diff --git a/classes/admin/class-klarna-for-woocommerce-addons.php b/classes/admin/class-klarna-for-woocommerce-addons.php index 2ec884cb..4428555d 100644 --- a/classes/admin/class-klarna-for-woocommerce-addons.php +++ b/classes/admin/class-klarna-for-woocommerce-addons.php @@ -275,18 +275,16 @@ public function change_klarna_addon_status() { $new_action = 'install'; $new_status_label = 'Not installed'; $new_action_label = 'Install'; - } else { - if ( 'installed' === $result['status'] ) { + } elseif ( 'installed' === $result['status'] ) { $new_status = 'installed'; $new_action = 'activate'; $new_status_label = 'Installed'; $new_action_label = 'Activate'; - } else { - $new_status = 'not-installed'; - $new_action = 'install'; - $new_status_label = 'Not installed'; - $new_action_label = 'Install'; - } + } else { + $new_status = 'not-installed'; + $new_action = 'install'; + $new_status_label = 'Not installed'; + $new_action_label = 'Install'; } } } @@ -327,7 +325,7 @@ public function install_plugin( $url ) { } $skin = new Klarna_Skin(); $installer = new Plugin_Upgrader( $skin ); - $result = $installer->install( $url ); + $result = $installer->install( $url ); // nosemgrep: URL already escape, and user is authorized. wp_cache_flush(); if ( is_wp_error( $result ) ) { diff --git a/classes/class-kco-credentials.php b/classes/class-kco-credentials.php index 315e104f..87cf001d 100644 --- a/classes/class-kco-credentials.php +++ b/classes/class-kco-credentials.php @@ -55,7 +55,7 @@ public function get_credentials_from_session() { $credentials = array( 'merchant_id' => $this->settings[ $test_string . 'merchant_id_' . $country_string ], - 'shared_secret' => htmlspecialchars_decode( $this->settings[ $test_string . 'shared_secret_' . $country_string ] ), + 'shared_secret' => htmlspecialchars_decode( $this->settings[ $test_string . 'shared_secret_' . $country_string ], ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401 ), ); return apply_filters( 'kco_wc_credentials_from_session', $credentials, $this->settings['testmode'] ); diff --git a/classes/class-kco-fields.php b/classes/class-kco-fields.php index 28e79760..af5adc98 100644 --- a/classes/class-kco-fields.php +++ b/classes/class-kco-fields.php @@ -358,7 +358,7 @@ public static function fields() { $settings = array_merge( array_slice( $settings, 0, $offset + 1, true ), array( 'checkout_flow' => $checkout_flow ), array_slice( $settings, $offset, null, true ) ); } else { $option = 'woocommerce_kco_settings'; - $stored_settings = get_option( $option ); + $stored_settings = get_option( $option, array() ); $stored_settings['checkout_flow'] = 'embedded'; update_option( $option, $stored_settings ); } diff --git a/includes/kco-functions.php b/includes/kco-functions.php index 57a02346..dd2026e5 100644 --- a/includes/kco-functions.php +++ b/includes/kco-functions.php @@ -97,6 +97,7 @@ function kco_wc_show_snippet( $pay_for_order = false ) { if ( isset( $klarna_order['html_snippet'] ) ) { do_action( 'kco_wc_show_snippet', $klarna_order ); + // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- We trust the HTML snippet. echo kco_extract_script( $klarna_order['html_snippet'] ); } }