From fb09f033aeac51d9e683d885439ebdf186abad53 Mon Sep 17 00:00:00 2001 From: "r.mubarakzyanov" Date: Mon, 30 Mar 2026 13:24:18 +0300 Subject: [PATCH] removed htmlspecialchars on import && savings --- public/userarea/import_insert.php | 2 +- public/userarea/process_import_xls.php | 4 ++-- public/userarea/process_import_xls2.php | 4 ++-- public/userarea/save_edited_data.php | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/public/userarea/import_insert.php b/public/userarea/import_insert.php index 9cafc10..7b19854 100644 --- a/public/userarea/import_insert.php +++ b/public/userarea/import_insert.php @@ -126,7 +126,7 @@ foreach ($selected_rows as $rowIndex) { case 'Testo': case 'VARCHAR': default: - $fieldValue = !empty($fieldValue) ? htmlspecialchars((string)$fieldValue) : ($mapping['manual_default'] ?? ''); + $fieldValue = !empty($fieldValue) ? (string)$fieldValue : ($mapping['manual_default'] ?? ''); break; } } else { diff --git a/public/userarea/process_import_xls.php b/public/userarea/process_import_xls.php index 7ea091c..6ec258f 100644 --- a/public/userarea/process_import_xls.php +++ b/public/userarea/process_import_xls.php @@ -70,7 +70,7 @@ try { $columnLetter = \PhpOffice\PhpSpreadsheet\Cell\Coordinate::stringFromColumnIndex($col); $cell = $worksheet->getCell($columnLetter . $header_row); $cellValue = $cell ? $cell->getCalculatedValue() : ''; // Usa getCalculatedValue per le formule - $headerRowData[] = htmlspecialchars($cellValue ?: ''); + $headerRowData[] = $cellValue ?: ''; } // Estrai i dati a partire dalla riga successiva @@ -80,7 +80,7 @@ try { $columnLetter = \PhpOffice\PhpSpreadsheet\Cell\Coordinate::stringFromColumnIndex($col); $cell = $worksheet->getCell($columnLetter . $row); $cellValue = $cell ? $cell->getCalculatedValue() : ''; // Usa getCalculatedValue per le formule - $rowData[] = htmlspecialchars($cellValue ?: ''); + $rowData[] = $cellValue ?: ''; } if (!empty(array_filter($rowData))) { $excelData[] = $rowData; diff --git a/public/userarea/process_import_xls2.php b/public/userarea/process_import_xls2.php index 27ed5d5..3b9ec24 100644 --- a/public/userarea/process_import_xls2.php +++ b/public/userarea/process_import_xls2.php @@ -146,7 +146,7 @@ try { $columnLetter = \PhpOffice\PhpSpreadsheet\Cell\Coordinate::stringFromColumnIndex($col); $cell = $worksheet->getCell($columnLetter . $header_row); $cellValue = $cell ? $cell->getCalculatedValue() : ''; - $headerRowData[] = htmlspecialchars($cellValue ?: ''); + $headerRowData[] = $cellValue ?: ''; } // Estrai i dati a partire dalla riga successiva, includendo excelrow @@ -156,7 +156,7 @@ try { $columnLetter = \PhpOffice\PhpSpreadsheet\Cell\Coordinate::stringFromColumnIndex($col); $cell = $worksheet->getCell($columnLetter . $row); $cellValue = $cell ? $cell->getCalculatedValue() : ''; - $rowData[] = htmlspecialchars($cellValue ?: ''); + $rowData[] = $cellValue ?: ''; } if (!empty(array_filter($rowData))) { $excelData[] = ['data' => $rowData, 'excelrow' => $row]; diff --git a/public/userarea/save_edited_data.php b/public/userarea/save_edited_data.php index 35a8ce0..1b0e2de 100644 --- a/public/userarea/save_edited_data.php +++ b/public/userarea/save_edited_data.php @@ -23,7 +23,7 @@ try { foreach ($_POST as $key => $value) { if ($key !== 'iddatadb' && !in_array($key, $excludeFields)) { $updates[] = "$key = ?"; - $values[] = htmlspecialchars($value); + $values[] = $value; } } $values[] = $iddatadb;