Issues (29)

Security Analysis    no request data  

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Format.php (2 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
namespace Xls;
4
5
class Format
6
{
7
    const BORDER_NONE = 0;
8
    const BORDER_THIN = 1;
9
    const BORDER_THICK = 2;
10
11
    /**
12
     * The index given by the workbook when creating a new format.
13
     * @var integer
14
     */
15
    public $xfIndex;
16
17
    /**
18
     * An index (2 bytes) to a FORMAT record (number format).
19
     * @var integer
20
     */
21
    protected $numFormat = NumberFormat::TYPE_GENERAL;
22
23
    /**
24
     * number format index
25
     * @var integer
26
     */
27
    protected $numFormatIndex;
28
29
    /**
30
     * Bit specifying if formulas are hidden.
31
     * @var integer
32
     */
33
    public $hidden = 0;
34
35
    /**
36
     * Bit specifying if the cell is locked.
37
     * @var integer
38
     */
39
    public $locked = 0;
40
41
    /**
42
     * The three bits specifying the text horizontal alignment.
43
     * @var integer
44
     */
45
    public $textHorAlign = 0;
46
47
    /**
48
     * Bit specifying if the text is wrapped at the right border.
49
     * @var integer
50
     */
51
    public $textWrap = 0;
52
53
    /**
54
     * The three bits specifying the text vertical alignment.
55
     * @var integer
56
     */
57
    public $textVertAlign;
58
59
    /**
60
     * The two bits specifying the text rotation.
61
     * @var integer
62
     */
63
    public $rotation = 0;
64
65
    /**
66
     * The cell's foreground color.
67
     * @var integer
68
     */
69
    public $fgColor = 0x40;
70
71
    /**
72
     * The cell's background color.
73
     * @var integer
74
     */
75
    public $bgColor = 0x41;
76
77
    /**
78
     * The cell's background fill pattern.
79
     * @var integer
80
     */
81
    public $pattern = 0;
82
83
    public $diag = 0;
84
    public $diagColor = 0x40;
85
86
    protected $horAlignMap = array(
87
        'left' => 1,
88
        'centre' => 2,
89
        'center' => 2,
90
        'right' => 3,
91
        'fill' => 4,
92
        'justify' => 5,
93
        'merge' => 6,
94
        'equal_space' => 7
95
    );
96
97
    protected $vertAlignMap = array(
98
        'top' => 0,
99
        'vcentre' => 1,
100
        'vcenter' => 1,
101
        'center' => 1,
102
        'bottom' => 2,
103
        'vjustify' => 3,
104
        'justify' => 3,
105
        'vequal_space' => 4,
106
        'equal_space' => 4
107
    );
108
109
    protected $rotationMap = array(
110
        0 => 0,
111
        90 => 180,
112
        270 => 90,
113
        -1 => 255
114
    );
115
116
    protected $borders = array(
117
        'top' => array(
118
            'style' => self::BORDER_NONE,
119
            'color' => 0
120
        ),
121
        'right' => array(
122
            'style' => self::BORDER_NONE,
123
            'color' => 0
124
        ),
125
        'bottom' => array(
126
            'style' => self::BORDER_NONE,
127
            'color' => 0
128
        ),
129
        'left' => array(
130
            'style' => self::BORDER_NONE,
131
            'color' => 0
132
        )
133
    );
134
135
    /**
136
     * @var Font
137
     */
138
    protected $font;
139
140
    /**
141
     * @param integer $index the XF index for the format.
142
     * @param array $properties array with properties to be set on initialization.
143
     */
144
    public function __construct($index = 0, $properties = array())
145
    {
146
        $this->xfIndex = $index;
147
148
        $this->font = new Font();
149
150
        $this->setVAlign('bottom');
151
        $this->setProperties($properties);
152
    }
153
154
    /**
155
     * @param array $properties
156
     */
157
    protected function setProperties($properties)
158
    {
159
        foreach ($properties as $property => $value) {
160
            $this->setProperty($property, $value);
161
        }
162
    }
163
164
    /**
165
     * @param $property
166
     * @param $value
167
     */
168
    protected function setProperty($property, $value)
169
    {
170
        $propertyParts = explode('.', $property);
171
        if (count($propertyParts) === 2
172
            && $propertyParts[0] === 'font'
173
        ) {
174
            $object = $this->getFont();
175
            $property = $propertyParts[1];
176
        } else {
177
            $object = $this;
178
        }
179
180
        $methodName = 'set' . ucwords($property);
181
        if (method_exists($object, $methodName)) {
182
            $object->$methodName($value);
183
        }
184
    }
185
186
    /**
187
     * Generate an Excel BIFF XF record (style or cell).
188
     *
189
     * @param string $style The type of the XF record ('style' or 'cell').
190
     * @return string The XF record data
191
     */
192
    public function getXf($style)
193
    {
194
        $record = new Record\Xf();
195
        return $record->getData($this, $style);
196
    }
197
198
    /**
199
     * @return Font
200
     */
201
    public function getFont()
202
    {
203
        return $this->font;
204
    }
205
206
    /**
207
     * Generate an Excel BIFF FONT record.
208
     *
209
     * @return string The FONT record
210
     */
211
    public function getFontRecord()
212
    {
213
        $record = new Record\Font();
214
215
        return $record->getData($this->getFont());
216
    }
217
218
    /**
219
     * Returns the index used by Worksheet::xf()
220
     *
221
     * @return integer The index for the XF record
222
     */
223
    public function getXfIndex()
224
    {
225
        return $this->xfIndex;
226
    }
227
228
    /**
229
     * Set cell alignment.
230
     *
231
     * @param string $location alignment for the cell ('left', 'right', etc...).
232
     */
233
    public function setAlign($location)
234
    {
235
        $this->setHAlign($location);
236
        $this->setVAlign($location);
237
    }
238
239
    /**
240
     * Set cell horizontal alignment.
241
     *
242
     * @param string $location alignment for the cell ('left', 'right', etc...).
243
     */
244
    public function setHAlign($location)
245
    {
246
        $location = strtolower($location);
247
        if (isset($this->horAlignMap[$location])) {
248
            $this->textHorAlign = $this->horAlignMap[$location];
249
        }
250
    }
251
252
    /**
253
     * Set cell vertical alignment.
254
     *
255
     * @param string $location alignment for the cell ('top', 'vleft', 'vright', etc...).
256
     */
257
    public function setVAlign($location)
258
    {
259
        $location = strtolower($location);
260
        if (isset($this->vertAlignMap[$location])) {
261
            $this->textVertAlign = $this->vertAlignMap[$location];
262
        }
263
    }
264
265
    /**
266
     * Sets the style for the bottom border of the cell
267
     *
268
     * @param integer $style style of the cell border (BORDER_THIN or BORDER_THICK).
269
     * @param string|integer $color The color we are setting. Either a string (like 'blue'),
270
     *                     or an integer (range is [8...63]).
271
     */
272
    public function setBorderBottom($style, $color = 0x40)
273
    {
274
        $this->setBorderInternal('bottom', $style, $color);
275
    }
276
277
    /**
278
     * Sets the style for the top border of the cell
279
     *
280
     * @param integer $style style of the cell top border (BORDER_THIN or BORDER_THICK).
281
     * @param string|integer $color The color we are setting. Either a string (like 'blue'),
282
     *                     or an integer (range is [8...63]).
283
     */
284
    public function setBorderTop($style, $color = 0x40)
285
    {
286
        $this->setBorderInternal('top', $style, $color);
287
    }
288
289
    /**
290
     * Sets the style for the left border of the cell
291
     *
292
     * @param integer $style style of the cell left border (BORDER_THIN or BORDER_THICK).
293
     * @param string|integer $color The color we are setting. Either a string (like 'blue'),
294
     *                     or an integer (range is [8...63]).
295
     */
296
    public function setBorderLeft($style, $color = 0x40)
297
    {
298
        $this->setBorderInternal('left', $style, $color);
299
    }
300
301
    /**
302
     * Sets the style for the right border of the cell
303
     *
304
     * @param integer $style style of the cell right border (BORDER_THIN or BORDER_THICK).
305
     * @param string|integer $color The color we are setting. Either a string (like 'blue'),
306
     *                     or an integer (range is [8...63]).
307
     */
308
    public function setBorderRight($style, $color = 0x40)
309
    {
310
        $this->setBorderInternal('right', $style, $color);
311
    }
312
313
    /**
314
     * Set cells borders to the same style
315
     *
316
     * @param integer $style style to apply for all cell borders (BORDER_THIN or BORDER_THICK).
317
     * @param string|integer $color The color we are setting. Either a string (like 'blue'),
318
     *                     or an integer (range is [8...63]).
319
     */
320
    public function setBorder($style, $color = 0x40)
321
    {
322
        $this->setBorderBottom($style, $color);
323
        $this->setBorderTop($style, $color);
324
        $this->setBorderLeft($style, $color);
325
        $this->setBorderRight($style, $color);
326
    }
327
328
    /**
329
     * Sets the style for the bottom border of the cell
330
     * @param string $side
331
     * @param integer $style style of the cell border (BORDER_THIN or BORDER_THICK).
332
     * @param string|integer $color The color we are setting. Either a string (like 'blue'),
333
     *                     or an integer (range is [8...63]).
334
     */
335
    protected function setBorderInternal($side, $style, $color = 0x40)
336
    {
337
        $this->borders[$side]['style'] = $style;
338
339
        if (!is_null($color)) {
340
            $this->borders[$side]['color'] = Palette::getColor($color);
341
        }
342
    }
343
344
    /**
345
     * @param $side
346
     *
347
     * @return integer|null
348
     */
349
    public function getBorderStyle($side)
350
    {
351
        return (isset($this->borders[$side])) ? $this->borders[$side]['style'] : null;
352
    }
353
354
    /**
355
     * @param $side
356
     *
357
     * @return integer|null
358
     */
359
    public function getBorderColor($side)
360
    {
361
        return (isset($this->borders[$side])) ? $this->borders[$side]['color'] : null;
362
    }
363
364
    /**
365
     * Sets the cell's foreground color
366
     *
367
     * @param string|integer $color either a string (like 'blue'), or an integer (range is [8...63]).
368
     */
369 View Code Duplication
    public function setFgColor($color)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
370
    {
371
        $this->fgColor = Palette::getColor($color);
372
        if ($this->pattern == Fill::PATTERN_NONE) {
373
            $this->setPattern(Fill::PATTERN_SOLID);
374
        }
375
    }
376
377
    /**
378
     * Sets the cell's background color
379
     *
380
     * @param string|integer $color either a string (like 'blue'), or an integer (range is [8...63]).
381
     */
382 View Code Duplication
    public function setBgColor($color)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
383
    {
384
        $this->bgColor = Palette::getColor($color);
385
        if ($this->pattern == Fill::PATTERN_NONE) {
386
            $this->setPattern(Fill::PATTERN_SOLID);
387
        }
388
    }
389
390
    /**
391
     * Sets the fill pattern attribute of a cell
392
     *
393
     * @param integer $pattern Optional. Defaults to 1. Meaningful values are: 0-18,
394
     *                     0 meaning no background.
395
     */
396
    public function setPattern($pattern = Fill::PATTERN_SOLID)
397
    {
398
        $this->pattern = $pattern;
399
    }
400
401
    /**
402
     * Sets text wrapping
403
     *
404
     */
405
    public function setTextWrap()
406
    {
407
        $this->textWrap = 1;
408
    }
409
410
    /**
411
     * Sets the orientation of the text
412
     *
413
     * @param integer $angle The rotation angle for the text (clockwise). Possible
414
     * values are: 0, 90, 270 and -1 for stacking top-to-bottom.
415
     * @throws \Exception
416
     */
417
    public function setTextRotation($angle)
418
    {
419
        if (!isset($this->rotationMap[$angle])) {
420
            throw new \Exception(
421
                "Invalid value for angle." .
422
                " Possible values are: 0, 90, 270 and -1 " .
423
                "for stacking top-to-bottom."
424
            );
425
        }
426
427
        $this->rotation = $this->rotationMap[$angle];
428
    }
429
430
    /**
431
     * Locks a cell.
432
     */
433
    public function setLocked()
434
    {
435
        $this->locked = 1;
436
    }
437
438
    /**
439
     * Unlocks a cell. Useful for unprotecting particular cells of a protected sheet.
440
     */
441
    public function setUnLocked()
442
    {
443
        $this->locked = 0;
444
    }
445
446
    /**
447
     * @return int
448
     */
449
    public function getNumFormat()
450
    {
451
        return $this->numFormat;
452
    }
453
454
    /**
455
     * Sets the numeric format.
456
     * It can be date, time, currency, etc...
457
     *
458
     * @param integer $numFormat The numeric format.
459
     */
460
    public function setNumFormat($numFormat)
461
    {
462
        $this->numFormat = $numFormat;
463
    }
464
465
    /**
466
     * @return int
467
     */
468
    public function getNumFormatIndex()
469
    {
470
        return $this->numFormatIndex;
471
    }
472
473
    /**
474
     * @param int $numFormatIndex
475
     */
476
    public function setNumFormatIndex($numFormatIndex)
477
    {
478
        $this->numFormatIndex = $numFormatIndex;
479
    }
480
}
481