Documentation

EscapeFormula
in package

A Formatter to tackle CSV Formula Injection.

Tags
see
http://georgemauer.net/2017/10/07/csv-injection.html

Table of Contents

Constants

FORMULA_STARTING_CHARS  = ['=', '-', '+', '@', "\t", "\r"]
Spreadsheet formula starting character.

Properties

$escape  : string
$special_chars  : array<string|int, mixed>
Effective Spreadsheet formula starting characters.

Methods

__construct()  : mixed
__invoke()  : array<string|int, mixed>
escapeRecord()  : array<string|int, mixed>
Escapes a CSV record.
getEscape()  : string
Returns the escape character.
getSpecialCharacters()  : array<string|int, string>
Returns the list of character the instance will escape.
unescapeRecord()  : array<string|int, mixed>
escapeField()  : mixed
Escapes a CSV cell if its content is stringable.
filterSpecialCharacters()  : array<string|int, string>
Filter submitted special characters.
isStringable()  : bool
unescapeField()  : mixed

Constants

FORMULA_STARTING_CHARS

Spreadsheet formula starting character.

public mixed FORMULA_STARTING_CHARS = ['=', '-', '+', '@', "\t", "\r"]

Properties

$special_chars

Effective Spreadsheet formula starting characters.

protected array<string|int, mixed> $special_chars = []

Methods

__construct()

public __construct([string $escape = "'" ][, array<string|int, string> $special_chars = [] ]) : mixed
Parameters
$escape : string = "'"

escape character to escape each CSV formula field

$special_chars : array<string|int, string> = []

additional spreadsheet formula starting characters

__invoke()

public __invoke(array<string|int, mixed> $record) : array<string|int, mixed>

since 9.11.0 will be removed in the next major release

use League\Csv\EscapeFormula::escapeRecord() instead

Parameters
$record : array<string|int, mixed>
Tags
codeCoverageIgnore

League CSV formatter hook.

see
escapeRecord
Return values
array<string|int, mixed>

escapeRecord()

Escapes a CSV record.

public escapeRecord(array<string|int, mixed> $record) : array<string|int, mixed>
Parameters
$record : array<string|int, mixed>
Return values
array<string|int, mixed>

getEscape()

Returns the escape character.

public getEscape() : string
Return values
string

getSpecialCharacters()

Returns the list of character the instance will escape.

public getSpecialCharacters() : array<string|int, string>
Return values
array<string|int, string>

unescapeRecord()

public unescapeRecord(array<string|int, mixed> $record) : array<string|int, mixed>
Parameters
$record : array<string|int, mixed>
Return values
array<string|int, mixed>

escapeField()

Escapes a CSV cell if its content is stringable.

protected escapeField(mixed $cell) : mixed
Parameters
$cell : mixed

filterSpecialCharacters()

Filter submitted special characters.

protected filterSpecialCharacters(string ...$characters) : array<string|int, string>
Parameters
$characters : string
Tags
throws
InvalidArgumentException

if the string is not a single character

Return values
array<string|int, string>

isStringable()

protected isStringable(mixed $value) : bool

since 9.7.2 will be removed in the next major release

Parameters
$value : mixed

value to check if it is stringable

Tags
codeCoverageIgnore

Tells whether the submitted value is stringable.

Return values
bool

unescapeField()

protected unescapeField(mixed $cell) : mixed
Parameters
$cell : mixed

        
On this page

Search results