Issues in class-wc-gateway-paypal.php (master) - Issues in master - woothemes/woocommerce - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1182)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

gateways/paypal/class-wc-gateway-paypal.php (4 issues)

Labels

Severity

Minor 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * PayPal Standard Payment Gateway.
 *
 * Provides a PayPal Standard Payment Gateway.
 *
 * @class 		WC_Gateway_Paypal
 * @extends		WC_Payment_Gateway
 * @version		2.3.0
 * @package		WooCommerce/Classes/Payment
 * @author 		WooThemes
 */

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * WC_Gateway_Paypal Class.
 */
class WC_Gateway_Paypal extends WC_Payment_Gateway {

	/** @var bool Whether or not logging is enabled */
	public static $log_enabled = false;

	/** @var WC_Logger Logger instance */
	public static $log = false;

	/**
	 * Constructor for the gateway.
	 */
	public function __construct() {
		$this->id                 = 'paypal';
		$this->has_fields         = false;
		$this->order_button_text  = __( 'Proceed to PayPal', 'woocommerce' );
		$this->method_title       = __( 'PayPal', 'woocommerce' );
		$this->method_description = sprintf( __( 'PayPal standard sends customers to PayPal to enter their payment information. PayPal IPN requires fsockopen/cURL support to update order statuses after payment. Check the %ssystem status%s page for more details.', 'woocommerce' ), '<a href="' . admin_url( 'admin.php?page=wc-status' ) . '">', '</a>' );
		$this->supports           = array(
			'products',
			'refunds'
		);

		// Load the settings.
		$this->init_form_fields();
		$this->init_settings();

		// Define user set variables.
		$this->title          = $this->get_option( 'title' );
		$this->description    = $this->get_option( 'description' );
		$this->testmode       = 'yes' === $this->get_option( 'testmode', 'no' );
		$this->debug          = 'yes' === $this->get_option( 'debug', 'no' );
		$this->email          = $this->get_option( 'email' );
		$this->receiver_email = $this->get_option( 'receiver_email', $this->email );
		$this->identity_token = $this->get_option( 'identity_token' );

		self::$log_enabled    = $this->debug;

		add_action( 'woocommerce_update_options_payment_gateways_' . $this->id, array( $this, 'process_admin_options' ) );

		if ( ! $this->is_valid_for_use() ) {
			$this->enabled = 'no';
		} else {
			include_once( 'includes/class-wc-gateway-paypal-ipn-handler.php' );
			new WC_Gateway_Paypal_IPN_Handler( $this->testmode, $this->receiver_email );

			if ( $this->identity_token ) {
				include_once( 'includes/class-wc-gateway-paypal-pdt-handler.php' );
				new WC_Gateway_Paypal_PDT_Handler( $this->testmode, $this->identity_token );
			}
		}
	}

	/**
	 * Logging method.
	 * @param string $message
	 */
	public static function log( $message ) {
		if ( self::$log_enabled ) {
			if ( empty( self::$log ) ) {
				self::$log = new WC_Logger();
			}
			self::$log->add( 'paypal', $message );
		}
	}

	/**
	 * Get gateway icon.
	 * @return string
	 */
	public function get_icon() {
		$icon_html = '';
		$icon      = (array) $this->get_icon_image( WC()->countries->get_base_country() );

		foreach ( $icon as $i ) {
			$icon_html .= '<img src="' . esc_attr( $i ) . '" alt="' . esc_attr__( 'PayPal Acceptance Mark', 'woocommerce' ) . '" />';
		}

		$icon_html .= sprintf( '<a href="%1$s" class="about_paypal" onclick="javascript:window.open(\'%1$s\',\'WIPaypal\',\'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=1060, height=700\'); return false;" title="' . esc_attr__( 'What is PayPal?', 'woocommerce' ) . '">' . esc_attr__( 'What is PayPal?', 'woocommerce' ) . '</a>', esc_url( $this->get_icon_url( WC()->countries->get_base_country() ) ) );

		return apply_filters( 'woocommerce_gateway_icon', $icon_html, $this->id );
	}

	/**
	 * Get the link for an icon based on country.
	 * @param  string $country
	 * @return string
	 */
	protected function get_icon_url( $country ) {
		$url           = 'https://www.paypal.com/' . strtolower( $country );
		$home_counties = array( 'BE', 'CZ', 'DK', 'HU', 'IT', 'JP', 'NL', 'NO', 'ES', 'SE', 'TR');
		$countries     = array( 'DZ', 'AU', 'BH', 'BQ', 'BW', 'CA', 'CN', 'CW', 'FI', 'FR', 'DE', 'GR', 'HK', 'IN', 'ID', 'JO', 'KE', 'KW', 'LU', 'MY', 'MA', 'OM', 'PH', 'PL', 'PT', 'QA', 'IE', 'RU', 'BL', 'SX', 'MF', 'SA', 'SG', 'SK', 'KR', 'SS', 'TW', 'TH', 'AE', 'GB', 'US', 'VN' );

		if ( in_array( $country, $home_counties ) ) {
			return  $url . '/webapps/mpp/home';
		} else if ( in_array( $country, $countries ) ) {
			return $url . '/webapps/mpp/paypal-popup';
		} else {
			return $url . '/cgi-bin/webscr?cmd=xpt/Marketing/general/WIPaypal-outside';
		}
	}

	/**
	 * Get PayPal images for a country.
	 * @param  string $country
	 * @return array of image URLs
	 */
	protected function get_icon_image( $country ) {
		switch ( $country ) {
			case 'US' :
			case 'NZ' :
			case 'CZ' :
			case 'HU' :
			case 'MY' :
				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo/AM_mc_vs_dc_ae.jpg';
			break;
			case 'TR' :
				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_paypal_odeme_secenekleri.jpg';
			break;
			case 'GB' :
				$icon = 'https://www.paypalobjects.com/webstatic/mktg/Logo/AM_mc_vs_ms_ae_UK.png';
			break;
			case 'MX' :
				$icon = array(
					'https://www.paypal.com/es_XC/Marketing/i/banner/paypal_visa_mastercard_amex.png',
					'https://www.paypal.com/es_XC/Marketing/i/banner/paypal_debit_card_275x60.gif'
				);
			break;
			case 'FR' :
				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_paypal_moyens_paiement_fr.jpg';
			break;
			case 'AU' :
				$icon = 'https://www.paypalobjects.com/webstatic/en_AU/mktg/logo/Solutions-graphics-1-184x80.jpg';
			break;
			case 'DK' :
				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_PayPal_betalingsmuligheder_dk.jpg';
			break;
			case 'RU' :
				$icon = 'https://www.paypalobjects.com/webstatic/ru_RU/mktg/business/pages/logo-center/AM_mc_vs_dc_ae.jpg';
			break;
			case 'NO' :
				$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/banner_pl_just_pp_319x110.jpg';
			break;
			case 'CA' :
				$icon = 'https://www.paypalobjects.com/webstatic/en_CA/mktg/logo-image/AM_mc_vs_dc_ae.jpg';
			break;
			case 'HK' :
				$icon = 'https://www.paypalobjects.com/webstatic/en_HK/mktg/logo/AM_mc_vs_dc_ae.jpg';
			break;
			case 'SG' :
				$icon = 'https://www.paypalobjects.com/webstatic/en_SG/mktg/Logos/AM_mc_vs_dc_ae.jpg';
			break;
			case 'TW' :
				$icon = 'https://www.paypalobjects.com/webstatic/en_TW/mktg/logos/AM_mc_vs_dc_ae.jpg';
			break;
			case 'TH' :
				$icon = 'https://www.paypalobjects.com/webstatic/en_TH/mktg/Logos/AM_mc_vs_dc_ae.jpg';
			break;
			case 'JP' :
				$icon = 'https://www.paypal.com/ja_JP/JP/i/bnr/horizontal_solution_4_jcb.gif';
				break;
			default :
				$icon = WC_HTTPS::force_https_url( WC()->plugin_url() . '/includes/gateways/paypal/assets/images/paypal.png' );
			break;
		}
		return apply_filters( 'woocommerce_paypal_icon', $icon );
	}

	/**
	 * Check if this gateway is enabled and available in the user's country.
	 * @return bool
	 */
	public function is_valid_for_use() {
		return in_array( get_woocommerce_currency(), apply_filters( 'woocommerce_paypal_supported_currencies', array( 'AUD', 'BRL', 'CAD', 'MXN', 'NZD', 'HKD', 'SGD', 'USD', 'EUR', 'JPY', 'TRY', 'NOK', 'CZK', 'DKK', 'HUF', 'ILS', 'MYR', 'PHP', 'PLN', 'SEK', 'CHF', 'TWD', 'THB', 'GBP', 'RMB', 'RUB' ) ) );
	}

	/**
	 * Admin Panel Options.
	 * - Options for bits like 'title' and availability on a country-by-country basis.
	 *
	 * @since 1.0.0
	 */
	public function admin_options() {
		if ( $this->is_valid_for_use() ) {
			parent::admin_options();
		} else {
			?>
			<div class="inline error"><p><strong><?php _e( 'Gateway Disabled', 'woocommerce' ); ?></strong>: <?php _e( 'PayPal does not support your store currency.', 'woocommerce' ); ?></p></div>
			<?php
		}
	}

	/**
	 * Initialise Gateway Settings Form Fields.
	 */
	public function init_form_fields() {
		$this->form_fields = include( 'includes/settings-paypal.php' );
	}

	/**
	 * Get the transaction URL.
	 * @param  WC_Order $order
	 * @return string
	 */
	public function get_transaction_url( $order ) {
		if ( $this->testmode ) {
			$this->view_transaction_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_view-a-trans&id=%s';
		} else {
			$this->view_transaction_url = 'https://www.paypal.com/cgi-bin/webscr?cmd=_view-a-trans&id=%s';
		}
		return parent::get_transaction_url( $order );
	}

	/**
	 * Process the payment and return the result.
	 * @param  int $order_id
	 * @return array
	 */
	public function process_payment( $order_id ) {
		include_once( 'includes/class-wc-gateway-paypal-request.php' );

		$order          = wc_get_order( $order_id );
		$paypal_request = new WC_Gateway_Paypal_Request( $this );

		return array(
			'result'   => 'success',
			'redirect' => $paypal_request->get_request_url( $order, $this->testmode )
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
		);
	}

	/**
	 * Can the order be refunded via PayPal?
	 * @param  WC_Order $order
	 * @return bool
	 */
	public function can_refund_order( $order ) {
		return $order && $order->get_transaction_id();
	}

	/**
	 * Process a refund if supported.
	 * @param  int    $order_id
	 * @param  float  $amount
	 * @param  string $reason
	 * @return bool True or false based on success, or a WP_Error object
	 */
	public function process_refund( $order_id, $amount = null, $reason = '' ) {
		$order = wc_get_order( $order_id );

		if ( ! $this->can_refund_order( $order ) ) {
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
			$this->log( 'Refund Failed: No transaction ID' );
			return new WP_Error( 'error', __( 'Refund Failed: No transaction ID', 'woocommerce' ) );
		}

		include_once( 'includes/class-wc-gateway-paypal-refund.php' );

		WC_Gateway_Paypal_Refund::$api_username  = $this->get_option( 'api_username' );
		WC_Gateway_Paypal_Refund::$api_password  = $this->get_option( 'api_password' );
		WC_Gateway_Paypal_Refund::$api_signature = $this->get_option( 'api_signature' );

		$result = WC_Gateway_Paypal_Refund::refund_order( $order, $amount, $reason, $this->testmode );
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

		if ( is_wp_error( $result ) ) {
			$this->log( 'Refund Failed: ' . $result->get_error_message() );
			return new WP_Error( 'error', $result->get_error_message() );
		}

		$this->log( 'Refund Result: ' . print_r( $result, true ) );

		switch ( strtolower( $result['ACK'] ) ) {
			case 'success':
			case 'successwithwarning':
				$order->add_order_note( sprintf( __( 'Refunded %s - Refund ID: %s', 'woocommerce' ), $result['GROSSREFUNDAMT'], $result['REFUNDTRANSACTIONID'] ) );
				return true;
			break;
switch ($x) {
    case 1:
        return 'foo';
        break; // This break is not necessary and can be left off.
}
		}

		return isset( $result['L_LONGMESSAGE0'] ) ? new WP_Error( 'error', $result['L_LONGMESSAGE0'] ) : false;
	}
}


1			<?php
2			/**
3			* PayPal Standard Payment Gateway.
4			*
5			* Provides a PayPal Standard Payment Gateway.
6			*
7			* @class WC_Gateway_Paypal
8			* @extends WC_Payment_Gateway
9			* @version 2.3.0
10			* @package WooCommerce/Classes/Payment
11			* @author WooThemes
12			*/
13
14			if ( ! defined( 'ABSPATH' ) ) {
15			exit;
16			}
17
18			/**
19			* WC_Gateway_Paypal Class.
20			*/
21			class WC_Gateway_Paypal extends WC_Payment_Gateway {
22
23			/** @var bool Whether or not logging is enabled */
24			public static $log_enabled = false;
25
26			/** @var WC_Logger Logger instance */
27			public static $log = false;
28
29			/**
30			* Constructor for the gateway.
31			*/
32			public function __construct() {
33			$this->id = 'paypal';
34			$this->has_fields = false;
35			$this->order_button_text = __( 'Proceed to PayPal', 'woocommerce' );
36			$this->method_title = __( 'PayPal', 'woocommerce' );
37			$this->method_description = sprintf( __( 'PayPal standard sends customers to PayPal to enter their payment information. PayPal IPN requires fsockopen/cURL support to update order statuses after payment. Check the %ssystem status%s page for more details.', 'woocommerce' ), '<a href="' . admin_url( 'admin.php?page=wc-status' ) . '">', '</a>' );
38			$this->supports = array(
39			'products',
40			'refunds'
41			);
42
43			// Load the settings.
44			$this->init_form_fields();
45			$this->init_settings();
46
47			// Define user set variables.
48			$this->title = $this->get_option( 'title' );
49			$this->description = $this->get_option( 'description' );
50			$this->testmode = 'yes' === $this->get_option( 'testmode', 'no' );
51			$this->debug = 'yes' === $this->get_option( 'debug', 'no' );
52			$this->email = $this->get_option( 'email' );
53			$this->receiver_email = $this->get_option( 'receiver_email', $this->email );
54			$this->identity_token = $this->get_option( 'identity_token' );
55
56			self::$log_enabled = $this->debug;
57
58			add_action( 'woocommerce_update_options_payment_gateways_' . $this->id, array( $this, 'process_admin_options' ) );
59
60			if ( ! $this->is_valid_for_use() ) {
61			$this->enabled = 'no';
62			} else {
63			include_once( 'includes/class-wc-gateway-paypal-ipn-handler.php' );
64			new WC_Gateway_Paypal_IPN_Handler( $this->testmode, $this->receiver_email );
65
66			if ( $this->identity_token ) {
67			include_once( 'includes/class-wc-gateway-paypal-pdt-handler.php' );
68			new WC_Gateway_Paypal_PDT_Handler( $this->testmode, $this->identity_token );
69			}
70			}
71			}
72
73			/**
74			* Logging method.
75			* @param string $message
76			*/
77			public static function log( $message ) {
78			if ( self::$log_enabled ) {
79			if ( empty( self::$log ) ) {
80			self::$log = new WC_Logger();
81			}
82			self::$log->add( 'paypal', $message );
83			}
84			}
85
86			/**
87			* Get gateway icon.
88			* @return string
89			*/
90			public function get_icon() {
91			$icon_html = '';
92			$icon = (array) $this->get_icon_image( WC()->countries->get_base_country() );
93
94			foreach ( $icon as $i ) {
95			$icon_html .= '<img src="' . esc_attr( $i ) . '" alt="' . esc_attr__( 'PayPal Acceptance Mark', 'woocommerce' ) . '" />';
96			}
97
98			$icon_html .= sprintf( '<a href="%1$s" class="about_paypal" onclick="javascript:window.open(\'%1$s\',\'WIPaypal\',\'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=1060, height=700\'); return false;" title="' . esc_attr__( 'What is PayPal?', 'woocommerce' ) . '">' . esc_attr__( 'What is PayPal?', 'woocommerce' ) . '</a>', esc_url( $this->get_icon_url( WC()->countries->get_base_country() ) ) );
99
100			return apply_filters( 'woocommerce_gateway_icon', $icon_html, $this->id );
101			}
102
103			/**
104			* Get the link for an icon based on country.
105			* @param string $country
106			* @return string
107			*/
108			protected function get_icon_url( $country ) {
109			$url = 'https://www.paypal.com/' . strtolower( $country );
110			$home_counties = array( 'BE', 'CZ', 'DK', 'HU', 'IT', 'JP', 'NL', 'NO', 'ES', 'SE', 'TR');
111			$countries = array( 'DZ', 'AU', 'BH', 'BQ', 'BW', 'CA', 'CN', 'CW', 'FI', 'FR', 'DE', 'GR', 'HK', 'IN', 'ID', 'JO', 'KE', 'KW', 'LU', 'MY', 'MA', 'OM', 'PH', 'PL', 'PT', 'QA', 'IE', 'RU', 'BL', 'SX', 'MF', 'SA', 'SG', 'SK', 'KR', 'SS', 'TW', 'TH', 'AE', 'GB', 'US', 'VN' );
112
113			if ( in_array( $country, $home_counties ) ) {
114			return $url . '/webapps/mpp/home';
115			} else if ( in_array( $country, $countries ) ) {
116			return $url . '/webapps/mpp/paypal-popup';
117			} else {
118			return $url . '/cgi-bin/webscr?cmd=xpt/Marketing/general/WIPaypal-outside';
119			}
120			}
121
122			/**
123			* Get PayPal images for a country.
124			* @param string $country
125			* @return array of image URLs
126			*/
127			protected function get_icon_image( $country ) {
128			switch ( $country ) {
129			case 'US' :
130			case 'NZ' :
131			case 'CZ' :
132			case 'HU' :
133			case 'MY' :
134			$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo/AM_mc_vs_dc_ae.jpg';
135			break;
136			case 'TR' :
137			$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_paypal_odeme_secenekleri.jpg';
138			break;
139			case 'GB' :
140			$icon = 'https://www.paypalobjects.com/webstatic/mktg/Logo/AM_mc_vs_ms_ae_UK.png';
141			break;
142			case 'MX' :
143			$icon = array(
144			'https://www.paypal.com/es_XC/Marketing/i/banner/paypal_visa_mastercard_amex.png',
145			'https://www.paypal.com/es_XC/Marketing/i/banner/paypal_debit_card_275x60.gif'
146			);
147			break;
148			case 'FR' :
149			$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_paypal_moyens_paiement_fr.jpg';
150			break;
151			case 'AU' :
152			$icon = 'https://www.paypalobjects.com/webstatic/en_AU/mktg/logo/Solutions-graphics-1-184x80.jpg';
153			break;
154			case 'DK' :
155			$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/logo_PayPal_betalingsmuligheder_dk.jpg';
156			break;
157			case 'RU' :
158			$icon = 'https://www.paypalobjects.com/webstatic/ru_RU/mktg/business/pages/logo-center/AM_mc_vs_dc_ae.jpg';
159			break;
160			case 'NO' :
161			$icon = 'https://www.paypalobjects.com/webstatic/mktg/logo-center/banner_pl_just_pp_319x110.jpg';
162			break;
163			case 'CA' :
164			$icon = 'https://www.paypalobjects.com/webstatic/en_CA/mktg/logo-image/AM_mc_vs_dc_ae.jpg';
165			break;
166			case 'HK' :
167			$icon = 'https://www.paypalobjects.com/webstatic/en_HK/mktg/logo/AM_mc_vs_dc_ae.jpg';
168			break;
169			case 'SG' :
170			$icon = 'https://www.paypalobjects.com/webstatic/en_SG/mktg/Logos/AM_mc_vs_dc_ae.jpg';
171			break;
172			case 'TW' :
173			$icon = 'https://www.paypalobjects.com/webstatic/en_TW/mktg/logos/AM_mc_vs_dc_ae.jpg';
174			break;
175			case 'TH' :
176			$icon = 'https://www.paypalobjects.com/webstatic/en_TH/mktg/Logos/AM_mc_vs_dc_ae.jpg';
177			break;
178			case 'JP' :
179			$icon = 'https://www.paypal.com/ja_JP/JP/i/bnr/horizontal_solution_4_jcb.gif';
180			break;
181			default :
182			$icon = WC_HTTPS::force_https_url( WC()->plugin_url() . '/includes/gateways/paypal/assets/images/paypal.png' );
183			break;
184			}
185			return apply_filters( 'woocommerce_paypal_icon', $icon );
186			}
187
188			/**
189			* Check if this gateway is enabled and available in the user's country.
190			* @return bool
191			*/
192			public function is_valid_for_use() {
193			return in_array( get_woocommerce_currency(), apply_filters( 'woocommerce_paypal_supported_currencies', array( 'AUD', 'BRL', 'CAD', 'MXN', 'NZD', 'HKD', 'SGD', 'USD', 'EUR', 'JPY', 'TRY', 'NOK', 'CZK', 'DKK', 'HUF', 'ILS', 'MYR', 'PHP', 'PLN', 'SEK', 'CHF', 'TWD', 'THB', 'GBP', 'RMB', 'RUB' ) ) );
194			}
195
196			/**
197			* Admin Panel Options.
198			* - Options for bits like 'title' and availability on a country-by-country basis.
199			*
200			* @since 1.0.0
201			*/
202			public function admin_options() {
203			if ( $this->is_valid_for_use() ) {
204			parent::admin_options();
205			} else {
206			?>
207			<div class="inline error"><p><strong><?php _e( 'Gateway Disabled', 'woocommerce' ); ?></strong>: <?php _e( 'PayPal does not support your store currency.', 'woocommerce' ); ?></p></div>
208			<?php
209			}
210			}
211
212			/**
213			* Initialise Gateway Settings Form Fields.
214			*/
215			public function init_form_fields() {
216			$this->form_fields = include( 'includes/settings-paypal.php' );
217			}
218
219			/**
220			* Get the transaction URL.
221			* @param WC_Order $order
222			* @return string
223			*/
224			public function get_transaction_url( $order ) {
225			if ( $this->testmode ) {
226			$this->view_transaction_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_view-a-trans&id=%s';
227			} else {
228			$this->view_transaction_url = 'https://www.paypal.com/cgi-bin/webscr?cmd=_view-a-trans&id=%s';
229			}
230			return parent::get_transaction_url( $order );
231			}
232
233			/**
234			* Process the payment and return the result.
235			* @param int $order_id
236			* @return array
237			*/
238			public function process_payment( $order_id ) {
239			include_once( 'includes/class-wc-gateway-paypal-request.php' );
240
241			$order = wc_get_order( $order_id );
242			$paypal_request = new WC_Gateway_Paypal_Request( $this );
243
244			return array(
245			'result' => 'success',
246			'redirect' => $paypal_request->get_request_url( $order, $this->testmode )
			0 ignored issues – show Documentation introduced 2016-06-06 18:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$order` is of type `false\|object`, but the function expects a `object<WC_Order>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
247			);
248			}
249
250			/**
251			* Can the order be refunded via PayPal?
252			* @param WC_Order $order
253			* @return bool
254			*/
255			public function can_refund_order( $order ) {
256			return $order && $order->get_transaction_id();
257			}
258
259			/**
260			* Process a refund if supported.
261			* @param int $order_id
262			* @param float $amount
263			* @param string $reason
264			* @return bool True or false based on success, or a WP_Error object
265			*/
266			public function process_refund( $order_id, $amount = null, $reason = '' ) {
267			$order = wc_get_order( $order_id );
268
269			if ( ! $this->can_refund_order( $order ) ) {
			0 ignored issues – show Documentation introduced 2016-06-06 18:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$order` is of type `false\|object`, but the function expects a `object<WC_Order>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
270			$this->log( 'Refund Failed: No transaction ID' );
271			return new WP_Error( 'error', __( 'Refund Failed: No transaction ID', 'woocommerce' ) );
272			}
273
274			include_once( 'includes/class-wc-gateway-paypal-refund.php' );
275
276			WC_Gateway_Paypal_Refund::$api_username = $this->get_option( 'api_username' );
277			WC_Gateway_Paypal_Refund::$api_password = $this->get_option( 'api_password' );
278			WC_Gateway_Paypal_Refund::$api_signature = $this->get_option( 'api_signature' );
279
280			$result = WC_Gateway_Paypal_Refund::refund_order( $order, $amount, $reason, $this->testmode );
			0 ignored issues – show Documentation introduced 2016-06-06 18:05 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$order` is of type `false\|object`, but the function expects a `object<WC_Order>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
281
282			if ( is_wp_error( $result ) ) {
283			$this->log( 'Refund Failed: ' . $result->get_error_message() );
284			return new WP_Error( 'error', $result->get_error_message() );
285			}
286
287			$this->log( 'Refund Result: ' . print_r( $result, true ) );
288
289			switch ( strtolower( $result['ACK'] ) ) {
290			case 'success':
291			case 'successwithwarning':
292			$order->add_order_note( sprintf( __( 'Refunded %s - Refund ID: %s', 'woocommerce' ), $result['GROSSREFUNDAMT'], $result['REFUNDTRANSACTIONID'] ) );
293			return true;
294			break;
			0 ignored issues – show Unused Code introduced 2015-11-21 02:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this `break` is not strictly necessary here and could be removed. The `break` statement is not necessary if it is preceded for example by a `return` statement: switch ($x) { case 1: return 'foo'; break; // This break is not necessary and can be left off. } If you would like to keep this construct to be consistent with other `case` statements, you can safely mark this issue as a false-positive. Loading history...
295			}
296
297			return isset( $result['L_LONGMESSAGE0'] ) ? new WP_Error( 'error', $result['L_LONGMESSAGE0'] ) : false;
298			}
299			}
300

woothemes / woocommerce

Issues (1182)

Security Analysis not enabled

gateways/paypal/class-wc-gateway-paypal.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like