mirror of
https://github.com/snipe/snipe-it.git
synced 2025-02-21 03:15:45 -08:00
Made a conditional escape according to .env
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe
parent
bae200edd7
commit
5a7e35c0e8
|
|
@ -173,3 +173,4 @@ IMPORT_MEMORY_LIMIT=500M
|
||||||
REPORT_TIME_LIMIT=12000
|
REPORT_TIME_LIMIT=12000
|
||||||
REQUIRE_SAML=false
|
REQUIRE_SAML=false
|
||||||
API_THROTTLE_PER_MINUTE=120
|
API_THROTTLE_PER_MINUTE=120
|
||||||
|
CSV_ESCAPE_FORMULAS=true
|
||||||
|
|
|
||||||
|
|
@ -411,6 +411,7 @@ class ReportsController extends Controller
|
||||||
$customfields = CustomField::get();
|
$customfields = CustomField::get();
|
||||||
$response = new StreamedResponse(function () use ($customfields, $request) {
|
$response = new StreamedResponse(function () use ($customfields, $request) {
|
||||||
\Log::debug('Starting streamed response');
|
\Log::debug('Starting streamed response');
|
||||||
|
\Log::debug('CSV escaping is set to: '.config('app.escape_formulas'));
|
||||||
|
|
||||||
// Open output stream
|
// Open output stream
|
||||||
$handle = fopen('php://output', 'w');
|
$handle = fopen('php://output', 'w');
|
||||||
|
|
@ -858,7 +859,17 @@ class ReportsController extends Controller
|
||||||
$row[] = $asset->$column_name;
|
$row[] = $asset->$column_name;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
fputcsv($handle, $formatter->escapeRecord($row));
|
|
||||||
|
|
||||||
|
// CSV_ESCAPE_FORMULAS is set to false in the .env
|
||||||
|
if (config('app.escape_formulas') === false) {
|
||||||
|
fputcsv($handle, $row);
|
||||||
|
|
||||||
|
// CSV_ESCAPE_FORMULAS is set to true or is not set in the .env
|
||||||
|
} else {
|
||||||
|
fputcsv($handle, $formatter->escapeRecord($row));
|
||||||
|
}
|
||||||
|
|
||||||
$executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
|
$executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
|
||||||
\Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
|
\Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -394,7 +394,7 @@ return [
|
||||||
'allow_purge' => env('ALLOW_DATA_PURGE', false),
|
'allow_purge' => env('ALLOW_DATA_PURGE', false),
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
| Allow Backup Deletion
|
| Allow Backup Deletion
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
@ -405,4 +405,20 @@ return [
|
||||||
|
|
||||||
'allow_backup_delete' => env('ALLOW_BACKUP_DELETE', false),
|
'allow_backup_delete' => env('ALLOW_BACKUP_DELETE', false),
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| Escape Excel formulas in CSV exports
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| This determins whether or not we should escape Excel formulas in CSV exports.
|
||||||
|
| This can be UNSAFE in untrusted environments, and therefore defaults to true
|
||||||
|
| so that Excel forumals WILL be escaped in CSV exports, however if your workflow
|
||||||
|
| is designed around using formulas in your fields, you
|
||||||
|
| you can set CSV_ESCAPE_FORMULAS to 'false' in your .env.
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
'escape_formulas' => env('CSV_ESCAPE_FORMULAS', true),
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue