service.php
128 lines
| 1 | <?php |
| 2 | |
| 3 | |
| 4 | namespace JFB_Components\Export\Csv; |
| 5 | |
| 6 | use Jet_Form_Builder\Classes\Tools; |
| 7 | use JFB_Components\Export\Interfaces\Base_Export_It; |
| 8 | |
| 9 | // If this file is called directly, abort. |
| 10 | if ( ! defined( 'WPINC' ) ) { |
| 11 | die; |
| 12 | } |
| 13 | |
| 14 | class Service implements Base_Export_It { |
| 15 | |
| 16 | /** |
| 17 | * Add BOM to fix UTF-8 in Excel |
| 18 | * |
| 19 | * @see https://www.php.net/manual/en/function.fputcsv.php#118252 |
| 20 | */ |
| 21 | const UTF8_BOM = "\xEF\xBB\xBF"; |
| 22 | |
| 23 | /** |
| 24 | * @see https://owasp.org/www-community/attacks/CSV_Injection |
| 25 | */ |
| 26 | const FORMULAS_START_CHARACTERS = array( |
| 27 | '=', |
| 28 | '-', |
| 29 | '+', |
| 30 | '@', |
| 31 | "\t", |
| 32 | "\r", |
| 33 | ); |
| 34 | |
| 35 | private $file; |
| 36 | private $file_name; |
| 37 | private $separator = ','; |
| 38 | private $enclosure = '"'; |
| 39 | |
| 40 | public function open() { |
| 41 | if ( false === strpos( ini_get( 'disable_functions' ), 'set_time_limit' ) ) { |
| 42 | set_time_limit( 0 ); |
| 43 | } |
| 44 | ignore_user_abort( true ); |
| 45 | |
| 46 | // phpcs:disable WordPress.PHP |
| 47 | @session_write_close(); |
| 48 | @ini_set( 'zlib.output_compression', 'Off' ); |
| 49 | |
| 50 | if ( function_exists( 'apache_setenv' ) ) { |
| 51 | $variable = 'no-gzip'; |
| 52 | $value = 1; |
| 53 | @apache_setenv( $variable, $value ); |
| 54 | } |
| 55 | nocache_headers(); |
| 56 | |
| 57 | header( 'Robots: none' ); |
| 58 | header( 'Content-Type: text/csv; charset=utf-8' ); |
| 59 | header( 'Content-Description: File Transfer' ); |
| 60 | header( 'Content-Disposition: attachment; filename="' . $this->file_name . '";' ); |
| 61 | header( 'Content-Transfer-Encoding: binary' ); |
| 62 | |
| 63 | // phpcs:enable WordPress.PHP |
| 64 | } |
| 65 | |
| 66 | protected function get_file() { |
| 67 | if ( ! is_null( $this->file ) ) { |
| 68 | return $this->file; |
| 69 | } |
| 70 | |
| 71 | $this->file = fopen( 'php://output', 'w' ); |
| 72 | |
| 73 | // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_fputs |
| 74 | fputs( $this->file, self::UTF8_BOM ); |
| 75 | |
| 76 | return $this->file; |
| 77 | } |
| 78 | |
| 79 | public function add_row( array $row ) { |
| 80 | $this->flatten( $row ); |
| 81 | |
| 82 | fputcsv( $this->get_file(), $row, $this->separator, $this->enclosure ); |
| 83 | } |
| 84 | |
| 85 | private function flatten( array &$row ) { |
| 86 | foreach ( $row as $key => &$value ) { |
| 87 | if ( ! is_string( $value ) ) { |
| 88 | $value = Tools::to_string( $value ); |
| 89 | } |
| 90 | |
| 91 | if ( in_array( |
| 92 | substr( $value, 0, 1 ), |
| 93 | self::FORMULAS_START_CHARACTERS, |
| 94 | true |
| 95 | ) ) { |
| 96 | $value = "'" . $value; |
| 97 | } |
| 98 | } |
| 99 | } |
| 100 | |
| 101 | public function close() { |
| 102 | // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_fclose |
| 103 | fclose( $this->get_file() ); |
| 104 | } |
| 105 | |
| 106 | public function set_title( string $title ) { |
| 107 | $this->file_name = sanitize_title( $title ) . '.csv'; |
| 108 | } |
| 109 | |
| 110 | public function get_title(): string { |
| 111 | return $this->file_name; |
| 112 | } |
| 113 | |
| 114 | /** |
| 115 | * @param string $separator |
| 116 | */ |
| 117 | public function set_separator( string $separator ) { |
| 118 | $this->separator = $separator; |
| 119 | } |
| 120 | |
| 121 | /** |
| 122 | * @param string $enclosure |
| 123 | */ |
| 124 | public function set_enclosure( string $enclosure ) { |
| 125 | $this->enclosure = $enclosure; |
| 126 | } |
| 127 | } |
| 128 |