Enforce renderable interface for security.

app/src/lib/Cart.php

@@ -2,7 +2,10 @@
 
 namespace App;
 
-final class Cart {
+require_once __DIR__ . '/Interfaces/PublicRenderable.php';
+use App\Interfaces\PublicRenderable;
+
+final class Cart implements PublicRenderable {
 	public array $items;
 	public array $coupons;
 	public array $fees;
@@ -11,4 +14,22 @@ final class Cart {
 	public array $billing_address;
 	public bool $needs_shipping;
 	public bool $needs_payment;
+
+	public function to_public_array(): array {
+		return array(
+			'items' => array_map(
+				function ( $item ) {
+					return $item->to_public_array();
+				},
+				$this->items ?? array()
+			),
+			'coupons'          => $this->coupons ?? array(),
+			'fees'             => $this->fees ?? array(),
+			'totals'           => $this->totals ?? array(),
+			'shipping_address' => $this->shipping_address ?? array(),
+			'billing_address'  => $this->billing_address ?? array(),
+			'needs_shipping'   => $this->needs_shipping ?? false,
+			'needs_payment'    => $this->needs_payment ?? false,
+		);
+	}
 }

app/src/lib/CartItem.php

@@ -2,7 +2,10 @@
 
 namespace App;
 
-final class CartItem {
+require_once __DIR__ . '/Interfaces/PublicRenderable.php';
+use App\Interfaces\PublicRenderable;
+
+final class CartItem implements PublicRenderable {
 	public string $key;
 	public int $id;
 	public string $type;
@@ -21,4 +24,26 @@ final class CartItem {
 	public array $item_data;
 	public array $prices;
 	public array $totals;
+
+	public function to_public_array(): array {
+		return array(
+			'key'                 => $this->key,
+			'id'                  => $this->id,
+			'type'                => $this->type,
+			'quantity'            => $this->quantity,
+			'quantity_limits'     => $this->quantity_limits ?? array(),
+			'name'                => $this->name,
+			'short_description'   => $this->short_description,
+			'description'         => $this->description,
+			'sku'                 => $this->sku,
+			'backorders_allowed'  => $this->backorders_allowed,
+			'show_backorder_badge' => $this->show_backorder_badge,
+			'sold_individually'   => $this->sold_individually,
+			'images'              => $this->images,
+			'variation'           => $this->variation ?? array(),
+			'item_data'           => $this->item_data ?? array(),
+			'prices'              => $this->prices,
+			'totals'              => $this->totals,
+		);
+	}
 }

app/src/lib/HotStore/ProductHotStore.php

@@ -17,6 +17,9 @@ private static function zkey(): string {
 	public static function fetch( array $product_ids ): array {
 		global $redis;
 		$serialized_products = $redis->hMGet( self::hkey(), $product_ids );
+		if ( ! $serialized_products ) {
+			return array();
+		}
 		$products            = array();
 		foreach ( $serialized_products as $id => $product ) {
 			if ( ! $product ) {

app/src/lib/Interfaces/PublicRenderable.php

@@ -0,0 +1,6 @@
+<?php
+namespace App\Interfaces;
+
+interface PublicRenderable {
+	public function to_public_array(): array;
+}

app/src/store/cart-functions.php

@@ -152,6 +152,8 @@ function validate_cart_items( Cart $cart ): array {
 		$cart_item_subtotal = $cart_item->prices['price'] * $cart_item->quantity;
 		$cart_item_total	= $cart_item_subtotal;
 
+		$cart_item->key = $id;
+		$cart_item->type = $product->type;
 		$cart_item->name = $product->name;
 		$cart_item->short_description = $product->short_description;
 		$cart_item->description = $product->description;
@@ -219,5 +221,5 @@ function is_read_request(): bool {
 
 function render_cart( Cart $cart ): void {
 	header( 'Content-Type: application/json' );
-	print_r( json_encode( $cart ) );
+	print_r( json_encode( $cart->to_public_array() ) );
 }