RetailCRM-Mirror/PHPExcel
1
0
Fork 0
mirror of https://github.com/retailcrm/PHPExcel.git synced 2024-11-22 21:36:05 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #405 from ymaerschalck/develop

Browse Source 
XML External Entity (XXE) Processing
This commit is contained in:
Mark Baker 2014-07-27 12:18:58 +01:00
commit 2a06bc9675
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Classes/PHPExcel/Reader/Excel2003XML.php
View File

@ -137,7 +137,7 @@ class PHPExcel_Reader_Excel2003XML extends PHPExcel_Reader_Abstract implements P
$worksheetNames = array(); $worksheetNames = array();
$xml = simplexml_load_file($pFilename, 'SimpleXMLElement', PHPExcel_Settings::getLibXmlLoaderOptions()); $xml = simplexml_load_string(file_get_contents($pFilename), 'SimpleXMLElement', PHPExcel_Settings::getLibXmlLoaderOptions());
$namespaces = $xml->getNamespaces(true); $namespaces = $xml->getNamespaces(true);
$xml_ss = $xml->children($namespaces['ss']); $xml_ss = $xml->children($namespaces['ss']);
@ -165,7 +165,7 @@ class PHPExcel_Reader_Excel2003XML extends PHPExcel_Reader_Abstract implements P
$worksheetInfo = array(); $worksheetInfo = array();
$xml = simplexml_load_file($pFilename, 'SimpleXMLElement', PHPExcel_Settings::getLibXmlLoaderOptions()); $xml = simplexml_load_string(file_get_contents($pFilename), 'SimpleXMLElement', PHPExcel_Settings::getLibXmlLoaderOptions());
$namespaces = $xml->getNamespaces(true); $namespaces = $xml->getNamespaces(true);
$worksheetID = 1; $worksheetID = 1;
@ -330,7 +330,7 @@ class PHPExcel_Reader_Excel2003XML extends PHPExcel_Reader_Abstract implements P
throw new PHPExcel_Reader_Exception($pFilename . " is an Invalid Spreadsheet file."); throw new PHPExcel_Reader_Exception($pFilename . " is an Invalid Spreadsheet file.");
} }
$xml = simplexml_load_file($pFilename, 'SimpleXMLElement', PHPExcel_Settings::getLibXmlLoaderOptions()); $xml = simplexml_load_string(file_get_contents($pFilename), 'SimpleXMLElement', PHPExcel_Settings::getLibXmlLoaderOptions());
$namespaces = $xml->getNamespaces(true); $namespaces = $xml->getNamespaces(true);
$docProps = $objPHPExcel->getProperties(); $docProps = $objPHPExcel->getProperties();