CSV Export

Yii Framework Wiki

Popular Tags

CSV Export

I needed a csv export function for my cgridview and I wanted to export the entire result set of the sorted and filtered cgridview the user was viewing via ajax.

This reuses the search method so you don't have to rewrite any of your complex criteria or sort code.

I was not using ajaxupdate on the cgridview. IF you are then you need to change the view logic to send those params.

NOTE: Change "searchRailcars" and "TrainCars" for your respective page name and model

View

list($url, $getParams) =   explode("searchRailcars", $_SERVER["REQUEST_URI"]); //will split the url to return all the get params aftert the r param
<a href="<?php echo url('/rip/search/csvRailcars'.$getParams); ?>">CSV Export</a>

MODEL

public function search($pagination = array( 'pageSize'=>20) ){ //edited to set pagination
...
//the criteria and sort logic
...
          return new CActiveDataProvider($this, array('criteria' => $criteria,
                                                      'sort'=>$sort,
                                                      'pagination'=>$pagination
                                        ));
    
} //end func

CONTROLLER

public function actionCsvRailcars(){       
         header('Content-type: text/csv');
         header('Content-Disposition: attachment; filename="centrico-RIP-Railcars-' . date('YmdHi') .'.csv"');
          
         $model=new TrainCars('search');
         $model->unsetAttributes();  // clear any default values
         if(isset($_GET['TrainCars'])) $model->attributes=$_GET['TrainCars'];
         $dataProvider = $model->search(false);
          
         //csv header
         echo TrainCars::model()->getAttributeLabel("beginTime_n").",". TrainCars::model()->getAttributeLabel("endTime_n").",". TrainCars::model()->getAttributeLabel("sequence_n")." \r\n";
      
          foreach ($dataProvider->getData() as $data)
           echo "$data->beginTime_n,$data->endTime_n, $data->sequence_n \r\n";
         }
         exit;      
}

4 0

5 followers

Viewed: 30 024 times

Version: 1.1

Category: How-tos

Tags: csv, export

Written by: JohnPollard

Last updated by: JohnPollard

Created on: Jun 12, 2012

Last updated: 12 years ago

Update Article

Revisions

View all history

12 years ago by JohnPollard
edit
12 years ago by JohnPollard
edited based on suggestions

User Contributed Notes 5

#8590

0 0

Suggestions

Here are several suggestions on potential enhancements of this wiki page:

Please fix the indentation.
There's an XSS flaw in the view, at the beginning of the page.
Depending on the $page parameter, TrainCars::search() will return a CDataProvider or an array(). This is inconsistent and may lead to errors.
The model should keep the default method search($page=25) with no pagination when the parameter $page is false.
To output CSV, one shouldn't use a naive echo but the official PHP function fputcsv. Without this it would break on content like « "my,punctuation;" ».
When the controller puts user input into the model, it must validate it (security concern) and output CSV only if this doesn't fail.

Sorry if I sound negative. If you feel like it, I'd be glad to provide explanations on any point I mentioned.

François Gannaz at Jun 13, 2012, 12:56:00 PM

#8592

0 0

Re: Suggestions

I edited the indentation. Lemme know if you still don't like something.
Is this any different than how the page normally gets updated when cgridview has ajaxUpdate = false?
$page parameter? All my models are generated from gii and don't have that param.
Again, I don't see that parameter.
I agree. Just thought this way was simpler.
Does this differ from point #2 and #4?

I appreciate your suggestions.

JohnPollard at Jun 13, 2012, 3:57:21 PM

#8594

0 0

Re: Suggestions

XSS: It's still there and could lead to session hijacking or similar treats. Here is a link about XSS: OWASP, and shamelessly my own wiki page.
See what would happen if someone puts a link (or an image's src) toward your page with an URL like ...&hack="><script>....</script>.
Fixing this isn't obvious as you can't simply escape the URL part. In another wiki page, someone used JS for this. Another way would be to add a form with submit buttons wrapping the CGridView. You could also use a mix of CController::createUrl() and $model->attributes to create a static link.
$page parameter: sorry, my bad. I thought it was part of the official template, but it's only in my custom one.
I still dislike the way your method returns results of different types depending on the $all param. Why don't you use a CActiveDataProvider with the config 'pagination' => false?
Validation: you're using non-validated user input to build your criteria in the line $dataProvider = $model->search(true);. This is dangerous. BTW, as I wrote above, $dataProvider is an array in this case, not an instance of CDataProvider, and I think this is very confusing.

François Gannaz at Jun 13, 2012, 5:05:31 PM

#8595

0 0

RE:Suggestions

XSS: I'm still unsure how what I am doing is any different than what yii does by default with the cgridview not using ajax.

Page Parameter: I agree Ill edit it to change to that. I read through the forums and someone said you couldnt get the entire result set back, you had to use cactiverecord.

JohnPollard at Jun 13, 2012, 5:31:47 PM

#8665

0 0

Extensions available

You can also use one of the yii-extensions, like this one:
http://www.yiiframework.com/extension/csvexport

marcovtwout at Jun 18, 2012, 10:01:20 AM

Categories

Popular Tags

Recent Comments

CSV Export

Revisions

Related Articles