Skip to content

Commit a3187a3

Browse files
MarkBakerMarkBaker
authored
Merge pull request #3199 from PHPOffice/Functionality-Prevent-Serialization
Explicitly prevent serialization of the Spreadsheet object
2 parents fe79f7b + f4e5318 commit a3187a3

File tree

2 files changed

+46
-9
lines changed

2 files changed

+46
-9
lines changed

src/PhpSpreadsheet/Spreadsheet.php

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
namespace PhpOffice\PhpSpreadsheet;
44

5+
use JsonSerializable;
56
use PhpOffice\PhpSpreadsheet\Calculation\Calculation;
67
use PhpOffice\PhpSpreadsheet\Reader\Xlsx as XlsxReader;
78
use PhpOffice\PhpSpreadsheet\Shared\File;
@@ -11,7 +12,7 @@
1112
use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
1213
use PhpOffice\PhpSpreadsheet\Writer\Xlsx as XlsxWriter;
1314

14-
class Spreadsheet
15+
class Spreadsheet implements JsonSerializable
1516
{
1617
// Allowable values for workbook window visilbity
1718
const VISIBILITY_VISIBLE = 'visible';
@@ -1635,4 +1636,22 @@ public function getSharedComponent(): Style
16351636
{
16361637
return new Style();
16371638
}
1639+
1640+
/**
1641+
* @throws Exception
1642+
*
1643+
* @return mixed
1644+
*/
1645+
public function __serialize()
1646+
{
1647+
throw new Exception('Spreadsheet objects cannot be serialized');
1648+
}
1649+
1650+
/**
1651+
* @throws Exception
1652+
*/
1653+
public function jsonSerialize(): mixed
1654+
{
1655+
throw new Exception('Spreadsheet objects cannot be json encoded');
1656+
}
16381657
}

tests/PhpSpreadsheetTests/SpreadsheetTest.php

Lines changed: 26 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
namespace PhpOffice\PhpSpreadsheetTests;
44

5-
use PhpOffice\PhpSpreadsheet\Exception as ssException;
5+
use PhpOffice\PhpSpreadsheet\Exception;
66
use PhpOffice\PhpSpreadsheet\Spreadsheet;
77
use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
88
use PHPUnit\Framework\TestCase;
@@ -67,7 +67,7 @@ public function testGetSheetByName(?int $index, string $sheetName): void
6767
public function testAddSheetDuplicateTitle(): void
6868
{
6969
$spreadsheet = $this->getSpreadsheet();
70-
$this->expectException(ssException::class);
70+
$this->expectException(Exception::class);
7171
$sheet = new Worksheet();
7272
$sheet->setTitle('someSheet2');
7373
$spreadsheet->addSheet($sheet);
@@ -98,7 +98,7 @@ public function testAddSheetAdjustActive(): void
9898
public function testRemoveSheetIndexTooHigh(): void
9999
{
100100
$spreadsheet = $this->getSpreadsheet();
101-
$this->expectException(ssException::class);
101+
$this->expectException(Exception::class);
102102
$spreadsheet->removeSheetByIndex(4);
103103
}
104104

@@ -123,14 +123,14 @@ public function testRemoveSheetAdjustActive(): void
123123
public function testGetSheetIndexTooHigh(): void
124124
{
125125
$spreadsheet = $this->getSpreadsheet();
126-
$this->expectException(ssException::class);
126+
$this->expectException(Exception::class);
127127
$spreadsheet->getSheet(4);
128128
}
129129

130130
public function testGetIndexNonExistent(): void
131131
{
132132
$spreadsheet = $this->getSpreadsheet();
133-
$this->expectException(ssException::class);
133+
$this->expectException(Exception::class);
134134
$sheet = new Worksheet();
135135
$sheet->setTitle('someSheet4');
136136
$spreadsheet->getIndex($sheet);
@@ -175,14 +175,14 @@ public function testBug1735(): void
175175
public function testSetActiveSheetIndexTooHigh(): void
176176
{
177177
$spreadsheet = $this->getSpreadsheet();
178-
$this->expectException(ssException::class);
178+
$this->expectException(Exception::class);
179179
$spreadsheet->setActiveSheetIndex(4);
180180
}
181181

182182
public function testSetActiveSheetNoSuchName(): void
183183
{
184184
$spreadsheet = $this->getSpreadsheet();
185-
$this->expectException(ssException::class);
185+
$this->expectException(Exception::class);
186186
$spreadsheet->setActiveSheetIndexByName('unknown');
187187
}
188188

@@ -210,7 +210,7 @@ public function testAddExternal(): void
210210

211211
public function testAddExternalDuplicateName(): void
212212
{
213-
$this->expectException(ssException::class);
213+
$this->expectException(Exception::class);
214214
$spreadsheet = new Spreadsheet();
215215
$sheet = $spreadsheet->createSheet()->setTitle('someSheet1');
216216
$sheet->getCell('A1')->setValue(1);
@@ -275,4 +275,22 @@ public function testAddExternalRowDimensionStyles(): void
275275
self::assertEquals($countXfs + $index, $sheet3->getCell('A2')->getXfIndex());
276276
self::assertEquals($countXfs + $index, $sheet3->getRowDimension(2)->getXfIndex());
277277
}
278+
279+
public function testNotSerializable(): void
280+
{
281+
$this->spreadsheet = $spreadsheet = new Spreadsheet();
282+
283+
$this->expectException(Exception::class);
284+
$this->expectExceptionMessage('Spreadsheet objects cannot be serialized');
285+
serialize($this->spreadsheet);
286+
}
287+
288+
public function testNotJsonEncodable(): void
289+
{
290+
$this->spreadsheet = $spreadsheet = new Spreadsheet();
291+
292+
$this->expectException(Exception::class);
293+
$this->expectExceptionMessage('Spreadsheet objects cannot be json encoded');
294+
json_encode($this->spreadsheet);
295+
}
278296
}

0 commit comments

Comments
 (0)