[open-ils-commits] r18101 - trunk/Open-ILS/src/reporter (gmc)
svn at svn.open-ils.org
svn at svn.open-ils.org
Wed Sep 29 13:48:56 EDT 2010
Author: gmc
Date: 2010-09-29 13:48:52 -0400 (Wed, 29 Sep 2010)
New Revision: 18101
Modified:
trunk/Open-ILS/src/reporter/clark-kent.pl
Log:
reporter: don't try to write Excel formulas
Any cell value that starts with = is now always written
as a text cell in spreadsheet output. Avoids a possible
exploit as well as errors like this:
Couldn't parse formula: = at /openils/bin/clark-kent.pl line 429
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Modified: trunk/Open-ILS/src/reporter/clark-kent.pl
===================================================================
--- trunk/Open-ILS/src/reporter/clark-kent.pl 2010-09-29 15:06:25 UTC (rev 18100)
+++ trunk/Open-ILS/src/reporter/clark-kent.pl 2010-09-29 17:48:52 UTC (rev 18101)
@@ -423,6 +423,8 @@
$sheetname =~ s/\W/_/gos;
my $sheet = $xls->add_worksheet($sheetname);
+ # don't try to write formulas, just write anything that starts with = as a text cell
+ $sheet->add_write_handler(qr/^=/, sub { return shift->write_string(@_); } );
$sheet->write_row('A1', $r->{column_labels});
More information about the open-ils-commits
mailing list