	/**
	 * Get the return url (thank you page).
	 *
	 * @param WC_Order $order
	 * @return string
	 */
	public function get_return_url( $order = null ) {
		if ( $order ) {
			$return_url = $order->get_checkout_order_received_url();
		} else {
			$return_url = wc_get_endpoint_url( 'order-received', '', wc_get_page_permalink( 'checkout' ) );
		}

		if ( is_ssl() || get_option('woocommerce_force_ssl_checkout') == 'yes' ) {

			$return_url = str_replace( 'http:', 'https:', $return_url );
		}

		return apply_filters( 'woocommerce_get_return_url', $return_url, $order );
	}

	/**
	 * Get a link to the transaction on the 3rd party gateway size (if applicable).
	 *
	 * @param  WC_Order $order the order object.
	 * @return string transaction URL, or empty string.
	 */
	public function get_transaction_url( $order ) {

		$return_url = '';
		$transaction_id = $order->get_transaction_id();

		if ( ! empty( $this->view_transaction_url ) && ! empty( $transaction_id ) ) {
			$return_url = sprintf( $this->view_transaction_url, $transaction_id );
		}

		return apply_filters( 'woocommerce_get_transaction_url', $return_url, $order, $this );
	}

	/**
	 * Get the order total in checkout and pay_for_order.
	 *
	 * @return float
	 */
	protected function get_order_total() {

		$total = 0;
		$order_id = absint( get_query_var( 'order-pay' ) );

		// Gets order total from "pay for order" page.
		if ( 0 < $order_id ) {
			$order = wc_get_order( $order_id );
			$total = (float) $order->get_total();

		// Gets order total from cart/checkout.
		} elseif ( 0 < WC()->cart->total ) {
			$total = (float) WC()->cart->total;
		}

		return $total;
	}

	/**
	 * Check if the gateway is available for use.
	 *
	 * @return bool
	 */
	public function is_available() {
		$is_available = ( 'yes' === $this->enabled );

		if ( WC()->cart && 0 < $this->get_order_total() && 0 < $this->max_amount && $this->max_amount < $this->get_order_total() ) {
			$is_available = false;
		}

		return $is_available;
	}

	/**
	 * Check if the gateway has fields on the checkout.
	 *
	 * @return bool
	 */
	public function has_fields() {
		return $this->has_fields ? true : false;
	}

	/**
	 * Return the gateway's title.
	 *
	 * @return string
	 */
	public function get_title() {
		return apply_filters( 'woocommerce_gateway_title', $this->title, $this->id );
	}

	/**
	 * Return the gateway's description.
	 *
	 * @return string
	 */
	public function get_description() {
		return apply_filters( 'woocommerce_gateway_description', $this->description, $this->id );
	}

	/**
	 * Return the gateway's icon.
	 *
	 * @return string
	 */
	public function get_icon() {

		$icon = $this->icon ? '<img src="' . WC_HTTPS::force_https_url( $this->icon ) . '" alt="' . esc_attr( $this->get_title() ) . '" />' : '';

		return apply_filters( 'woocommerce_gateway_icon', $icon, $this->id );
	}

	/**
	 * Set as current gateway.
	 *
	 * Set this as the current gateway.
	 */
	public function set_current() {
		$this->chosen = true;
	}

	/**
	 * Process Payment.
	 *
	 * Process the payment. Override this in your gateway. When implemented, this should.
	 * return the success and redirect in an array. e.g:
	 *
	 *        return array(
	 *            'result'   => 'success',
	 *            'redirect' => $this->get_return_url( $order )
	 *        );
	 *
	 * @param int $order_id
	 * @return array
	 */
	public function process_payment( $order_id ) {
		return array();
	}

	/**
	 * Process refund.
	 *
	 * If the gateway declares 'refunds' support, this will allow it to refund.
	 * a passed in amount.
	 *
	 * @param  int $order_id
	 * @param  float $amount
	 * @param  string $reason
	 * @return boolean True or false based on success, or a WP_Error object.
	 */
	public function process_refund( $order_id, $amount = null, $reason = '' ) {
		return false;
	}

	/**
	 * Validate frontend fields.
	 *
	 * Validate payment fields on the frontend.
	 *
	 * @return bool
	 */
	public function validate_fields() { return true; }

	/**
	 * If There are no payment fields show the description if set.
	 * Override this in your gateway if you have some.
	 */
	public function payment_fields() {
		if ( $description = $this->get_description() ) {
			echo wpautop( wptexturize( $description ) );
		}

		if ( $this->supports( 'default_credit_card_form' ) ) {
			$this->credit_card_form(); // Deprecated, will be removed in a future version.
		}
	}

	/**
	 * Check if a gateway supports a given feature.
	 *
	 * Gateways should override this to declare support (or lack of support) for a feature.
	 * For backward compatibility, gateways support 'products' by default, but nothing else.
	 *
	 * @param string $feature string The name of a feature to test support for.
	 * @return bool True if the gateway supports the feature, false otherwise.
	 * @since 1.5.7
	 */
	public function supports( $feature ) {
		return apply_filters( 'woocommerce_payment_gateway_supports', in_array( $feature, $this->supports ) ? true : false, $feature, $this );
	}

	/**
	 * Core credit card form which gateways can used if needed. Deprecated - inheirt WC_Payment_Gateway_CC instead.
	 * @param  array $args
	 * @param  array $fields
	 */
	public function credit_card_form( $args = array(), $fields = array() ) {

		_deprecated_function( 'credit_card_form', '2.6', 'WC_Payment_Gateway_CC->form' );
		$cc_form = new WC_Payment_Gateway_CC;
		$cc_form->id       = $this->id;
		$cc_form->supports = $this->supports;
		$cc_form->form();
	}

	/**
	 * Enqueues our tokenization script to handle some of the new form options.
	 * @since 2.6.0
	 */
	public function tokenization_script() {
		wp_enqueue_script(
			'woocommerce-tokenization-form',
			plugins_url(  '/assets/js/frontend/tokenization-form' . ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min' ) . '.js', WC_PLUGIN_FILE ),
			array( 'jquery' ),
			WC()->version
		);
	}

	/**
	 * Grab and display our saved payment methods.
	 * @since 2.6.0
	 */
	public function saved_payment_methods() {
		$html = '<ul class="woocommerce-SavedPaymentMethods wc-saved-payment-methods" data-count="' . esc_attr( count( $this->get_tokens() ) ) . '">';

		foreach ( $this->get_tokens() as $token ) {
			$html .= $this->get_saved_payment_method_option_html( $token );
		}

		$html .= $this->get_new_payment_method_option_html();
		$html .= '</ul>';

		echo apply_filters( 'wc_payment_gateway_form_saved_payment_methods_html', $html, $this );
	}

	/**
	 * Gets saved payment method HTML from a token.
	 * @since 2.6.0
	 * @param  WC_Payment_Token $token Payment Token
	 * @return string                  Generated payment method HTML
	 */
	public function get_saved_payment_method_option_html( $token ) {
		$html = sprintf(
			'<li class="woocommerce-SavedPaymentMethods-token">
				<input id="wc-%1$s-payment-token-%2$s" type="radio" name="wc-%1$s-payment-token" value="%2$s" style="width:auto;" class="woocommerce-SavedPaymentMethods-tokenInput" %4$s />
				<label for="wc-%1$s-payment-token-%2$s">%3$s</label>
			</li>',
			esc_attr( $this->id ),
			esc_attr( $token->get_id() ),
			esc_html( $token->get_display_name() ),
			checked( $token->is_default(), true, false )
		);

		return apply_filters( 'woocommerce_payment_gateway_get_saved_payment_method_option_html', $html, $token, $this );
	}

	/**
	 * Displays a radio button for entering a new payment method (new CC details) instead of using a saved method.
	 * Only displayed when a gateway supports tokenization.
	 * @since 2.6.0
	 */
	public function get_new_payment_method_option_html() {
		$label = apply_filters( 'woocommerce_payment_gateway_get_new_payment_method_option_html_label', $this->new_method_label ? $this->new_method_label : __( 'Use a new payment method', 'woocommerce' ), $this );
		$html  = sprintf(
			'<li class="woocommerce-SavedPaymentMethods-new">
				<input id="wc-%1$s-payment-token-new" type="radio" name="wc-%1$s-payment-token" value="new" style="width:auto;" class="woocommerce-SavedPaymentMethods-tokenInput" />
				<label for="wc-%1$s-payment-token-new">%2$s</label>
			</li>',
			esc_attr( $this->id ),
			esc_html( $label )
		);

		return apply_filters( 'woocommerce_payment_gateway_get_new_payment_method_option_html', $html, $this );
	}

	/**
	 * Outputs a checkbox for saving a new payment method to the database.
	 * @since 2.6.0
	 */
	public function save_payment_method_checkbox() {
		echo sprintf(
			'<p class="form-row woocommerce-SavedPaymentMethods-saveNew">
				<input id="wc-%1$s-new-payment-method" name="wc-%1$s-new-payment-method" type="checkbox" value="true" style="width:auto;" />
				<label for="wc-%1$s-new-payment-method" style="display:inline;">%2$s</label>
			</p>',
			esc_attr( $this->id ),
			esc_html__( 'Save to Account', 'woocommerce' )
		);
	}
}


1		<?php
2
3		if ( ! defined( 'ABSPATH' ) ) {
4		exit;
5		}
6
7		/**
8		* WooCommerce Payment Gateway class.
9		*
10		* Extended by individual payment gateways to handle payments.
11		*
12		* @class WC_Payment_Gateway
13		* @extends WC_Settings_API
14		* @version 2.1.0
15		* @package WooCommerce/Abstracts
16		* @category Abstract Class
17		* @author WooThemes
18		*/
19		abstract class WC_Payment_Gateway extends WC_Settings_API {
20
21		/**
22		* Set if the place order button should be renamed on selection.
23		* @var string
24		*/
25		public $order_button_text;
26
27		/**
28		* yes or no based on whether the method is enabled.
29		* @var string
30		*/
31		public $enabled = 'yes';
32
33		/**
34		* Payment method title for the frontend.
35		* @var string
36		*/
37		public $title;
38
39		/**
40		* Payment method description for the frontend.
41		* @var string
42		*/
43		public $description;
44
45		/**
46		* Chosen payment method id.
47		* @var bool
48		*/
49		public $chosen;
50
51		/**
52		* Gateway title.
53		* @var string
54		*/
55		public $method_title = '';
56
57		/**
58		* Gateway description.
59		* @var string
60		*/
61		public $method_description = '';
62
63		/**
64		* True if the gateway shows fields on the checkout.
65		* @var bool
66		*/
67		public $has_fields;
68
69		/**
70		* Countries this gateway is allowed for.
71		* @var array
72		*/
73		public $countries;
74
75		/**
76		* Available for all counties or specific.
77		* @var string
78		*/
79		public $availability;
80
81		/**
82		* Icon for the gateway.
83		* @var string
84		*/
85		public $icon;
86
87		/**
88		* Supported features such as 'default_credit_card_form', 'refunds'.
89		* @var array
90		*/
91		public $supports = array( 'products' );
92
93		/**
94		* Maximum transaction amount, zero does not define a maximum.
95		* @var int
96		*/
97		public $max_amount = 0;
98
99		/**
100		* Optional URL to view a transaction.
101		* @var string
102		*/
103		public $view_transaction_url = '';
104
105		/**
106		* Optional label to show for "new payment method" in the payment
107		* method/token selection radio selection.
108		* @var string
109		*/
110		public $new_method_label = '';
111
112		/**
113		* Contains a users saved tokens for this gateway.
114		* @var array
115		*/
116		protected $tokens = array();
117
118		/**
119		* Returns a users saved tokens for this gateway.
120		* @since 2.6.0
121		* @return array
122		*/
123		public function get_tokens() {
124		if ( sizeof( $this->tokens ) > 0 ) {
125		return $this->tokens;
126		}
127
128		if ( is_user_logged_in() && $this->supports( 'tokenization' ) ) {
129		$this->tokens = WC_Payment_Tokens::get_customer_tokens( get_current_user_id(), $this->id );
130		}
131
132		return $this->tokens;
133		}
134
135		/**
136		* Return the title for admin screens.
137		* @return string
138		*/
139		public function get_method_title() {
140		return apply_filters( 'woocommerce_gateway_method_title', $this->method_title, $this );
141		}
142
143		/**
144		* Return the description for admin screens.
145		* @return string
146		*/
147		public function get_method_description() {
148		return apply_filters( 'woocommerce_gateway_method_description', $this->method_description, $this );
149		}
150
151		/**
152		* Output the gateway settings screen.
153		*/
154		public function admin_options() {
155		echo '<h2>' . esc_html( $this->get_method_title() ) . '</h2>';
156		echo wp_kses_post( wpautop( $this->get_method_description() ) );
157		parent::admin_options();
158		}
159
160		/**
161		* Init settings for gateways.
162		*/
163		public function init_settings() {
164		parent::init_settings();
165		$this->enabled = ! empty( $this->settings['enabled'] ) && 'yes' === $this->settings['enabled'] ? 'yes' : 'no';
166		}
167
168		/**
169		* Get the return url (thank you page).
170		*
171		* @param WC_Order $order
172		* @return string
173		*/
174		public function get_return_url( $order = null ) {
175		if ( $order ) {
176		$return_url = $order->get_checkout_order_received_url();
177		} else {
178		$return_url = wc_get_endpoint_url( 'order-received', '', wc_get_page_permalink( 'checkout' ) );
179		}
180
181	View Code Duplication	if ( is_ssl() \|\| get_option('woocommerce_force_ssl_checkout') == 'yes' ) {
		0 ignored issues – show Duplication introduced 2015-11-21 02:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
182		$return_url = str_replace( 'http:', 'https:', $return_url );
183		}
184
185		return apply_filters( 'woocommerce_get_return_url', $return_url, $order );
186		}
187
188		/**
189		* Get a link to the transaction on the 3rd party gateway size (if applicable).
190		*
191		* @param WC_Order $order the order object.
192		* @return string transaction URL, or empty string.
193		*/
194		public function get_transaction_url( $order ) {
195
196		$return_url = '';
197		$transaction_id = $order->get_transaction_id();
198
199		if ( ! empty( $this->view_transaction_url ) && ! empty( $transaction_id ) ) {
200		$return_url = sprintf( $this->view_transaction_url, $transaction_id );
201		}
202
203		return apply_filters( 'woocommerce_get_transaction_url', $return_url, $order, $this );
204		}
205
206		/**
207		* Get the order total in checkout and pay_for_order.
208		*
209		* @return float
210		*/
211		protected function get_order_total() {
212
213		$total = 0;
214		$order_id = absint( get_query_var( 'order-pay' ) );
215
216		// Gets order total from "pay for order" page.
217		if ( 0 < $order_id ) {
218		$order = wc_get_order( $order_id );
219		$total = (float) $order->get_total();
220
221		// Gets order total from cart/checkout.
222		} elseif ( 0 < WC()->cart->total ) {
223		$total = (float) WC()->cart->total;
224		}
225
226		return $total;
227		}
228
229		/**
230		* Check if the gateway is available for use.
231		*
232		* @return bool
233		*/
234		public function is_available() {
235		$is_available = ( 'yes' === $this->enabled );
236
237		if ( WC()->cart && 0 < $this->get_order_total() && 0 < $this->max_amount && $this->max_amount < $this->get_order_total() ) {
238		$is_available = false;
239		}
240
241		return $is_available;
242		}
243
244		/**
245		* Check if the gateway has fields on the checkout.
246		*
247		* @return bool
248		*/
249		public function has_fields() {
250		return $this->has_fields ? true : false;
251		}
252
253		/**
254		* Return the gateway's title.
255		*
256		* @return string
257		*/
258		public function get_title() {
259		return apply_filters( 'woocommerce_gateway_title', $this->title, $this->id );
260		}
261
262		/**
263		* Return the gateway's description.
264		*
265		* @return string
266		*/
267		public function get_description() {
268		return apply_filters( 'woocommerce_gateway_description', $this->description, $this->id );
269		}
270
271		/**
272		* Return the gateway's icon.
273		*
274		* @return string
275		*/
276		public function get_icon() {
277
278		$icon = $this->icon ? '<img src="' . WC_HTTPS::force_https_url( $this->icon ) . '" alt="' . esc_attr( $this->get_title() ) . '" />' : '';
279
280		return apply_filters( 'woocommerce_gateway_icon', $icon, $this->id );
281		}
282
283		/**
284		* Set as current gateway.
285		*
286		* Set this as the current gateway.
287		*/
288		public function set_current() {
289		$this->chosen = true;
290		}
291
292		/**
293		* Process Payment.
294		*
295		* Process the payment. Override this in your gateway. When implemented, this should.
296		* return the success and redirect in an array. e.g:
297		*
298		* return array(
299		* 'result' => 'success',
300		* 'redirect' => $this->get_return_url( $order )
301		* );
302		*
303		* @param int $order_id
304		* @return array
305		*/
306		public function process_payment( $order_id ) {
307		return array();
308		}
309
310		/**
311		* Process refund.
312		*
313		* If the gateway declares 'refunds' support, this will allow it to refund.
314		* a passed in amount.
315		*
316		* @param int $order_id
317		* @param float $amount
318		* @param string $reason
319		* @return boolean True or false based on success, or a WP_Error object.
320		*/
321		public function process_refund( $order_id, $amount = null, $reason = '' ) {
322		return false;
323		}
324
325		/**
326		* Validate frontend fields.
327		*
328		* Validate payment fields on the frontend.
329		*
330		* @return bool
331		*/
332		public function validate_fields() { return true; }
333
334		/**
335		* If There are no payment fields show the description if set.
336		* Override this in your gateway if you have some.
337		*/
338		public function payment_fields() {
339		if ( $description = $this->get_description() ) {
340		echo wpautop( wptexturize( $description ) );
341		}
342
343		if ( $this->supports( 'default_credit_card_form' ) ) {
344		$this->credit_card_form(); // Deprecated, will be removed in a future version.
345		}
346		}
347
348		/**
349		* Check if a gateway supports a given feature.
350		*
351		* Gateways should override this to declare support (or lack of support) for a feature.
352		* For backward compatibility, gateways support 'products' by default, but nothing else.
353		*
354		* @param string $feature string The name of a feature to test support for.
355		* @return bool True if the gateway supports the feature, false otherwise.
356		* @since 1.5.7
357		*/
358		public function supports( $feature ) {
359		return apply_filters( 'woocommerce_payment_gateway_supports', in_array( $feature, $this->supports ) ? true : false, $feature, $this );
360		}
361
362		/**
363		* Core credit card form which gateways can used if needed. Deprecated - inheirt WC_Payment_Gateway_CC instead.
364		* @param array $args
365		* @param array $fields
366		*/
367		public function credit_card_form( $args = array(), $fields = array() ) {
		0 ignored issues – show Unused Code introduced 2016-03-01 17:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$args` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2016-03-01 17:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$fields` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
368		_deprecated_function( 'credit_card_form', '2.6', 'WC_Payment_Gateway_CC->form' );
369		$cc_form = new WC_Payment_Gateway_CC;
370		$cc_form->id = $this->id;
371		$cc_form->supports = $this->supports;
372		$cc_form->form();
373		}
374
375		/**
376		* Enqueues our tokenization script to handle some of the new form options.
377		* @since 2.6.0
378		*/
379		public function tokenization_script() {
380		wp_enqueue_script(
381		'woocommerce-tokenization-form',
382		plugins_url( '/assets/js/frontend/tokenization-form' . ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min' ) . '.js', WC_PLUGIN_FILE ),
383		array( 'jquery' ),
384		WC()->version
385		);
386		}
387
388		/**
389		* Grab and display our saved payment methods.
390		* @since 2.6.0
391		*/
392		public function saved_payment_methods() {
393		$html = '<ul class="woocommerce-SavedPaymentMethods wc-saved-payment-methods" data-count="' . esc_attr( count( $this->get_tokens() ) ) . '">';
394
395		foreach ( $this->get_tokens() as $token ) {
396		$html .= $this->get_saved_payment_method_option_html( $token );
397		}
398
399		$html .= $this->get_new_payment_method_option_html();
400		$html .= '</ul>';
401
402		echo apply_filters( 'wc_payment_gateway_form_saved_payment_methods_html', $html, $this );
403		}
404
405		/**
406		* Gets saved payment method HTML from a token.
407		* @since 2.6.0
408		* @param WC_Payment_Token $token Payment Token
409		* @return string Generated payment method HTML
410		*/
411		public function get_saved_payment_method_option_html( $token ) {
412		$html = sprintf(
413		'<li class="woocommerce-SavedPaymentMethods-token">
414		<input id="wc-%1$s-payment-token-%2$s" type="radio" name="wc-%1$s-payment-token" value="%2$s" style="width:auto;" class="woocommerce-SavedPaymentMethods-tokenInput" %4$s />
415		<label for="wc-%1$s-payment-token-%2$s">%3$s</label>
416		</li>',
417		esc_attr( $this->id ),
418		esc_attr( $token->get_id() ),
419		esc_html( $token->get_display_name() ),
420		checked( $token->is_default(), true, false )
421		);
422
423		return apply_filters( 'woocommerce_payment_gateway_get_saved_payment_method_option_html', $html, $token, $this );
424		}
425
426		/**
427		* Displays a radio button for entering a new payment method (new CC details) instead of using a saved method.
428		* Only displayed when a gateway supports tokenization.
429		* @since 2.6.0
430		*/
431		public function get_new_payment_method_option_html() {
432		$label = apply_filters( 'woocommerce_payment_gateway_get_new_payment_method_option_html_label', $this->new_method_label ? $this->new_method_label : __( 'Use a new payment method', 'woocommerce' ), $this );
433		$html = sprintf(
434		'<li class="woocommerce-SavedPaymentMethods-new">
435		<input id="wc-%1$s-payment-token-new" type="radio" name="wc-%1$s-payment-token" value="new" style="width:auto;" class="woocommerce-SavedPaymentMethods-tokenInput" />
436		<label for="wc-%1$s-payment-token-new">%2$s</label>
437		</li>',
438		esc_attr( $this->id ),
439		esc_html( $label )
440		);
441
442		return apply_filters( 'woocommerce_payment_gateway_get_new_payment_method_option_html', $html, $this );
443		}
444
445		/**
446		* Outputs a checkbox for saving a new payment method to the database.
447		* @since 2.6.0
448		*/
449		public function save_payment_method_checkbox() {
450		echo sprintf(
451		'<p class="form-row woocommerce-SavedPaymentMethods-saveNew">
452		<input id="wc-%1$s-new-payment-method" name="wc-%1$s-new-payment-method" type="checkbox" value="true" style="width:auto;" />
453		<label for="wc-%1$s-new-payment-method" style="display:inline;">%2$s</label>
454		</p>',
455		esc_attr( $this->id ),
456		esc_html__( 'Save to Account', 'woocommerce' )
457		);
458		}
459		}
460

woothemes / woocommerce

Issues (1182)

Security Analysis not enabled

includes/abstracts/abstract-wc-payment-gateway.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like