Merge branch 'iss220' into 'master'
Sanitize names to avoid Formula Injections on CSV export (fix issue #220) See merge request !171
This commit is contained in:
commit
adcea7d04b
@ -179,6 +179,7 @@ class Utils {
|
|||||||
$escaped = str_replace('"', '""', $text);
|
$escaped = str_replace('"', '""', $text);
|
||||||
$escaped = str_replace("\r\n", '', $escaped);
|
$escaped = str_replace("\r\n", '', $escaped);
|
||||||
$escaped = str_replace("\n", '', $escaped);
|
$escaped = str_replace("\n", '', $escaped);
|
||||||
|
$escaped = preg_replace("/^(=|\+|\-|\@)/", "'$1", $escaped);
|
||||||
|
|
||||||
return '"' . $escaped . '"';
|
return '"' . $escaped . '"';
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user