Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Explicitly prevent serialization of the Spreadsheet object #3199

Merged
merged 2 commits into from
Nov 23, 2022
Merged

Explicitly prevent serialization of the Spreadsheet object #3199

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a7259de
Explicitly prevent serialization of the Spreadsheet object
MarkBaker Nov 21, 2022
f4e5318
Merge branch 'master' into Functionality-Prevent-Serialization
MarkBaker Nov 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 20 additions & 1 deletion src/PhpSpreadsheet/Spreadsheet.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

namespace PhpOffice\PhpSpreadsheet;

use JsonSerializable;
use PhpOffice\PhpSpreadsheet\Calculation\Calculation;
use PhpOffice\PhpSpreadsheet\Reader\Xlsx as XlsxReader;
use PhpOffice\PhpSpreadsheet\Shared\File;
Expand All @@ -11,7 +12,7 @@
use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
use PhpOffice\PhpSpreadsheet\Writer\Xlsx as XlsxWriter;

class Spreadsheet
class Spreadsheet implements JsonSerializable
{
// Allowable values for workbook window visilbity
const VISIBILITY_VISIBLE = 'visible';
Expand Down Expand Up @@ -1635,4 +1636,22 @@ public function getSharedComponent(): Style
{
return new Style();
}

/**
* @throws Exception
*
* @return mixed
*/
public function __serialize()
{
throw new Exception('Spreadsheet objects cannot be serialized');
}

/**
* @throws Exception
*/
public function jsonSerialize(): mixed
{
throw new Exception('Spreadsheet objects cannot be json encoded');
}
}
34 changes: 26 additions & 8 deletions tests/PhpSpreadsheetTests/SpreadsheetTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

namespace PhpOffice\PhpSpreadsheetTests;

use PhpOffice\PhpSpreadsheet\Exception as ssException;
use PhpOffice\PhpSpreadsheet\Exception;
use PhpOffice\PhpSpreadsheet\Spreadsheet;
use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
use PHPUnit\Framework\TestCase;
Expand Down Expand Up @@ -67,7 +67,7 @@ public function testGetSheetByName(?int $index, string $sheetName): void
public function testAddSheetDuplicateTitle(): void
{
$spreadsheet = $this->getSpreadsheet();
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$sheet = new Worksheet();
$sheet->setTitle('someSheet2');
$spreadsheet->addSheet($sheet);
Expand Down Expand Up @@ -98,7 +98,7 @@ public function testAddSheetAdjustActive(): void
public function testRemoveSheetIndexTooHigh(): void
{
$spreadsheet = $this->getSpreadsheet();
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$spreadsheet->removeSheetByIndex(4);
}

Expand All @@ -123,14 +123,14 @@ public function testRemoveSheetAdjustActive(): void
public function testGetSheetIndexTooHigh(): void
{
$spreadsheet = $this->getSpreadsheet();
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$spreadsheet->getSheet(4);
}

public function testGetIndexNonExistent(): void
{
$spreadsheet = $this->getSpreadsheet();
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$sheet = new Worksheet();
$sheet->setTitle('someSheet4');
$spreadsheet->getIndex($sheet);
Expand Down Expand Up @@ -175,14 +175,14 @@ public function testBug1735(): void
public function testSetActiveSheetIndexTooHigh(): void
{
$spreadsheet = $this->getSpreadsheet();
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$spreadsheet->setActiveSheetIndex(4);
}

public function testSetActiveSheetNoSuchName(): void
{
$spreadsheet = $this->getSpreadsheet();
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$spreadsheet->setActiveSheetIndexByName('unknown');
}

Expand Down Expand Up @@ -210,7 +210,7 @@ public function testAddExternal(): void

public function testAddExternalDuplicateName(): void
{
$this->expectException(ssException::class);
$this->expectException(Exception::class);
$spreadsheet = new Spreadsheet();
$sheet = $spreadsheet->createSheet()->setTitle('someSheet1');
$sheet->getCell('A1')->setValue(1);
Expand Down Expand Up @@ -275,4 +275,22 @@ public function testAddExternalRowDimensionStyles(): void
self::assertEquals($countXfs + $index, $sheet3->getCell('A2')->getXfIndex());
self::assertEquals($countXfs + $index, $sheet3->getRowDimension(2)->getXfIndex());
}

public function testNotSerializable(): void
{
$this->spreadsheet = $spreadsheet = new Spreadsheet();

$this->expectException(Exception::class);
$this->expectExceptionMessage('Spreadsheet objects cannot be serialized');
serialize($this->spreadsheet);
}

public function testNotJsonEncodable(): void
{
$this->spreadsheet = $spreadsheet = new Spreadsheet();

$this->expectException(Exception::class);
$this->expectExceptionMessage('Spreadsheet objects cannot be json encoded');
json_encode($this->spreadsheet);
}
}