inthere/csv-security-formatter

Formatter for thephpleague/csv package to increase security for csv exports with user generated content

Wednesday, October 11, 2017
by InThere
Repository
4 Watchers
0 Stars
24 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
2 Versions
20 % Grown

csv-security-formatter

Formatter for league/csv package to increase security for csv exports with user generated content. For more information about the security risks of user generated content in csv exports, please read http://georgemauer.net/2017/10/07/csv-injection.html., _(*1)

Installation

You can install the package via composer:, _(*2)

composer require inthere/csv-security-formatter, _(*3)

Usage

Start the formatter. The formatter accept a boolean as parameter, provide false when you want to remove the formula instead of escaping., _(*4)

$csvSecurityFormatter = new \InThere\CsvSecurityFormatter\CsvSecurityFormatter();

Provide the formula to the writer., _(*5)

$writer = Writer::createFromFileObject(new SplTempFileObject());
$writer->addFormatter($csvSecurityFormatter);
$writer->insertOne(['=2*5', 'foo', 'bar']);

Create the csv., _(*6)

$writer->__toString();

Tests

$ vendor/bin/phpunit, _(*7)

Contributors

Contributions are welcome. We accept contributions via pull requests on Github., _(*8)

License

The MIT License (MIT). Please see the License File for more information., _(*9)

About InThere

InThere - "The training Through Gaming Company" - speeds up training your team and change processes by providing a micro-training concept based on serious games., _(*10)