From 55879af793cb18e0763caa54376f42832806a379 Mon Sep 17 00:00:00 2001
From: Remco Tolsma <869674+remcotolsma@users.noreply.github.com>
Date: Wed, 11 Oct 2023 11:56:37 +0200
Subject: [PATCH] No longer user `Server::get` method, will be removed.

---
 src/Gateway.php | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/Gateway.php b/src/Gateway.php
index 9d8daf2..3905ac0 100644
--- a/src/Gateway.php
+++ b/src/Gateway.php
@@ -244,9 +244,20 @@ public function start( Payment $payment ) {
 		$merchant->close_window     = 'false';
 
 		// Customer.
-		$customer               = new Customer();
-		$customer->ip_address   = Server::get( 'REMOTE_ADDR', FILTER_VALIDATE_IP );
-		$customer->forwarded_ip = Server::get( 'HTTP_X_FORWARDED_FOR', FILTER_VALIDATE_IP );
+		$customer = new Customer();
+
+		// phpcs:disable WordPressVIPMinimum.Variables.ServerVariables.UserControlledHeaders -- No problem, this is up to MultiSafepay.
+
+		if ( \array_key_exists( 'REMOTE_ADDR', $_SERVER ) ) {
+			// phpcs:ignore WordPressVIPMinimum.Variables.RestrictedVariables.cache_constraints___SERVER__REMOTE_ADDR__
+			$customer->ip_address = \sanitize_text_field( $_SERVER['REMOTE_ADDR'] );
+		}
+
+		if ( \array_key_exists( 'HTTP_X_FORWARDED_FOR', $_SERVER ) ) {
+			$customer->forwarded_ip = \sanitize_text_field( $_SERVER['HTTP_X_FORWARDED_FOR'] );
+		}
+
+		// phpcs:enable WordPressVIPMinimum.Variables.ServerVariables.UserControlledHeaders
 
 		if ( null !== $payment->get_customer() ) {
 			$name = $payment->get_customer()->get_name();