2017-05-10 16:22:08 +00:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Handles CSV export.
|
|
|
|
*
|
|
|
|
* @author Automattic
|
|
|
|
* @category Admin
|
|
|
|
* @package WooCommerce/Export
|
|
|
|
* @version 3.1.0
|
|
|
|
*/
|
|
|
|
if ( ! defined( 'ABSPATH' ) ) {
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* WC_CSV_Exporter Class.
|
|
|
|
*/
|
|
|
|
abstract class WC_CSV_Exporter {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Type of export used in filter names.
|
2017-05-12 19:15:08 +00:00
|
|
|
* @var string
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
protected $export_type = '';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Batch limit.
|
|
|
|
* @var integer
|
|
|
|
*/
|
2017-06-09 11:21:46 +00:00
|
|
|
protected $limit = 50;
|
2017-05-10 16:22:08 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Number exported.
|
|
|
|
* @var integer
|
|
|
|
*/
|
|
|
|
protected $exported_row_count = 0;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Raw data to export.
|
2017-05-12 19:15:08 +00:00
|
|
|
* @var array
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
protected $row_data = array();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Total rows to export.
|
|
|
|
* @var integer
|
|
|
|
*/
|
|
|
|
protected $total_rows = 0;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Columns ids and names.
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $column_names = array();
|
|
|
|
|
2017-05-10 19:48:56 +00:00
|
|
|
/**
|
|
|
|
* List of columns to export, or empty for all.
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $columns_to_export = array();
|
|
|
|
|
2017-05-10 16:22:08 +00:00
|
|
|
/**
|
|
|
|
* Prepare data that will be exported.
|
|
|
|
*/
|
|
|
|
abstract function prepare_data_to_export();
|
|
|
|
|
|
|
|
/**
|
2017-05-10 19:48:56 +00:00
|
|
|
* Return an array of supported column names and ids.
|
2017-05-10 16:22:08 +00:00
|
|
|
*
|
2017-05-12 19:15:08 +00:00
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function get_column_names() {
|
2017-05-12 19:15:08 +00:00
|
|
|
return apply_filters( "woocommerce_{$this->export_type}_export_column_names", $this->column_names, $this );
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set column names.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @param array $column_names
|
|
|
|
*/
|
|
|
|
public function set_column_names( $column_names ) {
|
|
|
|
$this->column_names = array();
|
|
|
|
|
|
|
|
foreach ( $column_names as $column_id => $column_name ) {
|
|
|
|
$this->column_names[ wc_clean( $column_id ) ] = wc_clean( $column_name );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-05-10 19:48:56 +00:00
|
|
|
/**
|
|
|
|
* Return an array of columns to export.
|
|
|
|
*
|
2017-05-12 19:15:08 +00:00
|
|
|
* @since 3.1.0
|
2017-05-10 19:48:56 +00:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function get_columns_to_export() {
|
|
|
|
return $this->columns_to_export;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set columns to export.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 19:48:56 +00:00
|
|
|
* @param array $column_names
|
|
|
|
*/
|
|
|
|
public function set_columns_to_export( $columns ) {
|
|
|
|
$this->columns_to_export = array_map( 'wc_clean', $columns );
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* See if a column is to be exported or not.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
* @param string $column_id
|
2017-05-10 19:48:56 +00:00
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function is_column_exporting( $column_id ) {
|
2017-05-10 21:16:53 +00:00
|
|
|
$column_id = strstr( $column_id, ':' ) ? current( explode( ':', $column_id ) ) : $column_id;
|
2017-05-10 19:48:56 +00:00
|
|
|
$columns_to_export = $this->get_columns_to_export();
|
|
|
|
|
|
|
|
if ( empty( $columns_to_export ) ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( in_array( $column_id, $columns_to_export ) ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2017-05-10 16:22:08 +00:00
|
|
|
/**
|
|
|
|
* Return default columns.
|
|
|
|
*
|
2017-05-12 19:15:08 +00:00
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function get_default_column_names() {
|
|
|
|
return array();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Do the export.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
public function export() {
|
|
|
|
$this->prepare_data_to_export();
|
|
|
|
$this->send_headers();
|
|
|
|
$this->send_content( $this->export_column_headers() . $this->get_csv_data() );
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set the export headers.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
public function send_headers() {
|
|
|
|
if ( function_exists( 'gc_enable' ) ) {
|
|
|
|
gc_enable();
|
|
|
|
}
|
|
|
|
if ( function_exists( 'apache_setenv' ) ) {
|
|
|
|
@apache_setenv( 'no-gzip', 1 );
|
|
|
|
}
|
|
|
|
@ini_set( 'zlib.output_compression', 'Off' );
|
|
|
|
@ini_set( 'output_buffering', 'Off' );
|
|
|
|
@ini_set( 'output_handler', '' );
|
|
|
|
ignore_user_abort( true );
|
|
|
|
wc_set_time_limit( 0 );
|
|
|
|
nocache_headers();
|
|
|
|
header( 'Content-Type: text/csv; charset=utf-8' );
|
2017-05-12 19:15:08 +00:00
|
|
|
header( 'Content-Disposition: attachment; filename=' . $this->get_filename() );
|
2017-05-10 16:22:08 +00:00
|
|
|
header( 'Pragma: no-cache' );
|
|
|
|
header( 'Expires: 0' );
|
|
|
|
}
|
|
|
|
|
2017-05-12 19:15:08 +00:00
|
|
|
/**
|
|
|
|
* Generate and return a filename.
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function get_filename() {
|
|
|
|
return sanitize_file_name( 'wc-' . $this->export_type . '-export-' . date_i18n( 'Y-m-d', current_time( 'timestamp' ) ) . '.csv' );
|
|
|
|
}
|
|
|
|
|
2017-05-10 16:22:08 +00:00
|
|
|
/**
|
|
|
|
* Set the export content.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
public function send_content( $csv_data ) {
|
|
|
|
echo $csv_data;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get CSV data for this export.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
protected function get_csv_data() {
|
2017-06-10 14:43:38 +00:00
|
|
|
return $this->export_rows();
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Export column headers in CSV format.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
* @return string
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
protected function export_column_headers() {
|
2017-06-10 14:43:38 +00:00
|
|
|
$columns = $this->get_column_names();
|
|
|
|
$export_row = array();
|
|
|
|
$buffer = fopen( 'php://output', 'w' );
|
|
|
|
ob_start();
|
2017-05-10 16:22:08 +00:00
|
|
|
|
|
|
|
foreach ( $columns as $column_id => $column_name ) {
|
2017-05-10 19:48:56 +00:00
|
|
|
if ( ! $this->is_column_exporting( $column_id ) ) {
|
|
|
|
continue;
|
|
|
|
}
|
2017-06-10 14:43:38 +00:00
|
|
|
$export_row[] = $column_name;
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
|
2017-06-10 14:43:38 +00:00
|
|
|
fputcsv( $buffer, $export_row );
|
|
|
|
|
|
|
|
return ob_get_clean();
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get data that will be exported.
|
|
|
|
*
|
2017-05-12 19:15:08 +00:00
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
protected function get_data_to_export() {
|
|
|
|
return $this->row_data;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Export rows in CSV format.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
* @return array
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
|
|
|
protected function export_rows() {
|
2017-06-10 14:43:38 +00:00
|
|
|
$data = $this->get_data_to_export();
|
|
|
|
$buffer = fopen( 'php://output', 'w' );
|
|
|
|
ob_start();
|
|
|
|
|
|
|
|
array_walk( $data, array( $this, 'export_row' ), $buffer );
|
|
|
|
|
|
|
|
return apply_filters( "woocommerce_{$this->export_type}_export_rows", ob_get_clean(), $this );
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2017-06-10 14:43:38 +00:00
|
|
|
* Export rows to an array ready for the CSV.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
* @param array $row_data
|
2017-05-10 16:22:08 +00:00
|
|
|
*/
|
2017-06-10 14:43:38 +00:00
|
|
|
protected function export_row( $row_data, $key, $buffer ) {
|
|
|
|
$columns = $this->get_column_names();
|
|
|
|
$export_row = array();
|
2017-05-10 16:22:08 +00:00
|
|
|
|
|
|
|
foreach ( $columns as $column_id => $column_name ) {
|
2017-05-10 19:48:56 +00:00
|
|
|
if ( ! $this->is_column_exporting( $column_id ) ) {
|
|
|
|
continue;
|
|
|
|
}
|
2017-05-10 16:22:08 +00:00
|
|
|
if ( isset( $row_data[ $column_id ] ) ) {
|
2017-06-10 14:43:38 +00:00
|
|
|
$export_row[] = $this->format_data( $row_data[ $column_id ] );
|
2017-05-10 16:22:08 +00:00
|
|
|
} else {
|
2017-06-10 14:43:38 +00:00
|
|
|
$export_row[] = '';
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-06-10 14:43:38 +00:00
|
|
|
fputcsv( $buffer, $export_row );
|
2017-05-10 16:22:08 +00:00
|
|
|
++ $this->exported_row_count;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get batch limit.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @return int
|
|
|
|
*/
|
|
|
|
public function get_limit() {
|
|
|
|
return $this->limit;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set batch limit.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @param int $limit
|
|
|
|
*/
|
|
|
|
public function set_limit( $limit ) {
|
|
|
|
$this->limit = absint( $limit );
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get count of records exported.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @return int
|
|
|
|
*/
|
|
|
|
public function get_total_exported() {
|
|
|
|
return $this->exported_row_count;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Escape a string to be used in a CSV context
|
|
|
|
*
|
|
|
|
* Malicious input can inject formulas into CSV files, opening up the possibility
|
|
|
|
* for phishing attacks and disclosure of sensitive information.
|
|
|
|
*
|
|
|
|
* Additionally, Excel exposes the ability to launch arbitrary commands through
|
|
|
|
* the DDE protocol.
|
|
|
|
*
|
|
|
|
* @see http://www.contextis.com/resources/blog/comma-separated-vulnerabilities/
|
|
|
|
* @see https://hackerone.com/reports/72785
|
|
|
|
*
|
2017-05-12 19:15:08 +00:00
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @param string $field CSV field to escape
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function escape_data( $data ) {
|
|
|
|
$active_content_triggers = array( '=', '+', '-', '@' );
|
|
|
|
|
|
|
|
if ( in_array( mb_substr( $data, 0, 1 ), $active_content_triggers, true ) ) {
|
|
|
|
$data = "'" . $data;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $data;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Format and escape data ready for the CSV file.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @param string $data
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function format_data( $data ) {
|
|
|
|
if ( ! is_scalar( $data ) ) {
|
|
|
|
if ( is_a( $data, 'WC_Datetime' ) ) {
|
2017-05-25 19:33:14 +00:00
|
|
|
$data = $data->date( 'Y-m-d G:i:s' );
|
2017-05-10 16:22:08 +00:00
|
|
|
} else {
|
|
|
|
$data = ''; // Not supported.
|
|
|
|
}
|
2017-05-25 19:33:14 +00:00
|
|
|
} elseif ( is_bool( $data ) ) {
|
|
|
|
$data = $data ? 1 : 0;
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
2017-05-25 19:33:14 +00:00
|
|
|
|
2017-05-10 16:22:08 +00:00
|
|
|
$data = (string) urldecode( $data );
|
|
|
|
$encoding = mb_detect_encoding( $data, 'UTF-8, ISO-8859-1', true );
|
|
|
|
$data = 'UTF-8' === $encoding ? $data : utf8_encode( $data );
|
2017-06-10 14:43:38 +00:00
|
|
|
return $this->escape_data( $data );
|
2017-05-10 16:22:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Format term ids to names.
|
2017-05-12 19:15:08 +00:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
2017-05-10 16:22:08 +00:00
|
|
|
* @param array $term_ids
|
|
|
|
* @param string $taxonomy
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function format_term_ids( $term_ids, $taxonomy ) {
|
|
|
|
$term_ids = wp_parse_id_list( $term_ids );
|
|
|
|
|
|
|
|
if ( ! count( $term_ids ) ) {
|
|
|
|
return '';
|
|
|
|
}
|
|
|
|
|
|
|
|
$formatted_terms = array();
|
|
|
|
|
|
|
|
if ( is_taxonomy_hierarchical( $taxonomy ) ) {
|
|
|
|
foreach ( $term_ids as $term_id ) {
|
|
|
|
$formatted_term = array();
|
|
|
|
$ancestor_ids = array_reverse( get_ancestors( $term_id, $taxonomy ) );
|
|
|
|
|
|
|
|
foreach ( $ancestor_ids as $ancestor_id ) {
|
|
|
|
$term = get_term( $ancestor_id, $taxonomy );
|
|
|
|
if ( $term && ! is_wp_error( $term ) ) {
|
|
|
|
$formatted_term[] = $term->name;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$term = get_term( $term_id, $taxonomy );
|
|
|
|
|
|
|
|
if ( $term && ! is_wp_error( $term ) ) {
|
|
|
|
$formatted_term[] = $term->name;
|
|
|
|
}
|
|
|
|
|
|
|
|
$formatted_terms[] = implode( ' > ', $formatted_term );
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
foreach ( $term_ids as $term_id ) {
|
|
|
|
$term = get_term( $term_id, $taxonomy );
|
|
|
|
|
|
|
|
if ( $term && ! is_wp_error( $term ) ) {
|
|
|
|
$formatted_terms[] = $term->name;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return implode( ', ', $formatted_terms );
|
|
|
|
}
|
|
|
|
}
|