Commit Graph

2309 Commits

Author SHA1 Message Date
MarkBaker cd60531c44 Improvements to the design of the XML Security Scanner 2018-11-25 18:40:15 +01:00
MarkBaker b6a73aec56 Improvements to the design of the XML Security Scanner 2018-11-25 18:39:05 +01:00
MarkBaker 3abb7ccb35 CS Complaining about not uisng $this->assertInternalType('object', $scanner); 2018-11-25 14:41:11 +01:00
MarkBaker 14159d985c Coding standards 2018-11-25 14:33:01 +01:00
MarkBaker c1d0784ad7 Namespace security scanner in Html Reader 2018-11-25 14:18:09 +01:00
MarkBaker 41bcf9a21c Support for additional callback in XML Security Scanner 2018-11-25 14:00:35 +01:00
MarkBaker c708411529 Refactor scanner into base reader class 2018-11-25 12:14:54 +01:00
MarkBaker aba41f6495 Yet more Coding standards fixes 2018-11-23 23:27:19 +01:00
MarkBaker 6d3d44359d Coding standards 2018-11-23 23:18:49 +01:00
MarkBaker abad49d426 Use factory for XMLcanner 2018-11-23 23:05:17 +01:00
MarkBaker dff1151369 Merge branch 'develop' into xxe 2018-11-23 19:40:50 +01:00
MarkBaker f5d1f03e94 Update Changelog 2018-11-20 20:57:38 +01:00
MarkBaker 7f46932b2f Update Changelog 2018-11-20 20:51:42 +01:00
Mark Baker 0f8f071e24
WIP: Xxe (#780)
Changes to the xml security scanner to use libxml_disable_entity_loader() when cleanly supported and thread-safe, and to handle UTF-7 charset which otherwise permits an XXE exploit
2018-11-20 20:39:13 +01:00
MarkBaker 9c1a201ace Fix docblock typo 2018-11-20 19:51:09 +01:00
MarkBaker f02898e14d Don't rely purely on libxml_disable_entity_loader() 2018-11-20 18:40:09 +01:00
MarkBaker 1f4cb1f19a Corrections to XmlScanner version check logic, and (hopefully) fix the lock issue 2018-11-20 18:24:53 +01:00
Adrien Crivelli e4be53888f
Update src/PhpSpreadsheet/Reader/Security/XmlScanner.php
Co-Authored-By: MarkBaker <mark@lange.demon.co.uk>
2018-11-20 11:46:09 +01:00
Adrien Crivelli 7f4a6e37b1
Update src/PhpSpreadsheet/Reader/Security/XmlScanner.php
Co-Authored-By: MarkBaker <mark@lange.demon.co.uk>
2018-11-20 11:46:01 +01:00
MarkBaker 5854ce3738 phpcs cleanup 2018-11-20 08:18:35 +01:00
MarkBaker 0a9e15ca69 srsly?!? phpcs is enforcing alphabetic order of use clauses now? 2018-11-19 23:42:05 +01:00
MarkBaker 7a06d71e1c Add UTF-7 XXE Unit test data 2018-11-19 23:22:59 +01:00
MarkBaker a4d97ba896 Clean handle charset in XXE scanner 2018-11-19 22:47:34 +01:00
Guillaume RODRIGUEZ 3bea6f516b
Fix index overflow on data values array
Fix index overflow on data values array for multi level detection.

Fixes #747
Fixes #748
2018-11-11 21:43:44 +11:00
Adrien Crivelli e4ffeb4f0f
Move feature in correct section 2018-11-11 21:39:19 +11:00
Albert Scherman 31e25ad14b
Support page margin in mPDF
Fixes #750
Fixes #751
2018-11-11 21:30:00 +11:00
Gabriel Caruso f42adb0daf Simplify some conditions and ternary expressions 2018-11-11 18:25:51 +11:00
Adrien Crivelli 2fce5c4706
Update PHP dependencies to fix security issues
This fix CVE-2013-5958 and also
1861e33fe0
2018-11-11 18:21:31 +11:00
Gabriel Caruso b3877e59e4 Use dedicated PHPUnit assertions 2018-11-11 18:06:35 +11:00
Danielle McLean 6703624223
Write generated HTML into Mpdf in chunks, rather than as one gigantic string
Due to a limitation in Mpdf, the HTML string passed to its WriteHTML method
must not exceed a particular length. PhpSpreadsheet produces one HTML string
containing all spreadsheet data when writing to HTML, which can easily exceed
Mpdf's size limit. Thus, it was impossible to write large spreadsheets to PDF
using the Mpdf writer - this change fixes that issue.

Fixes #637
Fixes #706
2018-11-03 18:37:47 +11:00
Milan Davídek 3be06a5e87
Support overriding `DefaultValueBinder::dataTypeForValue()`
This allow to avoid overriding `DefaultValueBinder::bindValue()`

Fixes #735
2018-11-03 17:25:43 +11:00
Guillaume RODRIGUEZ fdc224af7c
Fix print area parser for XLSX reader
XLSX workbook references may not contains quotes in print area

Fixes #733
Fixes #734
2018-10-28 14:37:05 +11:00
Laurent 79d86ef5cc
Csv reader avoid notice when the file is empty
Fixes #337
2018-10-28 14:16:53 +11:00
Adrien Crivelli 4e8e0dc01b
Fix Countable Int (bis) 2018-10-28 14:06:50 +11:00
Jean-Baptiste Noblot 6088f545b6 Add declaration of undefined variable 2018-10-28 14:03:24 +11:00
Jean-Baptiste Noblot 58268fe9b5 Fix Countable Int 2018-10-28 14:03:24 +11:00
Jon Dufresne 5b3870c508
Prefer https:// URLs when available in docs & comments
Fixes #737
2018-10-28 13:55:00 +11:00
marcusblevin 98d10475f2
SUMIFS sum values only once
Values were summed multiple times if it matched several conditions
whereas it should only be summed once.

Fixes #704
Fixes #710
2018-10-28 13:09:08 +11:00
Sreten Ilić ed6a3a0148
Support numeric condition in SUMIF, SUMIFS, AVERAGEIF, COUNTIF, MAXIF and MINIF
Fixes #683
Fixes #701
2018-10-28 12:47:53 +11:00
MarkBaker 90bb4df777 Tweaks to composer to support version compatibility check and credit Adrien in the authors list (long overdue) 2018-10-21 14:56:23 +02:00
Adrien Crivelli 2dfd06c598
1.5.0 2018-10-21 21:04:54 +11:00
Jon Dufresne f5c800c360 Correct typo: "they are" -> "there are" (#725) 2018-10-21 18:28:39 +11:00
Paul Barton 813855b2b2
Fix CSV delimiter detection on line breaks
The CSV Reader can now correctly ignore line breaks inside
enclosures which allows it to determine the delimiter
correctly.

Fixes #716
Fixes #717
2018-10-21 18:23:55 +11:00
Adrien Crivelli 54efe8824e
Fix unit tests 2018-10-21 17:55:31 +11:00
Adrien Crivelli 09eb05f367
OFFSET should allow omitted height and width
Commit 8dddf56 inadvertently removed the ability to omit the width
and height arguments to the OFFSET function. And #REF! is returned
because the function is validating that the new $pCell argument
is present. It is present, but it has been passed in the $height position.

We fixed this by always passing $pCell at the last position and filling
missing arguments with NULL values.

Fixes #561
Fixes #565
2018-10-21 17:45:02 +11:00
Adrien Crivelli 7b362bd9de
Move PHP-CS-Fixer cache file out of the project to avoid IDE annoyance 2018-10-21 15:34:33 +11:00
Biser Antonov 2c981e47a1
Added the DAYS() function
https://support.office.com/en-us/article/days-function-57740535-d549-4395-8728-0f07bff0b9df
2018-10-21 15:26:46 +11:00
MarkBaker a1e8c843b7 Moved codestyle, coverage and API documentation checks to PHP run against 7.2 2018-10-14 17:39:08 +01:00
MarkBaker 0ef1b55106 Need to version compare against PHP 7.2.99 for PHP 7.3.0 release candidates 2018-10-14 16:35:38 +01:00
MarkBaker 874467d7c1 DomPDF doesn't yet support PHP 7.3.0, so suppress tests for that combination of version and library dependency 2018-10-14 16:21:40 +01:00