Verify csv content during uploads

[vinayvenu]

See https://owasp.org/www-community/attacks/CSV_Injection http://georgemauer.net/2017/10/07/csv-injection.html

To mitigate these concerns, it will be good to

1. Add quotes and a tab at the beginning of a cell when the cell starts with =, +, - or @.
2. Ensure this is removed when actually processing the file (to prevent fails for phone numbers, negative numbers etc