Issues in class-wc-shipping.php (master) - Issues in master - woothemes/woocommerce - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1182)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/class-wc-shipping.php (5 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * WooCommerce Shipping Class
 *
 * Handles shipping and loads shipping methods via hooks.
 *
 * @class 		WC_Shipping
 * @version		2.6.0
 * @package		WooCommerce/Classes/Shipping
 * @category	Class
 * @author 		WooThemes
 */

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * WC_Shipping
 */
class WC_Shipping {

	/** @var bool True if shipping is enabled. */
	public $enabled					 = false;

	/** @var array|null Stores methods loaded into woocommerce. */
	public $shipping_methods         = null;

	/** @var float Stores the cost of shipping */
	public $shipping_total 			 = 0;

	/** @var array Stores an array of shipping taxes. */
	public $shipping_taxes			 = array();

	/** @var array Stores the shipping classes. */
	public $shipping_classes		 = array();

	/** @var array Stores packages to ship and to get quotes for. */
	public $packages				 = array();

	/**
	 * @var WC_Shipping The single instance of the class
	 * @since 2.1
	 */
	protected static $_instance = null;

	/**
	 * Main WC_Shipping Instance.
	 *
	 * Ensures only one instance of WC_Shipping is loaded or can be loaded.
	 *
	 * @since 2.1
	 * @static
	 * @return WC_Shipping Main instance
	 */
	public static function instance() {
		if ( is_null( self::$_instance ) ) {
			self::$_instance = new self();
		}
		return self::$_instance;
	}

	/**
	 * Cloning is forbidden.
	 *
	 * @since 2.1
	 */
	public function __clone() {
		_doing_it_wrong( __FUNCTION__, __( 'Cheatin&#8217; huh?', 'woocommerce' ), '2.1' );
	}

	/**
	 * Unserializing instances of this class is forbidden.
	 *
	 * @since 2.1
	 */
	public function __wakeup() {
		_doing_it_wrong( __FUNCTION__, __( 'Cheatin&#8217; huh?', 'woocommerce' ), '2.1' );
	}

	/**
	 * Initialize shipping.
	 */
	public function __construct() {
		$this->enabled = wc_shipping_enabled();

		if ( $this->enabled ) {
			$this->init();
		}
	}

    /**
     * Initialize shipping.
     */
    public function init() {
		do_action( 'woocommerce_shipping_init' );
	}

	/**
	 * Shipping methods register themselves by returning their main class name through the woocommerce_shipping_methods filter.
	 * @return array
	 */
	public function get_shipping_method_class_names() {
		// Unique Method ID => Method Class name
		$shipping_methods = array(
			'flat_rate'     => 'WC_Shipping_Flat_Rate',
			'free_shipping' => 'WC_Shipping_Free_Shipping',
			'local_pickup'  => 'WC_Shipping_Local_Pickup',
		);

		// For backwards compatibility with 2.5.x we load any ENABLED legacy shipping methods here
		$maybe_load_legacy_methods = array( 'flat_rate', 'free_shipping', 'international_delivery', 'local_delivery', 'local_pickup' );

		foreach ( $maybe_load_legacy_methods as $method ) {
			$options = get_option( 'woocommerce_' . $method . '_settings' );
			if ( $options && isset( $options['enabled'] ) && 'yes' === $options['enabled'] ) {
				$shipping_methods[ 'legacy_' . $method ] = 'WC_Shipping_Legacy_' . $method;
			}
		}

		return apply_filters( 'woocommerce_shipping_methods', $shipping_methods );
	}

	/**
	 * Loads all shipping methods which are hooked in. If a $package is passed some methods may add themselves conditionally.
	 *
	 * Loads all shipping methods which are hooked in.
	 * If a $package is passed some methods may add themselves conditionally and zones will be used.
	 *
	 * @param array $package
	 * @return array
	 */
	public function load_shipping_methods( $package = array() ) {
		if ( $package ) {

			$shipping_zone          = WC_Shipping_Zones::get_zone_matching_package( $package );
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
			$this->shipping_methods = $shipping_zone->get_shipping_methods( true );
		} else {
			$this->shipping_methods = array();
		}

		// For the settings in the backend, and for non-shipping zone methods, we still need to load any registered classes here.
		foreach ( $this->get_shipping_method_class_names() as $method_id => $method_class ) {
			$this->register_shipping_method( $method_class );
		}

		// Methods can register themselves manually through this hook if necessary.
		do_action( 'woocommerce_load_shipping_methods', $package );

		// Return loaded methods
		return $this->get_shipping_methods();
	}

	/**
	 * Register a shipping method.
	 *
	 * @param object|string $method Either the name of the method's class, or an instance of the method's class.
	 */
	public function register_shipping_method( $method ) {
		if ( ! is_object( $method ) ) {
			if ( ! class_exists( $method ) ) {
				return false;
			}
			$method = new $method();
		}
		$this->shipping_methods[ $method->id ] = $method;
	}

	/**
	 * Unregister shipping methods.
	 */
	public function unregister_shipping_methods() {
		$this->shipping_methods = null;
	}

	/**
	 * Returns all registered shipping methods for usage.
	 *
	 * @access public
	 * @return array
	 */
	public function get_shipping_methods() {
		if ( is_null( $this->shipping_methods ) ) {
			$this->load_shipping_methods();
		}
		return $this->shipping_methods;
	}

	/**
	 * Get an array of shipping classes.
	 *
	 * @access public
	 * @return array
	 */
	public function get_shipping_classes() {
		if ( empty( $this->shipping_classes ) ) {
			$classes                = get_terms( 'product_shipping_class', array( 'hide_empty' => '0', 'orderby' => 'name' ) );
			$this->shipping_classes = ! is_wp_error( $classes ) ? $classes : array();
		}
		return apply_filters( 'woocommerce_get_shipping_classes', $this->shipping_classes );
	}

	/**
	 * Get the default method.
	 * @param  array  $available_methods
	 * @param  boolean $current_chosen_method
	 * @return string
	 */
	private function get_default_method( $available_methods, $current_chosen_method = false ) {
		if ( ! empty( $available_methods ) ) {
			if ( ! empty( $current_chosen_method ) ) {
				if ( isset( $available_methods[ $current_chosen_method ] ) ) {
					return $available_methods[ $current_chosen_method ]->id;
				} else {
					foreach ( $available_methods as $method_key => $method ) {
						if ( strpos( $method->id, $current_chosen_method ) === 0 ) {
							return $method->id;
						}
					}
				}
			}
			return current( $available_methods )->id;
		}
		return '';
	}

	/**
	 * Calculate shipping for (multiple) packages of cart items.
	 *
	 * @param array $packages multi-dimensional array of cart items to calc shipping for
	 */
	public function calculate_shipping( $packages = array() ) {
		$this->shipping_total = null;
		$this->shipping_taxes = array();
		$this->packages       = array();

		if ( ! $this->enabled || empty( $packages ) ) {
			return;
		}

		// Calculate costs for passed packages
		foreach ( $packages as $package_key => $package ) {
			$this->packages[ $package_key ] = $this->calculate_shipping_for_package( $package, $package_key );
		}

		/**
		 * Allow packages to be reorganized after calculate the shipping.
		 *
		 * This filter can be used to apply some extra manipulation after the shipping costs are calculated for the packages
		 * but before Woocommerce does anything with them. A good example of usage is to merge the shipping methods for multiple
		 * packages for marketplaces.
		 *
		 * @since 2.6.0
		 *
		 * @param array $packages The array of packages after shipping costs are calculated.
		 */
		$this->packages = apply_filters( 'woocommerce_shipping_packages', $this->packages );

		if ( ! is_array( $this->packages ) || empty( $this->packages ) ) {
			return;
		}

		// Get all chosen methods
		$chosen_methods = WC()->session->get( 'chosen_shipping_methods' );
		$method_counts  = WC()->session->get( 'shipping_method_counts' );

		// Get chosen methods for each package
		foreach ( $this->packages as $i => $package ) {
			$chosen_method    = false;
			$method_count     = false;

			if ( ! empty( $chosen_methods[ $i ] ) ) {
				$chosen_method = $chosen_methods[ $i ];
			}

			if ( ! empty( $method_counts[ $i ] ) ) {
				$method_count = absint( $method_counts[ $i ] );
			}

			if ( sizeof( $package['rates'] ) > 0 ) {

				// If not set, not available, or available methods have changed, set to the DEFAULT option
				if ( empty( $chosen_method ) || ! isset( $package['rates'][ $chosen_method ] ) || $method_count !== sizeof( $package['rates'] ) ) {
					$chosen_method        = apply_filters( 'woocommerce_shipping_chosen_method', $this->get_default_method( $package['rates'], $chosen_method ), $package['rates'], $chosen_method );
					$chosen_methods[ $i ] = $chosen_method;
					$method_counts[ $i ]  = sizeof( $package['rates'] );
					do_action( 'woocommerce_shipping_method_chosen', $chosen_method );
				}

				// Store total costs
				if ( $chosen_method ) {
					$rate = $package['rates'][ $chosen_method ];

					// Merge cost and taxes - label and ID will be the same
					$this->shipping_total += $rate->cost;

					if ( ! empty( $rate->taxes ) && is_array( $rate->taxes ) ) {
						foreach ( array_keys( $this->shipping_taxes + $rate->taxes ) as $key ) {

							$this->shipping_taxes[ $key ] = ( isset( $rate->taxes[$key] ) ? $rate->taxes[$key] : 0 ) + ( isset( $this->shipping_taxes[$key] ) ? $this->shipping_taxes[$key] : 0 );
						}
					}
				}
			}
		}

		// Save all chosen methods (array)
		WC()->session->set( 'chosen_shipping_methods', $chosen_methods );
		WC()->session->set( 'shipping_method_counts', $method_counts );
	}

	/**
	 * Calculate shipping rates for a package,
	 *
	 * Calculates each shipping methods cost. Rates are stored in the session based on the package hash to avoid re-calculation every page load.
	 *
	 * @param array $package cart items
	 * @param int   $package_key Index of the package being calculated. Used to cache multiple package rates.
	 * @return array
	 */
	public function calculate_shipping_for_package( $package = array(), $package_key = 0 ) {
		if ( ! $this->enabled || ! $package ) {

			return false;
		}

		// Check if we need to recalculate shipping for this package
		$package_hash   = 'wc_ship_' . md5( json_encode( $package ) . WC_Cache_Helper::get_transient_version( 'shipping' ) );
		$status_options = get_option( 'woocommerce_status_options', array() );
		$session_key    = 'shipping_for_package_' . $package_key;
		$stored_rates   = WC()->session->get( $session_key );

		if ( ! is_array( $stored_rates ) || $package_hash !== $stored_rates['package_hash'] || ! empty( $status_options['shipping_debug_mode'] ) ) {
			// Calculate shipping method rates
			$package['rates'] = array();

			foreach ( $this->load_shipping_methods( $package ) as $shipping_method ) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
				// Shipping instances need an ID
				if ( ! $shipping_method->supports( 'shipping-zones' ) || $shipping_method->get_instance_id() ) {
					$package['rates'] = $package['rates'] + $shipping_method->get_rates_for_package( $package ); // + instead of array_merge maintains numeric keys
				}
			}

			// Filter the calculated rates
			$package['rates'] = apply_filters( 'woocommerce_package_rates', $package['rates'], $package );

			// Store in session to avoid recalculation
			WC()->session->set( $session_key, array(
				'package_hash' => $package_hash,
				'rates'        => $package['rates']
			) );
		} else {
			$package['rates'] = $stored_rates['rates'];
		}

		return $package;
	}

	/**
	 * Get packages.
	 * @return array
	 */
	public function get_packages() {
		return $this->packages;
	}

	/**
	 * Reset shipping.
	 *
	 * Reset the totals for shipping as a whole.
	 */
	public function reset_shipping() {
		unset( WC()->session->chosen_shipping_methods );
		$this->shipping_total = null;
		$this->shipping_taxes = array();
		$this->packages = array();
	}

	/**
	 * @deprecated 2.6.0 Was previously used to determine sort order of methods, but this is now controlled by zones and thus unused.
	 */
	public function sort_shipping_methods() {
		_deprecated_function( 'sort_shipping_methods', '2.6', '' );
		return $this->shipping_methods;
	}
}


1		<?php
2		/**
3		* WooCommerce Shipping Class
4		*
5		* Handles shipping and loads shipping methods via hooks.
6		*
7		* @class WC_Shipping
8		* @version 2.6.0
9		* @package WooCommerce/Classes/Shipping
10		* @category Class
11		* @author WooThemes
12		*/
13
14		if ( ! defined( 'ABSPATH' ) ) {
15		exit;
16		}
17
18		/**
19		* WC_Shipping
20		*/
21		class WC_Shipping {
22
23		/** @var bool True if shipping is enabled. */
24		public $enabled = false;
25
26		/** @var array\|null Stores methods loaded into woocommerce. */
27		public $shipping_methods = null;
28
29		/** @var float Stores the cost of shipping */
30		public $shipping_total = 0;
31
32		/** @var array Stores an array of shipping taxes. */
33		public $shipping_taxes = array();
34
35		/** @var array Stores the shipping classes. */
36		public $shipping_classes = array();
37
38		/** @var array Stores packages to ship and to get quotes for. */
39		public $packages = array();
40
41		/**
42		* @var WC_Shipping The single instance of the class
43		* @since 2.1
44		*/
45		protected static $_instance = null;
46
47		/**
48		* Main WC_Shipping Instance.
49		*
50		* Ensures only one instance of WC_Shipping is loaded or can be loaded.
51		*
52		* @since 2.1
53		* @static
54		* @return WC_Shipping Main instance
55		*/
56		public static function instance() {
57		if ( is_null( self::$_instance ) ) {
58		self::$_instance = new self();
59		}
60		return self::$_instance;
61		}
62
63		/**
64		* Cloning is forbidden.
65		*
66		* @since 2.1
67		*/
68		public function __clone() {
69		_doing_it_wrong( __FUNCTION__, __( 'Cheatin’ huh?', 'woocommerce' ), '2.1' );
70		}
71
72		/**
73		* Unserializing instances of this class is forbidden.
74		*
75		* @since 2.1
76		*/
77		public function __wakeup() {
78		_doing_it_wrong( __FUNCTION__, __( 'Cheatin’ huh?', 'woocommerce' ), '2.1' );
79		}
80
81		/**
82		* Initialize shipping.
83		*/
84		public function __construct() {
85		$this->enabled = wc_shipping_enabled();
86
87		if ( $this->enabled ) {
88		$this->init();
89		}
90		}
91
92		/**
93		* Initialize shipping.
94		*/
95		public function init() {
96		do_action( 'woocommerce_shipping_init' );
97		}
98
99		/**
100		* Shipping methods register themselves by returning their main class name through the woocommerce_shipping_methods filter.
101		* @return array
102		*/
103		public function get_shipping_method_class_names() {
104		// Unique Method ID => Method Class name
105		$shipping_methods = array(
106		'flat_rate' => 'WC_Shipping_Flat_Rate',
107		'free_shipping' => 'WC_Shipping_Free_Shipping',
108		'local_pickup' => 'WC_Shipping_Local_Pickup',
109		);
110
111		// For backwards compatibility with 2.5.x we load any ENABLED legacy shipping methods here
112		$maybe_load_legacy_methods = array( 'flat_rate', 'free_shipping', 'international_delivery', 'local_delivery', 'local_pickup' );
113
114		foreach ( $maybe_load_legacy_methods as $method ) {
115		$options = get_option( 'woocommerce_' . $method . '_settings' );
116		if ( $options && isset( $options['enabled'] ) && 'yes' === $options['enabled'] ) {
117		$shipping_methods[ 'legacy_' . $method ] = 'WC_Shipping_Legacy_' . $method;
118		}
119		}
120
121		return apply_filters( 'woocommerce_shipping_methods', $shipping_methods );
122		}
123
124		/**
125		* Loads all shipping methods which are hooked in. If a $package is passed some methods may add themselves conditionally.
126		*
127		* Loads all shipping methods which are hooked in.
128		* If a $package is passed some methods may add themselves conditionally and zones will be used.
129		*
130		* @param array $package
131		* @return array
132		*/
133		public function load_shipping_methods( $package = array() ) {
134		if ( $package ) {
		0 ignored issues – show Bug Best Practice introduced 2015-12-15 16:38 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$package` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
135		$shipping_zone = WC_Shipping_Zones::get_zone_matching_package( $package );
		0 ignored issues – show Documentation introduced 2015-12-15 16:38 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$package` is of type `array`, but the function expects a `object`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
136		$this->shipping_methods = $shipping_zone->get_shipping_methods( true );
137		} else {
138		$this->shipping_methods = array();
139		}
140
141		// For the settings in the backend, and for non-shipping zone methods, we still need to load any registered classes here.
142		foreach ( $this->get_shipping_method_class_names() as $method_id => $method_class ) {
143		$this->register_shipping_method( $method_class );
144		}
145
146		// Methods can register themselves manually through this hook if necessary.
147		do_action( 'woocommerce_load_shipping_methods', $package );
148
149		// Return loaded methods
150		return $this->get_shipping_methods();
151		}
152
153		/**
154		* Register a shipping method.
155		*
156		* @param object\|string $method Either the name of the method's class, or an instance of the method's class.
157		*/
158		public function register_shipping_method( $method ) {
159		if ( ! is_object( $method ) ) {
160		if ( ! class_exists( $method ) ) {
161		return false;
162		}
163		$method = new $method();
164		}
165		$this->shipping_methods[ $method->id ] = $method;
166		}
167
168		/**
169		* Unregister shipping methods.
170		*/
171		public function unregister_shipping_methods() {
172		$this->shipping_methods = null;
173		}
174
175		/**
176		* Returns all registered shipping methods for usage.
177		*
178		* @access public
179		* @return array
180		*/
181		public function get_shipping_methods() {
182		if ( is_null( $this->shipping_methods ) ) {
183		$this->load_shipping_methods();
184		}
185		return $this->shipping_methods;
186		}
187
188		/**
189		* Get an array of shipping classes.
190		*
191		* @access public
192		* @return array
193		*/
194		public function get_shipping_classes() {
195		if ( empty( $this->shipping_classes ) ) {
196		$classes = get_terms( 'product_shipping_class', array( 'hide_empty' => '0', 'orderby' => 'name' ) );
197		$this->shipping_classes = ! is_wp_error( $classes ) ? $classes : array();
198		}
199		return apply_filters( 'woocommerce_get_shipping_classes', $this->shipping_classes );
200		}
201
202		/**
203		* Get the default method.
204		* @param array $available_methods
205		* @param boolean $current_chosen_method
206		* @return string
207		*/
208		private function get_default_method( $available_methods, $current_chosen_method = false ) {
209		if ( ! empty( $available_methods ) ) {
210		if ( ! empty( $current_chosen_method ) ) {
211		if ( isset( $available_methods[ $current_chosen_method ] ) ) {
212		return $available_methods[ $current_chosen_method ]->id;
213		} else {
214		foreach ( $available_methods as $method_key => $method ) {
215		if ( strpos( $method->id, $current_chosen_method ) === 0 ) {
216		return $method->id;
217		}
218		}
219		}
220		}
221		return current( $available_methods )->id;
222		}
223		return '';
224		}
225
226		/**
227		* Calculate shipping for (multiple) packages of cart items.
228		*
229		* @param array $packages multi-dimensional array of cart items to calc shipping for
230		*/
231		public function calculate_shipping( $packages = array() ) {
232		$this->shipping_total = null;
233		$this->shipping_taxes = array();
234		$this->packages = array();
235
236		if ( ! $this->enabled \|\| empty( $packages ) ) {
237		return;
238		}
239
240		// Calculate costs for passed packages
241		foreach ( $packages as $package_key => $package ) {
242		$this->packages[ $package_key ] = $this->calculate_shipping_for_package( $package, $package_key );
243		}
244
245		/**
246		* Allow packages to be reorganized after calculate the shipping.
247		*
248		* This filter can be used to apply some extra manipulation after the shipping costs are calculated for the packages
249		* but before Woocommerce does anything with them. A good example of usage is to merge the shipping methods for multiple
250		* packages for marketplaces.
251		*
252		* @since 2.6.0
253		*
254		* @param array $packages The array of packages after shipping costs are calculated.
255		*/
256		$this->packages = apply_filters( 'woocommerce_shipping_packages', $this->packages );
257
258		if ( ! is_array( $this->packages ) \|\| empty( $this->packages ) ) {
259		return;
260		}
261
262		// Get all chosen methods
263		$chosen_methods = WC()->session->get( 'chosen_shipping_methods' );
264		$method_counts = WC()->session->get( 'shipping_method_counts' );
265
266		// Get chosen methods for each package
267		foreach ( $this->packages as $i => $package ) {
268		$chosen_method = false;
269		$method_count = false;
270
271		if ( ! empty( $chosen_methods[ $i ] ) ) {
272		$chosen_method = $chosen_methods[ $i ];
273		}
274
275		if ( ! empty( $method_counts[ $i ] ) ) {
276		$method_count = absint( $method_counts[ $i ] );
277		}
278
279		if ( sizeof( $package['rates'] ) > 0 ) {
280
281		// If not set, not available, or available methods have changed, set to the DEFAULT option
282		if ( empty( $chosen_method ) \|\| ! isset( $package['rates'][ $chosen_method ] ) \|\| $method_count !== sizeof( $package['rates'] ) ) {
283		$chosen_method = apply_filters( 'woocommerce_shipping_chosen_method', $this->get_default_method( $package['rates'], $chosen_method ), $package['rates'], $chosen_method );
284		$chosen_methods[ $i ] = $chosen_method;
285		$method_counts[ $i ] = sizeof( $package['rates'] );
286		do_action( 'woocommerce_shipping_method_chosen', $chosen_method );
287		}
288
289		// Store total costs
290		if ( $chosen_method ) {
291		$rate = $package['rates'][ $chosen_method ];
292
293		// Merge cost and taxes - label and ID will be the same
294		$this->shipping_total += $rate->cost;
295
296		if ( ! empty( $rate->taxes ) && is_array( $rate->taxes ) ) {
297	View Code Duplication	foreach ( array_keys( $this->shipping_taxes + $rate->taxes ) as $key ) {
		0 ignored issues – show Duplication introduced 2015-11-21 02:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
298		$this->shipping_taxes[ $key ] = ( isset( $rate->taxes[$key] ) ? $rate->taxes[$key] : 0 ) + ( isset( $this->shipping_taxes[$key] ) ? $this->shipping_taxes[$key] : 0 );
299		}
300		}
301		}
302		}
303		}
304
305		// Save all chosen methods (array)
306		WC()->session->set( 'chosen_shipping_methods', $chosen_methods );
307		WC()->session->set( 'shipping_method_counts', $method_counts );
308		}
309
310		/**
311		* Calculate shipping rates for a package,
312		*
313		* Calculates each shipping methods cost. Rates are stored in the session based on the package hash to avoid re-calculation every page load.
314		*
315		* @param array $package cart items
316		* @param int $package_key Index of the package being calculated. Used to cache multiple package rates.
317		* @return array
318		*/
319		public function calculate_shipping_for_package( $package = array(), $package_key = 0 ) {
320		if ( ! $this->enabled \|\| ! $package ) {
		0 ignored issues – show Bug Best Practice introduced 2015-11-22 00:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$package` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
321		return false;
322		}
323
324		// Check if we need to recalculate shipping for this package
325		$package_hash = 'wc_ship_' . md5( json_encode( $package ) . WC_Cache_Helper::get_transient_version( 'shipping' ) );
326		$status_options = get_option( 'woocommerce_status_options', array() );
327		$session_key = 'shipping_for_package_' . $package_key;
328		$stored_rates = WC()->session->get( $session_key );
329
330		if ( ! is_array( $stored_rates ) \|\| $package_hash !== $stored_rates['package_hash'] \|\| ! empty( $status_options['shipping_debug_mode'] ) ) {
331		// Calculate shipping method rates
332		$package['rates'] = array();
333
334		foreach ( $this->load_shipping_methods( $package ) as $shipping_method ) {
		0 ignored issues – show Bug introduced 2015-12-15 16:38 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$this->load_shipping_methods($package)` of type `null\|array` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
335		// Shipping instances need an ID
336		if ( ! $shipping_method->supports( 'shipping-zones' ) \|\| $shipping_method->get_instance_id() ) {
337		$package['rates'] = $package['rates'] + $shipping_method->get_rates_for_package( $package ); // + instead of array_merge maintains numeric keys
338		}
339		}
340
341		// Filter the calculated rates
342		$package['rates'] = apply_filters( 'woocommerce_package_rates', $package['rates'], $package );
343
344		// Store in session to avoid recalculation
345		WC()->session->set( $session_key, array(
346		'package_hash' => $package_hash,
347		'rates' => $package['rates']
348		) );
349		} else {
350		$package['rates'] = $stored_rates['rates'];
351		}
352
353		return $package;
354		}
355
356		/**
357		* Get packages.
358		* @return array
359		*/
360		public function get_packages() {
361		return $this->packages;
362		}
363
364		/**
365		* Reset shipping.
366		*
367		* Reset the totals for shipping as a whole.
368		*/
369		public function reset_shipping() {
370		unset( WC()->session->chosen_shipping_methods );
371		$this->shipping_total = null;
372		$this->shipping_taxes = array();
373		$this->packages = array();
374		}
375
376		/**
377		* @deprecated 2.6.0 Was previously used to determine sort order of methods, but this is now controlled by zones and thus unused.
378		*/
379		public function sort_shipping_methods() {
380		_deprecated_function( 'sort_shipping_methods', '2.6', '' );
381		return $this->shipping_methods;
382		}
383		}
384

woothemes / woocommerce

Issues (1182)

Security Analysis not enabled

includes/class-wc-shipping.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like