BaseReader::securityScanFile() - Code Metrics - Inspection of "Remove non-obvious BaseReader's dependency" - PHPOffice/PhpSpreadsheet - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( 8c5838...f74fde )

by Adrien

created 2016-11-27 05:31 UTC

BaseReader::securityScanFile() A

↳ Parent: BaseReader

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
cc	1
eloc	2
nc	1
nop	1
dl	0
loc	4
rs	10
c	0
b	0
f	0
ccs	2
cts	2
cp	1
crap	1

<?php

namespace PhpOffice\PhpSpreadsheet\Reader;

/**
 * Copyright (c) 2006 - 2016 PhpSpreadsheet
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 *
 * @category   PhpSpreadsheet
 * @copyright  Copyright (c) 2006 - 2016 PhpSpreadsheet (https://github.com/PHPOffice/PhpSpreadsheet)
 * @license    http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt    LGPL
 * @version    ##VERSION##, ##DATE##
 */
abstract class BaseReader implements IReader
{
    /**
     * Read data only?
     * Identifies whether the Reader should only read data values for cells, and ignore any formatting information;
     *        or whether it should read both data and formatting
     *
     * @var    bool
     */
    protected $readDataOnly = false;

    /**
     * Read empty cells?
     * Identifies whether the Reader should read data values for cells all cells, or should ignore cells containing
     *         null value or empty string
     *
     * @var    bool
     */
    protected $readEmptyCells = true;

    /**
     * Read charts that are defined in the workbook?
     * Identifies whether the Reader should read the definitions for any charts that exist in the workbook;
     *
     * @var    bool
     */
    protected $includeCharts = false;

    /**
     * Restrict which sheets should be loaded?
     * This property holds an array of worksheet names to be loaded. If null, then all worksheets will be loaded.
     *
     * @var array of string
     */
    protected $loadSheetsOnly;

    /**
     * IReadFilter instance
     *
     * @var IReadFilter
     */
    protected $readFilter;

    protected $fileHandle = null;

    /**
     * Read data only?
     *        If this is true, then the Reader will only read data values for cells, it will not read any formatting information.
     *        If false (the default) it will read data and formatting.
     *
     * @return    bool
     */
    public function getReadDataOnly()
    {
        return $this->readDataOnly;
    }

    /**
     * Set read data only
     *        Set to true, to advise the Reader only to read data values for cells, and to ignore any formatting information.
     *        Set to false (the default) to advise the Reader to read both data and formatting for cells.
     *
     * @param    bool    $pValue
     *
     * @return    IReader
     */
    public function setReadDataOnly($pValue = false)
    {
        $this->readDataOnly = (boolean) $pValue;

        return $this;
    }

    /**
     * Read empty cells?
     *        If this is true (the default), then the Reader will read data values for all cells, irrespective of value.
     *        If false it will not read data for cells containing a null value or an empty string.
     *
     * @return    bool
     */
    public function getReadEmptyCells()
    {
        return $this->readEmptyCells;
    }

    /**
     * Set read empty cells
     *        Set to true (the default) to advise the Reader read data values for all cells, irrespective of value.
     *        Set to false to advise the Reader to ignore cells containing a null value or an empty string.
     *
     * @param    bool    $pValue
     *
     * @return    IReader
     */
    public function setReadEmptyCells($pValue = true)
    {
        $this->readEmptyCells = (boolean) $pValue;

        return $this;
    }

    /**
     * Read charts in workbook?
     *        If this is true, then the Reader will include any charts that exist in the workbook.
     *      Note that a ReadDataOnly value of false overrides, and charts won't be read regardless of the IncludeCharts value.
     *        If false (the default) it will ignore any charts defined in the workbook file.
     *
     * @return    bool
     */
    public function getIncludeCharts()
    {
        return $this->includeCharts;
    }

    /**
     * Set read charts in workbook
     *        Set to true, to advise the Reader to include any charts that exist in the workbook.
     *      Note that a ReadDataOnly value of false overrides, and charts won't be read regardless of the IncludeCharts value.
     *        Set to false (the default) to discard charts.
     *
     * @param    bool    $pValue
     *
     * @return    IReader
     */
    public function setIncludeCharts($pValue = false)
    {
        $this->includeCharts = (boolean) $pValue;

        return $this;
    }

    /**
     * Get which sheets to load
     * Returns either an array of worksheet names (the list of worksheets that should be loaded), or a null
     *        indicating that all worksheets in the workbook should be loaded.
     *
     * @return mixed
     */
    public function getLoadSheetsOnly()
    {
        return $this->loadSheetsOnly;
    }

    /**
     * Set which sheets to load
     *
     * @param mixed $value
     *        This should be either an array of worksheet names to be loaded, or a string containing a single worksheet name.
     *        If NULL, then it tells the Reader to read all worksheets in the workbook
     *
     * @return IReader
     */
    public function setLoadSheetsOnly($value = null)
    {
        if ($value === null) {
            return $this->setLoadAllSheets();
        }

        $this->loadSheetsOnly = is_array($value) ? $value : [$value];

        return $this;
    }

    /**
     * Set all sheets to load
     *        Tells the Reader to load all worksheets from the workbook.
     *
     * @return IReader
     */
    public function setLoadAllSheets()
    {
        $this->loadSheetsOnly = null;


        return $this;
    }

    /**
     * Read filter
     *
     * @return IReadFilter
     */
    public function getReadFilter()
    {
        return $this->readFilter;
    }

    /**
     * Set read filter
     *
     * @param IReadFilter $pValue
     * @return IReader
     */
    public function setReadFilter(IReadFilter $pValue)
    {
        $this->readFilter = $pValue;

        return $this;
    }

    /**
     * Open file for reading
     *
     * @param string $pFilename
     * @throws    Exception
     * @return resource
     */
    protected function openFile($pFilename)
    {
        // Check if file exists
        if (!file_exists($pFilename) || !is_readable($pFilename)) {
            throw new Exception('Could not open ' . $pFilename . ' for reading! File does not exist.');
        }

        // Open file
        $this->fileHandle = fopen($pFilename, 'r');
        if ($this->fileHandle === false) {
            throw new Exception('Could not open file ' . $pFilename . ' for reading.');
        }
    }

    /**
     * Scan theXML for use of <!ENTITY to prevent XXE/XEE attacks
     *
     * @param     string         $xml
     * @throws Exception
     */
    public function securityScan($xml)

    {
        $pattern = '/\\0?' . implode('\\0?', str_split('<!DOCTYPE')) . '\\0?/';
        if (preg_match($pattern, $xml)) {
            throw new Exception('Detected use of ENTITY in XML, spreadsheet file load() aborted to prevent XXE/XEE attacks');
        }

        return $xml;
    }

    /**
     * Scan theXML for use of <!ENTITY to prevent XXE/XEE attacks
     *
     * @param     string         $filestream
     * @throws Exception
     */
    public function securityScanFile($filestream)
    {
        return $this->securityScan(file_get_contents($filestream));
    }
}


1			<?php
2
3			namespace PhpOffice\PhpSpreadsheet\Reader;
4
5			/**
6			* Copyright (c) 2006 - 2016 PhpSpreadsheet
7			*
8			* This library is free software; you can redistribute it and/or
9			* modify it under the terms of the GNU Lesser General Public
10			* License as published by the Free Software Foundation; either
11			* version 2.1 of the License, or (at your option) any later version.
12			*
13			* This library is distributed in the hope that it will be useful,
14			* but WITHOUT ANY WARRANTY; without even the implied warranty of
15			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16			* Lesser General Public License for more details.
17			*
18			* You should have received a copy of the GNU Lesser General Public
19			* License along with this library; if not, write to the Free Software
20			* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21			*
22			* @category PhpSpreadsheet
23			* @copyright Copyright (c) 2006 - 2016 PhpSpreadsheet (https://github.com/PHPOffice/PhpSpreadsheet)
24			* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt LGPL
25			* @version ##VERSION##, ##DATE##
26			*/
27			abstract class BaseReader implements IReader
28			{
29			/**
30			* Read data only?
31			* Identifies whether the Reader should only read data values for cells, and ignore any formatting information;
32			* or whether it should read both data and formatting
33			*
34			* @var bool
35			*/
36			protected $readDataOnly = false;
37
38			/**
39			* Read empty cells?
40			* Identifies whether the Reader should read data values for cells all cells, or should ignore cells containing
41			* null value or empty string
42			*
43			* @var bool
44			*/
45			protected $readEmptyCells = true;
46
47			/**
48			* Read charts that are defined in the workbook?
49			* Identifies whether the Reader should read the definitions for any charts that exist in the workbook;
50			*
51			* @var bool
52			*/
53			protected $includeCharts = false;
54
55			/**
56			* Restrict which sheets should be loaded?
57			* This property holds an array of worksheet names to be loaded. If null, then all worksheets will be loaded.
58			*
59			* @var array of string
60			*/
61			protected $loadSheetsOnly;
62
63			/**
64			* IReadFilter instance
65			*
66			* @var IReadFilter
67			*/
68			protected $readFilter;
69
70			protected $fileHandle = null;
71
72			/**
73			* Read data only?
74			* If this is true, then the Reader will only read data values for cells, it will not read any formatting information.
75			* If false (the default) it will read data and formatting.
76			*
77			* @return bool
78			*/
79			public function getReadDataOnly()
80			{
81			return $this->readDataOnly;
82			}
83
84			/**
85			* Set read data only
86			* Set to true, to advise the Reader only to read data values for cells, and to ignore any formatting information.
87			* Set to false (the default) to advise the Reader to read both data and formatting for cells.
88			*
89			* @param bool $pValue
90			*
91			* @return IReader
92			*/
93			public function setReadDataOnly($pValue = false)
94			{
95			$this->readDataOnly = (boolean) $pValue;
96
97			return $this;
98			}
99
100			/**
101			* Read empty cells?
102			* If this is true (the default), then the Reader will read data values for all cells, irrespective of value.
103			* If false it will not read data for cells containing a null value or an empty string.
104			*
105			* @return bool
106			*/
107			public function getReadEmptyCells()
108			{
109			return $this->readEmptyCells;
110			}
111
112			/**
113			* Set read empty cells
114			* Set to true (the default) to advise the Reader read data values for all cells, irrespective of value.
115			* Set to false to advise the Reader to ignore cells containing a null value or an empty string.
116			*
117			* @param bool $pValue
118			*
119			* @return IReader
120			*/
121			public function setReadEmptyCells($pValue = true)
122			{
123			$this->readEmptyCells = (boolean) $pValue;
124
125			return $this;
126			}
127
128			/**
129			* Read charts in workbook?
130			* If this is true, then the Reader will include any charts that exist in the workbook.
131			* Note that a ReadDataOnly value of false overrides, and charts won't be read regardless of the IncludeCharts value.
132			* If false (the default) it will ignore any charts defined in the workbook file.
133			*
134			* @return bool
135			*/
136			public function getIncludeCharts()
137			{
138			return $this->includeCharts;
139			}
140
141			/**
142			* Set read charts in workbook
143			* Set to true, to advise the Reader to include any charts that exist in the workbook.
144			* Note that a ReadDataOnly value of false overrides, and charts won't be read regardless of the IncludeCharts value.
145			* Set to false (the default) to discard charts.
146			*
147			* @param bool $pValue
148			*
149			* @return IReader
150			*/
151	2		public function setIncludeCharts($pValue = false)
152			{
153	2		$this->includeCharts = (boolean) $pValue;
154
155	2		return $this;
156			}
157
158			/**
159			* Get which sheets to load
160			* Returns either an array of worksheet names (the list of worksheets that should be loaded), or a null
161			* indicating that all worksheets in the workbook should be loaded.
162			*
163			* @return mixed
164			*/
165			public function getLoadSheetsOnly()
166			{
167			return $this->loadSheetsOnly;
168			}
169
170			/**
171			* Set which sheets to load
172			*
173			* @param mixed $value
174			* This should be either an array of worksheet names to be loaded, or a string containing a single worksheet name.
175			* If NULL, then it tells the Reader to read all worksheets in the workbook
176			*
177			* @return IReader
178			*/
179			public function setLoadSheetsOnly($value = null)
180			{
181			if ($value === null) {
182			return $this->setLoadAllSheets();
183			}
184
185			$this->loadSheetsOnly = is_array($value) ? $value : [$value];
186
187			return $this;
188			}
189
190			/**
191			* Set all sheets to load
192			* Tells the Reader to load all worksheets from the workbook.
193			*
194			* @return IReader
195			*/
196			public function setLoadAllSheets()
197			{
198			$this->loadSheetsOnly = null;
			0 ignored issues – show Documentation Bug introduced 2016-08-14 05:24 UTC by Report Bug Copy Issue Report It seems like `null` of type `null` is incompatible with the declared type `array` of property `$loadSheetsOnly`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
199
200			return $this;
201			}
202
203			/**
204			* Read filter
205			*
206			* @return IReadFilter
207			*/
208	15		public function getReadFilter()
209			{
210	15		return $this->readFilter;
211			}
212
213			/**
214			* Set read filter
215			*
216			* @param IReadFilter $pValue
217			* @return IReader
218			*/
219	1		public function setReadFilter(IReadFilter $pValue)
220			{
221	1		$this->readFilter = $pValue;
222
223	1		return $this;
224			}
225
226			/**
227			* Open file for reading
228			*
229			* @param string $pFilename
230			* @throws Exception
231			* @return resource
232			*/
233	4		protected function openFile($pFilename)
234			{
235			// Check if file exists
236	4		if (!file_exists($pFilename) \|\| !is_readable($pFilename)) {
237			throw new Exception('Could not open ' . $pFilename . ' for reading! File does not exist.');
238			}
239
240			// Open file
241	4		$this->fileHandle = fopen($pFilename, 'r');
242	4		if ($this->fileHandle === false) {
243			throw new Exception('Could not open file ' . $pFilename . ' for reading.');
244			}
245	4		}
246
247			/**
248			* Scan theXML for use of <!ENTITY to prevent XXE/XEE attacks
249			*
250			* @param string $xml
251			* @throws Exception
252			*/
253	20	View Code Duplication	public function securityScan($xml)
			0 ignored issues – show Duplication introduced 2016-08-14 05:24 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
254			{
255	20		$pattern = '/\\0?' . implode('\\0?', str_split('<!DOCTYPE')) . '\\0?/';
256	20		if (preg_match($pattern, $xml)) {
257	4		throw new Exception('Detected use of ENTITY in XML, spreadsheet file load() aborted to prevent XXE/XEE attacks');
258			}
259
260	16		return $xml;
261			}
262
263			/**
264			* Scan theXML for use of <!ENTITY to prevent XXE/XEE attacks
265			*
266			* @param string $filestream
267			* @throws Exception
268			*/
269	9		public function securityScanFile($filestream)
270			{
271	9		return $this->securityScan(file_get_contents($filestream));
272			}
273			}
274

PHPOffice / PhpSpreadsheet

Push — develop ( 8c5838...f74fde )

BaseReader::securityScanFile() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like