Issues in woocommerce.php (master) - Issues in master - woothemes/woocommerce - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1182)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

woocommerce.php (1 issue)

Labels

Best Practice 1

Severity

Minor 1

Justin Shreve 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Plugin Name: WooCommerce
 * Plugin URI: https://www.woothemes.com/woocommerce/
 * Description: An e-commerce toolkit that helps you sell anything. Beautifully.
 * Version: 2.6.0-beta-4
 * Author: WooThemes
 * Author URI: https://woothemes.com
 * Requires at least: 4.1
 * Tested up to: 4.5
 *
 * Text Domain: woocommerce
 * Domain Path: /i18n/languages/
 *
 * @package WooCommerce
 * @category Core
 * @author WooThemes
 */
if ( ! defined( 'ABSPATH' ) ) {
	exit; // Exit if accessed directly.
}

if ( ! class_exists( 'WooCommerce' ) ) :

/**
 * Main WooCommerce Class.
 *
 * @class WooCommerce
 * @version	2.6.0
 */
final class WooCommerce {

	/**
	 * WooCommerce version.
	 *
	 * @var string
	 */
	public $version = '2.6.0';

	/**
	 * The single instance of the class.
	 *
	 * @var WooCommerce
	 * @since 2.1
	 */
	protected static $_instance = null;

	/**
	 * Session instance.
	 *
	 * @var WC_Session
	 */
	public $session = null;

	/**
	 * Query instance.
	 *
	 * @var WC_Query
	 */
	public $query = null;

	/**
	 * Product factory instance.
	 *
	 * @var WC_Product_Factory
	 */
	public $product_factory = null;

	/**
	 * Countries instance.
	 *
	 * @var WC_Countries
	 */
	public $countries = null;

	/**
	 * Integrations instance.
	 *
	 * @var WC_Integrations
	 */
	public $integrations = null;

	/**
	 * Cart instance.
	 *
	 * @var WC_Cart
	 */
	public $cart = null;

	/**
	 * Customer instance.
	 *
	 * @var WC_Customer
	 */
	public $customer = null;

	/**
	 * Order factory instance.
	 *
	 * @var WC_Order_Factory
	 */
	public $order_factory = null;

	/**
	 * Main WooCommerce Instance.
	 *
	 * Ensures only one instance of WooCommerce is loaded or can be loaded.
	 *
	 * @since 2.1
	 * @static
	 * @see WC()
	 * @return WooCommerce - Main instance.
	 */
	public static function instance() {
		if ( is_null( self::$_instance ) ) {
			self::$_instance = new self();
		}
		return self::$_instance;
	}

	/**
	 * Cloning is forbidden.
	 * @since 2.1
	 */
	public function __clone() {
		_doing_it_wrong( __FUNCTION__, __( 'Cheatin&#8217; huh?', 'woocommerce' ), '2.1' );
	}

	/**
	 * Unserializing instances of this class is forbidden.
	 * @since 2.1
	 */
	public function __wakeup() {
		_doing_it_wrong( __FUNCTION__, __( 'Cheatin&#8217; huh?', 'woocommerce' ), '2.1' );
	}

	/**
	 * Auto-load in-accessible properties on demand.
	 * @param mixed $key
	 * @return mixed
	 */
	public function __get( $key ) {
		if ( in_array( $key, array( 'payment_gateways', 'shipping', 'mailer', 'checkout' ) ) ) {
			return $this->$key();
		}
	}

	/**
	 * WooCommerce Constructor.
	 */
	public function __construct() {
		$this->define_constants();
		$this->includes();
		$this->init_hooks();

		do_action( 'woocommerce_loaded' );
	}

	/**
	 * Hook into actions and filters.
	 * @since  2.3
	 */
	private function init_hooks() {
		register_activation_hook( __FILE__, array( 'WC_Install', 'install' ) );
		add_action( 'after_setup_theme', array( $this, 'setup_environment' ) );
		add_action( 'after_setup_theme', array( $this, 'include_template_functions' ), 11 );
		add_action( 'init', array( $this, 'init' ), 0 );
		add_action( 'init', array( 'WC_Shortcodes', 'init' ) );
		add_action( 'init', array( 'WC_Emails', 'init_transactional_emails' ) );
		add_action( 'init', array( $this, 'payment_token_metadata_wpdbfix' ), 0 );
	}

	/**
	 * Define WC Constants.
	 */
	private function define_constants() {
		$upload_dir = wp_upload_dir();

		$this->define( 'WC_PLUGIN_FILE', __FILE__ );
		$this->define( 'WC_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
		$this->define( 'WC_VERSION', $this->version );
		$this->define( 'WOOCOMMERCE_VERSION', $this->version );
		$this->define( 'WC_ROUNDING_PRECISION', 4 );
		$this->define( 'WC_DISCOUNT_ROUNDING_MODE', 2 );
		$this->define( 'WC_TAX_ROUNDING_MODE', 'yes' === get_option( 'woocommerce_prices_include_tax', 'no' ) ? 2 : 1 );
		$this->define( 'WC_DELIMITER', '|' );
		$this->define( 'WC_LOG_DIR', $upload_dir['basedir'] . '/wc-logs/' );
		$this->define( 'WC_SESSION_CACHE_GROUP', 'wc_session_id' );
	}

	/**
	 * Define constant if not already set.
	 *
	 * @param  string $name
	 * @param  string|bool $value
	 */
	private function define( $name, $value ) {
		if ( ! defined( $name ) ) {
			define( $name, $value );
		}
	}

	/**
	 * What type of request is this?
	 *
	 * @param  string $type admin, ajax, cron or frontend.
	 * @return bool
	 */
	private function is_request( $type ) {
		switch ( $type ) {
			case 'admin' :
				return is_admin();
			case 'ajax' :
				return defined( 'DOING_AJAX' );
			case 'cron' :
				return defined( 'DOING_CRON' );
			case 'frontend' :
				return ( ! is_admin() || defined( 'DOING_AJAX' ) ) && ! defined( 'DOING_CRON' );
		}
	}

	/**
	 * Include required core files used in admin and on the frontend.
	 */
	public function includes() {
		include_once( 'includes/class-wc-autoloader.php' );
		include_once( 'includes/wc-core-functions.php' );
		include_once( 'includes/wc-widget-functions.php' );
		include_once( 'includes/wc-webhook-functions.php' );
		include_once( 'includes/class-wc-install.php' );
		include_once( 'includes/class-wc-geolocation.php' );
		include_once( 'includes/class-wc-download-handler.php' );
		include_once( 'includes/class-wc-comments.php' );
		include_once( 'includes/class-wc-post-data.php' );
		include_once( 'includes/class-wc-ajax.php' );

		if ( $this->is_request( 'admin' ) ) {
			include_once( 'includes/admin/class-wc-admin.php' );
		}

		if ( $this->is_request( 'frontend' ) ) {
			$this->frontend_includes();
		}

		if ( $this->is_request( 'frontend' ) || $this->is_request( 'cron' ) ) {
			include_once( 'includes/class-wc-session-handler.php' );
		}

		if ( $this->is_request( 'cron' ) && 'yes' === get_option( 'woocommerce_allow_tracking', 'no' ) ) {
			include_once( 'includes/class-wc-tracker.php' );
		}

		$this->query = include( 'includes/class-wc-query.php' );                 // The main query class
		$this->api   = include( 'includes/class-wc-api.php' );                   // API Class

		include_once( 'includes/class-wc-auth.php' );                            // Auth Class
		include_once( 'includes/class-wc-post-types.php' );                      // Registers post types
		include_once( 'includes/abstracts/abstract-wc-data.php' );				 // WC_Data for CRUD
		include_once( 'includes/abstracts/abstract-wc-payment-token.php' );      // Payment Tokens
		include_once( 'includes/abstracts/abstract-wc-product.php' );            // Products
		include_once( 'includes/abstracts/abstract-wc-order.php' );              // Orders
		include_once( 'includes/abstracts/abstract-wc-settings-api.php' );       // Settings API (for gateways, shipping, and integrations)
		include_once( 'includes/abstracts/abstract-wc-shipping-method.php' );    // A Shipping method
		include_once( 'includes/abstracts/abstract-wc-payment-gateway.php' );    // A Payment gateway
		include_once( 'includes/abstracts/abstract-wc-integration.php' );        // An integration with a service
		include_once( 'includes/class-wc-product-factory.php' );                 // Product factory
		include_once( 'includes/class-wc-payment-tokens.php' );                  // Payment tokens controller
		include_once( 'includes/gateways/class-wc-payment-gateway-cc.php' );     // CC Payment Gateway
		include_once( 'includes/gateways/class-wc-payment-gateway-echeck.php' ); // eCheck Payment Gateway
		include_once( 'includes/class-wc-countries.php' );                       // Defines countries and states
		include_once( 'includes/class-wc-integrations.php' );                    // Loads integrations
		include_once( 'includes/class-wc-cache-helper.php' );                    // Cache Helper
		include_once( 'includes/class-wc-https.php' );                          // https Helper

		if ( defined( 'WP_CLI' ) && WP_CLI ) {
			include_once( 'includes/class-wc-cli.php' );
		}
	}

	/**
	 * Include required frontend files.
	 */
	public function frontend_includes() {
		include_once( 'includes/wc-cart-functions.php' );
		include_once( 'includes/wc-notice-functions.php' );
		include_once( 'includes/wc-template-hooks.php' );
		include_once( 'includes/class-wc-template-loader.php' );                // Template Loader
		include_once( 'includes/class-wc-frontend-scripts.php' );               // Frontend Scripts
		include_once( 'includes/class-wc-form-handler.php' );                   // Form Handlers
		include_once( 'includes/class-wc-cart.php' );                           // The main cart class
		include_once( 'includes/class-wc-tax.php' );                            // Tax class
		include_once( 'includes/class-wc-shipping-zones.php' );                 // Shipping Zones class
		include_once( 'includes/class-wc-customer.php' );                       // Customer class
		include_once( 'includes/class-wc-shortcodes.php' );                     // Shortcodes class
		include_once( 'includes/class-wc-embed.php' );                          // Embeds
	}

	/**
	 * Function used to Init WooCommerce Template Functions - This makes them pluggable by plugins and themes.
	 */
	public function include_template_functions() {
		include_once( 'includes/wc-template-functions.php' );
	}

	/**
	 * Init WooCommerce when WordPress Initialises.
	 */
	public function init() {
		// Before init action.
		do_action( 'before_woocommerce_init' );

		// Set up localisation.
		$this->load_plugin_textdomain();

		// Load class instances.
		$this->product_factory = new WC_Product_Factory();                      // Product Factory to create new product instances
		$this->order_factory   = new WC_Order_Factory();                        // Order Factory to create new order instances
		$this->countries       = new WC_Countries();                            // Countries class
		$this->integrations    = new WC_Integrations();                         // Integrations class

		// Session class, handles session data for users - can be overwritten if custom handler is needed.
		if ( $this->is_request( 'frontend' ) || $this->is_request( 'cron' ) ) {
			$session_class  = apply_filters( 'woocommerce_session_handler', 'WC_Session_Handler' );
			$this->session  = new $session_class();
		}

		// Classes/actions loaded for the frontend and for ajax requests.
		if ( $this->is_request( 'frontend' ) ) {
			$this->cart     = new WC_Cart();                                    // Cart class, stores the cart contents
			$this->customer = new WC_Customer();                                // Customer class, handles data such as customer location
		}

		$this->load_webhooks();

		// Init action.
		do_action( 'woocommerce_init' );
	}

	/**
	 * Load Localisation files.
	 *
	 * Note: the first-loaded translation file overrides any following ones if the same translation is present.
	 *
	 * Locales found in:
	 *      - WP_LANG_DIR/woocommerce/woocommerce-LOCALE.mo
	 *      - WP_LANG_DIR/plugins/woocommerce-LOCALE.mo
	 */
	public function load_plugin_textdomain() {
		$locale = apply_filters( 'plugin_locale', get_locale(), 'woocommerce' );

		load_textdomain( 'woocommerce', WP_LANG_DIR . '/woocommerce/woocommerce-' . $locale . '.mo' );
		load_plugin_textdomain( 'woocommerce', false, plugin_basename( dirname( __FILE__ ) ) . '/i18n/languages' );
	}

	/**
	 * Ensure theme and server variable compatibility and setup image sizes.
	 */
	public function setup_environment() {
		/**
		 * @deprecated 2.2 Use WC()->template_path()
		 */
		$this->define( 'WC_TEMPLATE_PATH', $this->template_path() );

		$this->add_thumbnail_support();
		$this->add_image_sizes();
	}

	/**
	 * Ensure post thumbnail support is turned on.
	 */
	private function add_thumbnail_support() {
		if ( ! current_theme_supports( 'post-thumbnails' ) ) {
			add_theme_support( 'post-thumbnails' );
		}
		add_post_type_support( 'product', 'thumbnail' );
	}

	/**
	 * Add WC Image sizes to WP.
	 *
	 * @since 2.3
	 */
	private function add_image_sizes() {
		$shop_thumbnail = wc_get_image_size( 'shop_thumbnail' );
		$shop_catalog	= wc_get_image_size( 'shop_catalog' );
		$shop_single	= wc_get_image_size( 'shop_single' );

		add_image_size( 'shop_thumbnail', $shop_thumbnail['width'], $shop_thumbnail['height'], $shop_thumbnail['crop'] );
		add_image_size( 'shop_catalog', $shop_catalog['width'], $shop_catalog['height'], $shop_catalog['crop'] );
		add_image_size( 'shop_single', $shop_single['width'], $shop_single['height'], $shop_single['crop'] );
	}

	/**
	 * Get the plugin url.
	 * @return string
	 */
	public function plugin_url() {
		return untrailingslashit( plugins_url( '/', __FILE__ ) );
	}

	/**
	 * Get the plugin path.
	 * @return string
	 */
	public function plugin_path() {
		return untrailingslashit( plugin_dir_path( __FILE__ ) );
	}

	/**
	 * Get the template path.
	 * @return string
	 */
	public function template_path() {
		return apply_filters( 'woocommerce_template_path', 'woocommerce/' );
	}

	/**
	 * Get Ajax URL.
	 * @return string
	 */
	public function ajax_url() {
		return admin_url( 'admin-ajax.php', 'relative' );
	}

	/**
	 * Return the WC API URL for a given request.
	 *
	 * @param string $request
	 * @param mixed $ssl (default: null)
	 * @return string
	 */
	public function api_request_url( $request, $ssl = null ) {
		if ( is_null( $ssl ) ) {
			$scheme = parse_url( home_url(), PHP_URL_SCHEME );
		} elseif ( $ssl ) {
			$scheme = 'https';
		} else {
			$scheme = 'http';
		}

		if ( strstr( get_option( 'permalink_structure' ), '/index.php/' ) ) {
			$api_request_url = trailingslashit( home_url( '/index.php/wc-api/' . $request, $scheme ) );
		} elseif ( get_option( 'permalink_structure' ) ) {
			$api_request_url = trailingslashit( home_url( '/wc-api/' . $request, $scheme ) );
		} else {
			$api_request_url = add_query_arg( 'wc-api', $request, trailingslashit( home_url( '', $scheme ) ) );
		}

		return esc_url_raw( apply_filters( 'woocommerce_api_request_url', $api_request_url, $request, $ssl ) );
	}

	/**
	 * Load & enqueue active webhooks.
	 *
	 * @since 2.2
	 */
	private function load_webhooks() {
		if ( false === ( $webhooks = get_transient( 'woocommerce_webhook_ids' ) ) ) {
			$webhooks = get_posts( array(
				'fields'         => 'ids',
				'post_type'      => 'shop_webhook',
				'post_status'    => 'publish',
				'posts_per_page' => -1
			) );
			set_transient( 'woocommerce_webhook_ids', $webhooks );
		}
		foreach ( $webhooks as $webhook_id ) {
			$webhook = new WC_Webhook( $webhook_id );
			$webhook->enqueue();
		}
	}

	/**
	 * WooCommerce Payment Token Meta API - set table name
	 */
	function payment_token_metadata_wpdbfix() {

		global $wpdb;
		$wpdb->payment_tokenmeta = $wpdb->prefix . 'woocommerce_payment_tokenmeta';
		$wpdb->tables[] = 'woocommerce_payment_tokenmeta';
	}

	/**
	 * Get Checkout Class.
	 * @return WC_Checkout
	 */
	public function checkout() {
		return WC_Checkout::instance();
	}

	/**
	 * Get gateways class.
	 * @return WC_Payment_Gateways
	 */
	public function payment_gateways() {
		return WC_Payment_Gateways::instance();
	}

	/**
	 * Get shipping class.
	 * @return WC_Shipping
	 */
	public function shipping() {
		return WC_Shipping::instance();
	}

	/**
	 * Email Class.
	 * @return WC_Emails
	 */
	public function mailer() {
		return WC_Emails::instance();
	}
}

endif;

/**
 * Main instance of WooCommerce.
 *
 * Returns the main instance of WC to prevent the need to use globals.
 *
 * @since  2.1
 * @return WooCommerce
 */
function WC() {
	return WooCommerce::instance();
}

// Global for backwards compatibility.
$GLOBALS['woocommerce'] = WC();


1			<?php
2			/**
3			* Plugin Name: WooCommerce
4			* Plugin URI: https://www.woothemes.com/woocommerce/
5			* Description: An e-commerce toolkit that helps you sell anything. Beautifully.
6			* Version: 2.6.0-beta-4
7			* Author: WooThemes
8			* Author URI: https://woothemes.com
9			* Requires at least: 4.1
10			* Tested up to: 4.5
11			*
12			* Text Domain: woocommerce
13			* Domain Path: /i18n/languages/
14			*
15			* @package WooCommerce
16			* @category Core
17			* @author WooThemes
18			*/
19			if ( ! defined( 'ABSPATH' ) ) {
20			exit; // Exit if accessed directly.
21			}
22
23			if ( ! class_exists( 'WooCommerce' ) ) :
24
25			/**
26			* Main WooCommerce Class.
27			*
28			* @class WooCommerce
29			* @version 2.6.0
30			*/
31			final class WooCommerce {
32
33			/**
34			* WooCommerce version.
35			*
36			* @var string
37			*/
38			public $version = '2.6.0';
39
40			/**
41			* The single instance of the class.
42			*
43			* @var WooCommerce
44			* @since 2.1
45			*/
46			protected static $_instance = null;
47
48			/**
49			* Session instance.
50			*
51			* @var WC_Session
52			*/
53			public $session = null;
54
55			/**
56			* Query instance.
57			*
58			* @var WC_Query
59			*/
60			public $query = null;
61
62			/**
63			* Product factory instance.
64			*
65			* @var WC_Product_Factory
66			*/
67			public $product_factory = null;
68
69			/**
70			* Countries instance.
71			*
72			* @var WC_Countries
73			*/
74			public $countries = null;
75
76			/**
77			* Integrations instance.
78			*
79			* @var WC_Integrations
80			*/
81			public $integrations = null;
82
83			/**
84			* Cart instance.
85			*
86			* @var WC_Cart
87			*/
88			public $cart = null;
89
90			/**
91			* Customer instance.
92			*
93			* @var WC_Customer
94			*/
95			public $customer = null;
96
97			/**
98			* Order factory instance.
99			*
100			* @var WC_Order_Factory
101			*/
102			public $order_factory = null;
103
104			/**
105			* Main WooCommerce Instance.
106			*
107			* Ensures only one instance of WooCommerce is loaded or can be loaded.
108			*
109			* @since 2.1
110			* @static
111			* @see WC()
112			* @return WooCommerce - Main instance.
113			*/
114			public static function instance() {
115			if ( is_null( self::$_instance ) ) {
116			self::$_instance = new self();
117			}
118			return self::$_instance;
119			}
120
121			/**
122			* Cloning is forbidden.
123			* @since 2.1
124			*/
125			public function __clone() {
126			_doing_it_wrong( __FUNCTION__, __( 'Cheatin’ huh?', 'woocommerce' ), '2.1' );
127			}
128
129			/**
130			* Unserializing instances of this class is forbidden.
131			* @since 2.1
132			*/
133			public function __wakeup() {
134			_doing_it_wrong( __FUNCTION__, __( 'Cheatin’ huh?', 'woocommerce' ), '2.1' );
135			}
136
137			/**
138			* Auto-load in-accessible properties on demand.
139			* @param mixed $key
140			* @return mixed
141			*/
142			public function __get( $key ) {
143			if ( in_array( $key, array( 'payment_gateways', 'shipping', 'mailer', 'checkout' ) ) ) {
144			return $this->$key();
145			}
146			}
147
148			/**
149			* WooCommerce Constructor.
150			*/
151			public function __construct() {
152			$this->define_constants();
153			$this->includes();
154			$this->init_hooks();
155
156			do_action( 'woocommerce_loaded' );
157			}
158
159			/**
160			* Hook into actions and filters.
161			* @since 2.3
162			*/
163			private function init_hooks() {
164			register_activation_hook( __FILE__, array( 'WC_Install', 'install' ) );
165			add_action( 'after_setup_theme', array( $this, 'setup_environment' ) );
166			add_action( 'after_setup_theme', array( $this, 'include_template_functions' ), 11 );
167			add_action( 'init', array( $this, 'init' ), 0 );
168			add_action( 'init', array( 'WC_Shortcodes', 'init' ) );
169			add_action( 'init', array( 'WC_Emails', 'init_transactional_emails' ) );
170			add_action( 'init', array( $this, 'payment_token_metadata_wpdbfix' ), 0 );
171			}
172
173			/**
174			* Define WC Constants.
175			*/
176			private function define_constants() {
177			$upload_dir = wp_upload_dir();
178
179			$this->define( 'WC_PLUGIN_FILE', __FILE__ );
180			$this->define( 'WC_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
181			$this->define( 'WC_VERSION', $this->version );
182			$this->define( 'WOOCOMMERCE_VERSION', $this->version );
183			$this->define( 'WC_ROUNDING_PRECISION', 4 );
184			$this->define( 'WC_DISCOUNT_ROUNDING_MODE', 2 );
185			$this->define( 'WC_TAX_ROUNDING_MODE', 'yes' === get_option( 'woocommerce_prices_include_tax', 'no' ) ? 2 : 1 );
186			$this->define( 'WC_DELIMITER', '\|' );
187			$this->define( 'WC_LOG_DIR', $upload_dir['basedir'] . '/wc-logs/' );
188			$this->define( 'WC_SESSION_CACHE_GROUP', 'wc_session_id' );
189			}
190
191			/**
192			* Define constant if not already set.
193			*
194			* @param string $name
195			* @param string\|bool $value
196			*/
197			private function define( $name, $value ) {
198			if ( ! defined( $name ) ) {
199			define( $name, $value );
200			}
201			}
202
203			/**
204			* What type of request is this?
205			*
206			* @param string $type admin, ajax, cron or frontend.
207			* @return bool
208			*/
209			private function is_request( $type ) {
210			switch ( $type ) {
211			case 'admin' :
212			return is_admin();
213			case 'ajax' :
214			return defined( 'DOING_AJAX' );
215			case 'cron' :
216			return defined( 'DOING_CRON' );
217			case 'frontend' :
218			return ( ! is_admin() \|\| defined( 'DOING_AJAX' ) ) && ! defined( 'DOING_CRON' );
219			}
220			}
221
222			/**
223			* Include required core files used in admin and on the frontend.
224			*/
225			public function includes() {
226			include_once( 'includes/class-wc-autoloader.php' );
227			include_once( 'includes/wc-core-functions.php' );
228			include_once( 'includes/wc-widget-functions.php' );
229			include_once( 'includes/wc-webhook-functions.php' );
230			include_once( 'includes/class-wc-install.php' );
231			include_once( 'includes/class-wc-geolocation.php' );
232			include_once( 'includes/class-wc-download-handler.php' );
233			include_once( 'includes/class-wc-comments.php' );
234			include_once( 'includes/class-wc-post-data.php' );
235			include_once( 'includes/class-wc-ajax.php' );
236
237			if ( $this->is_request( 'admin' ) ) {
238			include_once( 'includes/admin/class-wc-admin.php' );
239			}
240
241			if ( $this->is_request( 'frontend' ) ) {
242			$this->frontend_includes();
243			}
244
245			if ( $this->is_request( 'frontend' ) \|\| $this->is_request( 'cron' ) ) {
246			include_once( 'includes/class-wc-session-handler.php' );
247			}
248
249			if ( $this->is_request( 'cron' ) && 'yes' === get_option( 'woocommerce_allow_tracking', 'no' ) ) {
250			include_once( 'includes/class-wc-tracker.php' );
251			}
252
253			$this->query = include( 'includes/class-wc-query.php' ); // The main query class
254			$this->api = include( 'includes/class-wc-api.php' ); // API Class
255
256			include_once( 'includes/class-wc-auth.php' ); // Auth Class
257			include_once( 'includes/class-wc-post-types.php' ); // Registers post types
258			include_once( 'includes/abstracts/abstract-wc-data.php' ); // WC_Data for CRUD
259			include_once( 'includes/abstracts/abstract-wc-payment-token.php' ); // Payment Tokens
260			include_once( 'includes/abstracts/abstract-wc-product.php' ); // Products
261			include_once( 'includes/abstracts/abstract-wc-order.php' ); // Orders
262			include_once( 'includes/abstracts/abstract-wc-settings-api.php' ); // Settings API (for gateways, shipping, and integrations)
263			include_once( 'includes/abstracts/abstract-wc-shipping-method.php' ); // A Shipping method
264			include_once( 'includes/abstracts/abstract-wc-payment-gateway.php' ); // A Payment gateway
265			include_once( 'includes/abstracts/abstract-wc-integration.php' ); // An integration with a service
266			include_once( 'includes/class-wc-product-factory.php' ); // Product factory
267			include_once( 'includes/class-wc-payment-tokens.php' ); // Payment tokens controller
268			include_once( 'includes/gateways/class-wc-payment-gateway-cc.php' ); // CC Payment Gateway
269			include_once( 'includes/gateways/class-wc-payment-gateway-echeck.php' ); // eCheck Payment Gateway
270			include_once( 'includes/class-wc-countries.php' ); // Defines countries and states
271			include_once( 'includes/class-wc-integrations.php' ); // Loads integrations
272			include_once( 'includes/class-wc-cache-helper.php' ); // Cache Helper
273			include_once( 'includes/class-wc-https.php' ); // https Helper
274
275			if ( defined( 'WP_CLI' ) && WP_CLI ) {
276			include_once( 'includes/class-wc-cli.php' );
277			}
278			}
279
280			/**
281			* Include required frontend files.
282			*/
283			public function frontend_includes() {
284			include_once( 'includes/wc-cart-functions.php' );
285			include_once( 'includes/wc-notice-functions.php' );
286			include_once( 'includes/wc-template-hooks.php' );
287			include_once( 'includes/class-wc-template-loader.php' ); // Template Loader
288			include_once( 'includes/class-wc-frontend-scripts.php' ); // Frontend Scripts
289			include_once( 'includes/class-wc-form-handler.php' ); // Form Handlers
290			include_once( 'includes/class-wc-cart.php' ); // The main cart class
291			include_once( 'includes/class-wc-tax.php' ); // Tax class
292			include_once( 'includes/class-wc-shipping-zones.php' ); // Shipping Zones class
293			include_once( 'includes/class-wc-customer.php' ); // Customer class
294			include_once( 'includes/class-wc-shortcodes.php' ); // Shortcodes class
295			include_once( 'includes/class-wc-embed.php' ); // Embeds
296			}
297
298			/**
299			* Function used to Init WooCommerce Template Functions - This makes them pluggable by plugins and themes.
300			*/
301			public function include_template_functions() {
302			include_once( 'includes/wc-template-functions.php' );
303			}
304
305			/**
306			* Init WooCommerce when WordPress Initialises.
307			*/
308			public function init() {
309			// Before init action.
310			do_action( 'before_woocommerce_init' );
311
312			// Set up localisation.
313			$this->load_plugin_textdomain();
314
315			// Load class instances.
316			$this->product_factory = new WC_Product_Factory(); // Product Factory to create new product instances
317			$this->order_factory = new WC_Order_Factory(); // Order Factory to create new order instances
318			$this->countries = new WC_Countries(); // Countries class
319			$this->integrations = new WC_Integrations(); // Integrations class
320
321			// Session class, handles session data for users - can be overwritten if custom handler is needed.
322			if ( $this->is_request( 'frontend' ) \|\| $this->is_request( 'cron' ) ) {
323			$session_class = apply_filters( 'woocommerce_session_handler', 'WC_Session_Handler' );
324			$this->session = new $session_class();
325			}
326
327			// Classes/actions loaded for the frontend and for ajax requests.
328			if ( $this->is_request( 'frontend' ) ) {
329			$this->cart = new WC_Cart(); // Cart class, stores the cart contents
330			$this->customer = new WC_Customer(); // Customer class, handles data such as customer location
331			}
332
333			$this->load_webhooks();
334
335			// Init action.
336			do_action( 'woocommerce_init' );
337			}
338
339			/**
340			* Load Localisation files.
341			*
342			* Note: the first-loaded translation file overrides any following ones if the same translation is present.
343			*
344			* Locales found in:
345			* - WP_LANG_DIR/woocommerce/woocommerce-LOCALE.mo
346			* - WP_LANG_DIR/plugins/woocommerce-LOCALE.mo
347			*/
348			public function load_plugin_textdomain() {
349			$locale = apply_filters( 'plugin_locale', get_locale(), 'woocommerce' );
350
351			load_textdomain( 'woocommerce', WP_LANG_DIR . '/woocommerce/woocommerce-' . $locale . '.mo' );
352			load_plugin_textdomain( 'woocommerce', false, plugin_basename( dirname( __FILE__ ) ) . '/i18n/languages' );
353			}
354
355			/**
356			* Ensure theme and server variable compatibility and setup image sizes.
357			*/
358			public function setup_environment() {
359			/**
360			* @deprecated 2.2 Use WC()->template_path()
361			*/
362			$this->define( 'WC_TEMPLATE_PATH', $this->template_path() );
363
364			$this->add_thumbnail_support();
365			$this->add_image_sizes();
366			}
367
368			/**
369			* Ensure post thumbnail support is turned on.
370			*/
371			private function add_thumbnail_support() {
372			if ( ! current_theme_supports( 'post-thumbnails' ) ) {
373			add_theme_support( 'post-thumbnails' );
374			}
375			add_post_type_support( 'product', 'thumbnail' );
376			}
377
378			/**
379			* Add WC Image sizes to WP.
380			*
381			* @since 2.3
382			*/
383			private function add_image_sizes() {
384			$shop_thumbnail = wc_get_image_size( 'shop_thumbnail' );
385			$shop_catalog = wc_get_image_size( 'shop_catalog' );
386			$shop_single = wc_get_image_size( 'shop_single' );
387
388			add_image_size( 'shop_thumbnail', $shop_thumbnail['width'], $shop_thumbnail['height'], $shop_thumbnail['crop'] );
389			add_image_size( 'shop_catalog', $shop_catalog['width'], $shop_catalog['height'], $shop_catalog['crop'] );
390			add_image_size( 'shop_single', $shop_single['width'], $shop_single['height'], $shop_single['crop'] );
391			}
392
393			/**
394			* Get the plugin url.
395			* @return string
396			*/
397			public function plugin_url() {
398			return untrailingslashit( plugins_url( '/', __FILE__ ) );
399			}
400
401			/**
402			* Get the plugin path.
403			* @return string
404			*/
405			public function plugin_path() {
406			return untrailingslashit( plugin_dir_path( __FILE__ ) );
407			}
408
409			/**
410			* Get the template path.
411			* @return string
412			*/
413			public function template_path() {
414			return apply_filters( 'woocommerce_template_path', 'woocommerce/' );
415			}
416
417			/**
418			* Get Ajax URL.
419			* @return string
420			*/
421			public function ajax_url() {
422			return admin_url( 'admin-ajax.php', 'relative' );
423			}
424
425			/**
426			* Return the WC API URL for a given request.
427			*
428			* @param string $request
429			* @param mixed $ssl (default: null)
430			* @return string
431			*/
432			public function api_request_url( $request, $ssl = null ) {
433			if ( is_null( $ssl ) ) {
434			$scheme = parse_url( home_url(), PHP_URL_SCHEME );
435			} elseif ( $ssl ) {
436			$scheme = 'https';
437			} else {
438			$scheme = 'http';
439			}
440
441			if ( strstr( get_option( 'permalink_structure' ), '/index.php/' ) ) {
442			$api_request_url = trailingslashit( home_url( '/index.php/wc-api/' . $request, $scheme ) );
443			} elseif ( get_option( 'permalink_structure' ) ) {
444			$api_request_url = trailingslashit( home_url( '/wc-api/' . $request, $scheme ) );
445			} else {
446			$api_request_url = add_query_arg( 'wc-api', $request, trailingslashit( home_url( '', $scheme ) ) );
447			}
448
449			return esc_url_raw( apply_filters( 'woocommerce_api_request_url', $api_request_url, $request, $ssl ) );
450			}
451
452			/**
453			* Load & enqueue active webhooks.
454			*
455			* @since 2.2
456			*/
457			private function load_webhooks() {
458			if ( false === ( $webhooks = get_transient( 'woocommerce_webhook_ids' ) ) ) {
459			$webhooks = get_posts( array(
460			'fields' => 'ids',
461			'post_type' => 'shop_webhook',
462			'post_status' => 'publish',
463			'posts_per_page' => -1
464			) );
465			set_transient( 'woocommerce_webhook_ids', $webhooks );
466			}
467			foreach ( $webhooks as $webhook_id ) {
468			$webhook = new WC_Webhook( $webhook_id );
469			$webhook->enqueue();
470			}
471			}
472
473			/**
474			* WooCommerce Payment Token Meta API - set table name
475			*/
476			function payment_token_metadata_wpdbfix() {
			0 ignored issues – show Best Practice introduced 2016-02-09 20:27 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
477			global $wpdb;
478			$wpdb->payment_tokenmeta = $wpdb->prefix . 'woocommerce_payment_tokenmeta';
479			$wpdb->tables[] = 'woocommerce_payment_tokenmeta';
480			}
481
482			/**
483			* Get Checkout Class.
484			* @return WC_Checkout
485			*/
486			public function checkout() {
487			return WC_Checkout::instance();
488			}
489
490			/**
491			* Get gateways class.
492			* @return WC_Payment_Gateways
493			*/
494			public function payment_gateways() {
495			return WC_Payment_Gateways::instance();
496			}
497
498			/**
499			* Get shipping class.
500			* @return WC_Shipping
501			*/
502			public function shipping() {
503			return WC_Shipping::instance();
504			}
505
506			/**
507			* Email Class.
508			* @return WC_Emails
509			*/
510			public function mailer() {
511			return WC_Emails::instance();
512			}
513			}
514
515			endif;
516
517			/**
518			* Main instance of WooCommerce.
519			*
520			* Returns the main instance of WC to prevent the need to use globals.
521			*
522			* @since 2.1
523			* @return WooCommerce
524			*/
525			function WC() {
526			return WooCommerce::instance();
527			}
528
529			// Global for backwards compatibility.
530			$GLOBALS['woocommerce'] = WC();
531

woothemes / woocommerce

Issues (1182)

Security Analysis not enabled

woocommerce.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like