Clientbase
/
Spreadsheet_Excel_Writer
mirror of https://github.com/basemaster/Spreadsheet_Excel_Writer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Escape filename used in Content-Disposition header

This commit is contained in:
Alexey Kopytko 2016-06-16 12:05:40 +09:00
parent 8878394496
commit 4b6d1a3453
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Spreadsheet/Excel/Writer.php
View File

@ -65,6 +65,7 @@ class Spreadsheet_Excel_Writer extends Spreadsheet_Excel_Writer_Workbook
*/ */
public function send($filename) public function send($filename)
{ {
$filename = addslashes($filename);
header("Content-type: application/vnd.ms-excel"); header("Content-type: application/vnd.ms-excel");
header("Content-Disposition: attachment; filename=\"$filename\""); header("Content-Disposition: attachment; filename=\"$filename\"");
header("Expires: 0"); header("Expires: 0");