Differences Between: [Versions 310 and 311] [Versions 310 and 400] [Versions 310 and 401]
1 <?php 2 3 namespace Box\Spout\Common\Helper\Escaper; 4 5 /** 6 * Class ODS 7 * Provides functions to escape and unescape data for ODS files 8 */ 9 class ODS implements EscaperInterface 10 { 11 /** 12 * Escapes the given string to make it compatible with XLSX 13 * 14 * @param string $string The string to escape 15 * @return string The escaped string 16 */ 17 public function escape($string) 18 { 19 // @NOTE: Using ENT_QUOTES as XML entities ('<', '>', '&') as well as 20 // single/double quotes (for XML attributes) need to be encoded. 21 if (defined('ENT_DISALLOWED')) { 22 // 'ENT_DISALLOWED' ensures that invalid characters in the given document type are replaced. 23 // Otherwise control characters like a vertical tab "\v" will make the XML document unreadable by the XML processor 24 // @link https://github.com/box/spout/issues/329 25 $replacedString = htmlspecialchars($string, ENT_QUOTES | ENT_DISALLOWED, 'UTF-8'); 26 } else { 27 // We are on hhvm or any other engine that does not support ENT_DISALLOWED. 28 $escapedString = htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); 29 30 // control characters values are from 0 to 1F (hex values) in the ASCII table 31 // some characters should not be escaped though: "\t", "\r" and "\n". 32 $regexPattern = '[\x00-\x08' . 33 // skipping "\t" (0x9) and "\n" (0xA) 34 '\x0B-\x0C' . 35 // skipping "\r" (0xD) 36 '\x0E-\x1F]'; 37 $replacedString = preg_replace("/$regexPattern/", '�', $escapedString); 38 } 39 40 return $replacedString; 41 } 42 43 /** 44 * Unescapes the given string to make it compatible with XLSX 45 * 46 * @param string $string The string to unescape 47 * @return string The unescaped string 48 */ 49 public function unescape($string) 50 { 51 // ============== 52 // = WARNING = 53 // ============== 54 // It is assumed that the given string has already had its XML entities decoded. 55 // This is true if the string is coming from a DOMNode (as DOMNode already decode XML entities on creation). 56 // Therefore there is no need to call "htmlspecialchars_decode()". 57 return $string; 58 } 59 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body