public static function add($userID)
 {
     Z_Core::debug("Creating publications library for user {$userID}");
     Zotero_DB::beginTransaction();
     // Use same shard as user library
     $shardID = Zotero_Shards::getByUserID($userID);
     $libraryID = Zotero_Libraries::add('publications', $shardID);
     $sql = "INSERT INTO userPublications (userID, libraryID) VALUES (?, ?)";
     Zotero_DB::query($sql, [$userID, $libraryID]);
     Zotero_DB::commit();
     return $libraryID;
 }
Beispiel #2
0
 /**
  * Handle uploaded data, overwriting existing data
  */
 public function upload()
 {
     $this->sessionCheck();
     // Another session is either queued or writing — upload data won't be valid,
     // so client should wait and return to /updated with 'upload' flag
     Zotero_DB::beginTransaction();
     if (Zotero_Sync::userIsReadLocked($this->userID) || Zotero_Sync::userIsWriteLocked($this->userID)) {
         Zotero_DB::commit();
         $locked = $this->responseXML->addChild('locked');
         $locked['wait'] = $this->getWaitTime($this->sessionID);
         $this->end();
     }
     Zotero_DB::commit();
     $this->clearWaitTime($this->sessionID);
     if (empty($_REQUEST['updateKey'])) {
         $this->error(400, 'INVALID_UPLOAD_DATA', 'Update key not provided');
     }
     if ($_REQUEST['updateKey'] != Zotero_Users::getUpdateKey($this->userID)) {
         $this->e409("Server data has changed since last retrieval");
     }
     // TODO: change to POST
     if (empty($_REQUEST['data'])) {
         $this->error(400, 'MISSING_UPLOAD_DATA', 'Uploaded data not provided');
     }
     $xmldata =& $_REQUEST['data'];
     try {
         $doc = new DOMDocument();
         $doc->loadXML($xmldata, LIBXML_PARSEHUGE);
         // For huge uploads, make sure notes aren't bigger than SimpleXML can parse
         if (strlen($xmldata) > 7000000) {
             $xpath = new DOMXPath($doc);
             $results = $xpath->query('/data/items/item/note[string-length(text()) > ' . Zotero_Notes::$MAX_NOTE_LENGTH . ']');
             if ($results->length) {
                 $noteElem = $results->item(0);
                 $text = $noteElem->textContent;
                 $libraryID = $noteElem->parentNode->getAttribute('libraryID');
                 $key = $noteElem->parentNode->getAttribute('key');
                 // UTF-8   (0xC2 0xA0) isn't trimmed by default
                 $whitespace = chr(0x20) . chr(0x9) . chr(0xa) . chr(0xd) . chr(0x0) . chr(0xb) . chr(0xc2) . chr(0xa0);
                 $excerpt = iconv("UTF-8", "UTF-8//IGNORE", Zotero_Notes::noteToTitle(trim($text), true));
                 $excerpt = trim($excerpt, $whitespace);
                 // If tag-stripped version is empty, just return raw HTML
                 if ($excerpt == '') {
                     $excerpt = iconv("UTF-8", "UTF-8//IGNORE", preg_replace('/\\s+/', ' ', mb_substr(trim($text), 0, Zotero_Notes::$MAX_TITLE_LENGTH)));
                     $excerpt = html_entity_decode($excerpt);
                     $excerpt = trim($excerpt, $whitespace);
                 }
                 $msg = "=Note '" . $excerpt . "...' too long";
                 if ($key) {
                     $msg .= " for item '" . $libraryID . "/" . $key . "'";
                 }
                 throw new Exception($msg, Z_ERROR_NOTE_TOO_LONG);
             }
         }
     } catch (Exception $e) {
         $this->handleUploadError($e, $xmldata);
     }
     function relaxNGErrorHandler($errno, $errstr)
     {
         //Z_Core::logError($errstr);
     }
     set_error_handler('relaxNGErrorHandler');
     set_time_limit(60);
     if (!$doc->relaxNGValidate(Z_ENV_MODEL_PATH . 'relax-ng/upload.rng')) {
         $id = substr(md5(uniqid(rand(), true)), 0, 10);
         $str = date("D M j G:i:s T Y") . "\n";
         $str .= "IP address: " . $_SERVER['REMOTE_ADDR'] . "\n";
         if (isset($_SERVER['HTTP_X_ZOTERO_VERSION'])) {
             $str .= "Version: " . $_SERVER['HTTP_X_ZOTERO_VERSION'] . "\n";
         }
         $str .= "Error: RELAX NG validation failed\n\n";
         $str .= $xmldata;
         if (!file_put_contents(Z_CONFIG::$SYNC_ERROR_PATH . $id, $str)) {
             error_log("Unable to save error report to " . Z_CONFIG::$SYNC_ERROR_PATH . $id);
         }
         $this->error(500, 'INVALID_UPLOAD_DATA', "Uploaded data not well-formed (Report ID: {$id})");
     }
     restore_error_handler();
     try {
         $xml = simplexml_import_dom($doc);
         $queue = true;
         if (Z_ENV_TESTING_SITE && !empty($_GET['noqueue'])) {
             $queue = false;
         }
         if ($queue) {
             $affectedLibraries = Zotero_Sync::parseAffectedLibraries($xmldata);
             // Relations-only uploads don't have affected libraries
             if (!$affectedLibraries) {
                 $affectedLibraries = array(Zotero_Users::getLibraryIDFromUserID($this->userID));
             }
             Zotero_Sync::queueUpload($this->userID, $this->sessionID, $xmldata, $affectedLibraries);
             try {
                 Zotero_Processors::notifyProcessors('upload');
                 Zotero_Processors::notifyProcessors('error');
                 usleep(750000);
             } catch (Exception $e) {
                 Z_Core::logError($e);
             }
             // Give processor a chance to finish while we're still here
             $this->uploadstatus();
         } else {
             set_time_limit(210);
             $timestamp = Zotero_Sync::processUpload($this->userID, $xml);
             $this->responseXML['timestamp'] = $timestamp;
             $this->responseXML->addChild('uploaded');
             $this->end();
         }
     } catch (Exception $e) {
         $this->handleUploadError($e, $xmldata);
     }
 }
Beispiel #3
0
	public function save($userID=false) {
		if (!$this->_libraryID) {
			trigger_error("Library ID must be set before saving", E_USER_ERROR);
		}
		
		Zotero_Items::editCheck($this, $userID);
		
		if (!$this->hasChanged()) {
			Z_Core::debug("Item $this->id has not changed");
			return false;
		}
		
		$this->cacheEnabled = false;
		
		// Make sure there are no gaps in the creator indexes
		$creators = $this->getCreators();
		$lastPos = -1;
		foreach ($creators as $pos=>$creator) {
			if ($pos != $lastPos + 1) {
				trigger_error("Creator index $pos out of sequence for item $this->id", E_USER_ERROR);
			}
			$lastPos++;
		}
		
		$shardID = Zotero_Shards::getByLibraryID($this->_libraryID);
		
		$env = [];
		
		Zotero_DB::beginTransaction();
		
		try {
			//
			// New item, insert and return id
			//
			if (!$this->id || (empty($this->changed['version']) && !$this->exists())) {
				Z_Core::debug('Saving data for new item to database');
				
				$isNew = $env['isNew'] = true;
				$sqlColumns = array();
				$sqlValues = array();
				
				//
				// Primary fields
				//
				$itemID = $this->_id = $this->_id ? $this->_id : Zotero_ID::get('items');
				$key = $this->_key = $this->_key ? $this->_key : Zotero_ID::getKey();
				
				$sqlColumns = array(
					'itemID',
					'itemTypeID',
					'libraryID',
					'key',
					'dateAdded',
					'dateModified',
					'serverDateModified',
					'version'
				);
				$timestamp = Zotero_DB::getTransactionTimestamp();
				$dateAdded = $this->_dateAdded ? $this->_dateAdded : $timestamp;
				$dateModified = $this->_dateModified ? $this->_dateModified : $timestamp;
				$version = Zotero_Libraries::getUpdatedVersion($this->_libraryID);
				$sqlValues = array(
					$itemID,
					$this->_itemTypeID,
					$this->_libraryID,
					$key,
					$dateAdded,
					$dateModified,
					$timestamp,
					$version
				);
				
				$sql = 'INSERT INTO items (`' . implode('`, `', $sqlColumns) . '`) VALUES (';
				// Insert placeholders for bind parameters
				for ($i=0; $i<sizeOf($sqlValues); $i++) {
					$sql .= '?, ';
				}
				$sql = substr($sql, 0, -2) . ')';
				
				// Save basic data to items table
				try {
					$insertID = Zotero_DB::query($sql, $sqlValues, $shardID);
				}
				catch (Exception $e) {
					if (strpos($e->getMessage(), "Incorrect datetime value") !== false) {
						preg_match("/Incorrect datetime value: '([^']+)'/", $e->getMessage(), $matches);
						throw new Exception("=Invalid date value '{$matches[1]}' for item $key", Z_ERROR_INVALID_INPUT);
					}
					throw $e;
				}
				if (!$this->_id) {
					if (!$insertID) {
						throw new Exception("Item id not available after INSERT");
					}
					$itemID = $insertID;
					$this->_serverDateModified = $timestamp;
				}
				
				// Group item data
				if (Zotero_Libraries::getType($this->_libraryID) == 'group' && $userID) {
					$sql = "INSERT INTO groupItems VALUES (?, ?, ?)";
					Zotero_DB::query($sql, array($itemID, $userID, $userID), $shardID);
				}
				
				//
				// ItemData
				//
				if (!empty($this->changed['itemData'])) {
					// Use manual bound parameters to speed things up
					$origInsertSQL = "INSERT INTO itemData (itemID, fieldID, value) VALUES ";
					$insertSQL = $origInsertSQL;
					$insertParams = array();
					$insertCounter = 0;
					$maxInsertGroups = 40;
					
					$max = Zotero_Items::$maxDataValueLength;
					
					$fieldIDs = array_keys($this->changed['itemData']);
					
					foreach ($fieldIDs as $fieldID) {
						$value = $this->getField($fieldID, true, false, true);
						
						if ($value == 'CURRENT_TIMESTAMP'
								&& Zotero_ItemFields::getID('accessDate') == $fieldID) {
							$value = Zotero_DB::getTransactionTimestamp();
						}
						
						// Check length
						if (strlen($value) > $max) {
							$fieldName = Zotero_ItemFields::getLocalizedString(
								$this->_itemTypeID, $fieldID
							);
							$msg = "=$fieldName field value " .
								 "'" . mb_substr($value, 0, 50) . "...' too long";
							if ($this->_key) {
								$msg .= " for item '" . $this->_libraryID . "/" . $key . "'";
							}
							throw new Exception($msg, Z_ERROR_FIELD_TOO_LONG);
						}
						
						if ($insertCounter < $maxInsertGroups) {
							$insertSQL .= "(?,?,?),";
							$insertParams = array_merge(
								$insertParams,
								array($itemID, $fieldID, $value)
							);
						}
						
						if ($insertCounter == $maxInsertGroups - 1) {
							$insertSQL = substr($insertSQL, 0, -1);
							$stmt = Zotero_DB::getStatement($insertSQL, true, $shardID);
							Zotero_DB::queryFromStatement($stmt, $insertParams);
							$insertSQL = $origInsertSQL;
							$insertParams = array();
							$insertCounter = -1;
						}
						
						$insertCounter++;
					}
					
					if ($insertCounter > 0 && $insertCounter < $maxInsertGroups) {
						$insertSQL = substr($insertSQL, 0, -1);
						$stmt = Zotero_DB::getStatement($insertSQL, true, $shardID);
						Zotero_DB::queryFromStatement($stmt, $insertParams);
					}
				}
				
				//
				// Creators
				//
				if (!empty($this->changed['creators'])) {
					$indexes = array_keys($this->changed['creators']);
					
					// TODO: group queries
					
					$sql = "INSERT INTO itemCreators
								(itemID, creatorID, creatorTypeID, orderIndex) VALUES ";
					$placeholders = array();
					$sqlValues = array();
					
					$cacheRows = array();
					
					foreach ($indexes as $orderIndex) {
						Z_Core::debug('Adding creator in position ' . $orderIndex, 4);
						$creator = $this->getCreator($orderIndex);
						
						if (!$creator) {
							continue;
						}
						
						if ($creator['ref']->hasChanged()) {
							Z_Core::debug("Auto-saving changed creator {$creator['ref']->id}");
							try {
								$creator['ref']->save();
							}
							catch (Exception $e) {
								// TODO: Provide the item in question
								/*if (strpos($e->getCode() == Z_ERROR_CREATOR_TOO_LONG)) {
									$msg = $e->getMessage();
									$msg = str_replace(
										"with this name and shorten it.",
										"with this name, or paste '$key' into the quick search bar "
										. "in the Zotero toolbar, and shorten the name."
									);
									throw new Exception($msg, Z_ERROR_CREATOR_TOO_LONG);
								}*/
								throw $e;
							}
						}
						
						$placeholders[] = "(?, ?, ?, ?)";
						array_push(
							$sqlValues,
							$itemID,
							$creator['ref']->id,
							$creator['creatorTypeID'],
							$orderIndex
						);
						
						$cacheRows[] = array(
							'creatorID' => $creator['ref']->id,
							'creatorTypeID' => $creator['creatorTypeID'],
							'orderIndex' => $orderIndex
						);
					}
					
					if ($sqlValues) {
						$sql = $sql . implode(',', $placeholders);
						Zotero_DB::query($sql, $sqlValues, $shardID);
					}
				}
				
				
				// Deleted item
				if (!empty($this->changed['deleted'])) {
					$deleted = $this->getDeleted();
					if ($deleted) {
						$sql = "REPLACE INTO deletedItems (itemID) VALUES (?)";
					}
					else {
						$sql = "DELETE FROM deletedItems WHERE itemID=?";
					}
					Zotero_DB::query($sql, $itemID, $shardID);
				}
				
				
				// Note
				if ($this->isNote() || !empty($this->changed['note'])) {
					if (!is_string($this->noteText)) {
						$this->noteText = '';
					}
					// If we don't have a sanitized note, generate one
					if (is_null($this->noteTextSanitized)) {
						$noteTextSanitized = Zotero_Notes::sanitize($this->noteText);
						
						// But if note is sanitized already, store empty string
						if ($this->noteText === $noteTextSanitized) {
							$this->noteTextSanitized = '';
						}
						else {
							$this->noteTextSanitized = $noteTextSanitized;
						}
					}
					
					$this->noteTitle = Zotero_Notes::noteToTitle(
						$this->noteTextSanitized === '' ? $this->noteText : $this->noteTextSanitized
					);
					
					$sql = "INSERT INTO itemNotes
							(itemID, sourceItemID, note, noteSanitized, title, hash)
							VALUES (?,?,?,?,?,?)";
					$parent = $this->isNote() ? $this->getSource() : null;
					
					$hash = $this->noteText ? md5($this->noteText) : '';
					$bindParams = array(
						$itemID,
						$parent ? $parent : null,
						$this->noteText !== null ? $this->noteText : '',
						$this->noteTextSanitized,
						$this->noteTitle,
						$hash
					);
					
					try {
						Zotero_DB::query($sql, $bindParams, $shardID);
					}
					catch (Exception $e) {
						if (strpos($e->getMessage(), "Incorrect string value") !== false) {
							throw new Exception("=Invalid character in note '" . Zotero_Utilities::ellipsize($title, 70) . "'", Z_ERROR_INVALID_INPUT);
						}
						throw ($e);
					}
					Zotero_Notes::updateNoteCache($this->_libraryID, $itemID, $this->noteText);
					Zotero_Notes::updateHash($this->_libraryID, $itemID, $hash);
				}
				
				
				// Attachment
				if ($this->isAttachment()) {
					$sql = "INSERT INTO itemAttachments
							(itemID, sourceItemID, linkMode, mimeType, charsetID, path, storageModTime, storageHash)
							VALUES (?,?,?,?,?,?,?,?)";
					$parent = $this->getSource();
					if ($parent) {
						$parentItem = Zotero_Items::get($this->_libraryID, $parent);
						if (!$parentItem) {
							throw new Exception("Parent item $parent not found");
						}
						if ($parentItem->getSource()) {
							$parentKey = $parentItem->key;
							throw new Exception("=Parent item $parentKey cannot be a child attachment", Z_ERROR_INVALID_INPUT);
						}
					}
					
					$linkMode = $this->attachmentLinkMode;
					$charsetID = Zotero_CharacterSets::getID($this->attachmentCharset);
					$path = $this->attachmentPath;
					$storageModTime = $this->attachmentStorageModTime;
					$storageHash = $this->attachmentStorageHash;
					
					$bindParams = array(
						$itemID,
						$parent ? $parent : null,
						$linkMode + 1,
						$this->attachmentMIMEType,
						$charsetID ? $charsetID : null,
						$path ? $path : '',
						$storageModTime ? $storageModTime : null,
						$storageHash ? $storageHash : null
					);
					Zotero_DB::query($sql, $bindParams, $shardID);
				}
				
				// Sort fields
				$sortTitle = Zotero_Items::getSortTitle($this->getDisplayTitle(true));
				if (mb_substr($sortTitle, 0, 5) == mb_substr($this->getField('title', false, true), 0, 5)) {
					$sortTitle = null;
				}
				$creatorSummary = $this->isRegularItem()
					? mb_strcut($this->getCreatorSummary(true), 0, Zotero_Creators::$creatorSummarySortLength)
					: '';
				$sql = "INSERT INTO itemSortFields (itemID, sortTitle, creatorSummary) VALUES (?, ?, ?)";
				Zotero_DB::query($sql, array($itemID, $sortTitle, $creatorSummary), $shardID);
				
				//
				// Source item id
				//
				if ($sourceItemID = $this->getSource()) {
					$newSourceItem = Zotero_Items::get($this->_libraryID, $sourceItemID);
					if (!$newSourceItem) {
						throw new Exception("Cannot set source to invalid item");
					}
					
					switch (Zotero_ItemTypes::getName($this->_itemTypeID)) {
						case 'note':
							$newSourceItem->incrementNoteCount();
							break;
						case 'attachment':
							$newSourceItem->incrementAttachmentCount();
							break;
					}
				}
				
				// Collections
				if (!empty($this->changed['collections'])) {
					foreach ($this->collections as $collectionKey) {
						$collection = Zotero_Collections::getByLibraryAndKey($this->_libraryID, $collectionKey);
						if (!$collection) {
							throw new Exception("Collection with key '$collectionKey' not found", Z_ERROR_COLLECTION_NOT_FOUND);
						}
						$collection->addItem($itemID);
						$collection->save();
					}
				}
				
				// Tags
				if (!empty($this->changed['tags'])) {
					foreach ($this->tags as $tag) {
						$tagID = Zotero_Tags::getID($this->libraryID, $tag->tag, $tag->type);
						if ($tagID) {
							$tagObj = Zotero_Tags::get($this->_libraryID, $tagID);
						}
						else {
							$tagObj = new Zotero_Tag;
							$tagObj->libraryID = $this->_libraryID;
							$tagObj->name = $tag->tag;
							$tagObj->type = (int) $tag->type ? $tag->type : 0;
						}
						$tagObj->addItem($this->_key);
						$tagObj->save();
					}
				}
 				
				// Related items
				if (!empty($this->changed['relations'])) {
					$uri = Zotero_URI::getItemURI($this);
					
					$sql = "INSERT IGNORE INTO relations "
						 . "(relationID, libraryID, `key`, subject, predicate, object) "
						 . "VALUES (?, ?, ?, ?, ?, ?)";
					$insertStatement = Zotero_DB::getStatement($sql, false, $shardID);
					foreach ($this->relations as $rel) {
						$insertStatement->execute(
							array(
								Zotero_ID::get('relations'),
								$this->_libraryID,
								Zotero_Relations::makeKey($uri, $rel[0], $rel[1]),
								$uri,
								$rel[0],
								$rel[1]
							)
						);
					}
				}
				
				// Remove from delete log if it's there
				$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='item' AND `key`=?";
				Zotero_DB::query($sql, array($this->_libraryID, $key), $shardID);
			}
			
			//
			// Existing item, update
			//
			else {
				Z_Core::debug('Updating database with new item data for item '
					. $this->_libraryID . '/' . $this->_key, 4);
				
				$isNew = $env['isNew'] = false;
				
				//
				// Primary fields
				//
				$sql = "UPDATE items SET ";
				$sqlValues = array();
				
				$timestamp = Zotero_DB::getTransactionTimestamp();
				$version = Zotero_Libraries::getUpdatedVersion($this->_libraryID);
				
				$updateFields = array(
					'itemTypeID',
					'libraryID',
					'key',
					'dateAdded',
					'dateModified'
				);
				
				if (!empty($this->changed['primaryData'])) {
					foreach ($updateFields as $updateField) {
						if (in_array($updateField, $this->changed['primaryData'])) {
							$sql .= "`$updateField`=?, ";
							$sqlValues[] = $this->{"_$updateField"};
						}
					}
				}
				
				$sql .= "serverDateModified=?, version=? WHERE itemID=?";
				array_push(
					$sqlValues,
					$timestamp,
					$version,
					$this->_id
				);
				
				Zotero_DB::query($sql, $sqlValues, $shardID);
				
				$this->_serverDateModified = $timestamp;
				
				// Group item data
				if (Zotero_Libraries::getType($this->_libraryID) == 'group' && $userID) {
					$sql = "INSERT INTO groupItems VALUES (?, ?, ?)
								ON DUPLICATE KEY UPDATE lastModifiedByUserID=?";
					Zotero_DB::query($sql, array($this->_id, null, $userID, $userID), $shardID);
				}
				
				
				//
				// ItemData
				//
				if (!empty($this->changed['itemData'])) {
					$del = array();
					
					$origReplaceSQL = "REPLACE INTO itemData (itemID, fieldID, value) VALUES ";
					$replaceSQL = $origReplaceSQL;
					$replaceParams = array();
					$replaceCounter = 0;
					$maxReplaceGroups = 40;
					
					$max = Zotero_Items::$maxDataValueLength;
					
					$fieldIDs = array_keys($this->changed['itemData']);
					
					foreach ($fieldIDs as $fieldID) {
						$value = $this->getField($fieldID, true, false, true);
						
						// If field changed and is empty, mark row for deletion
						if ($value === "") {
							$del[] = $fieldID;
							continue;
						}
						
						if ($value == 'CURRENT_TIMESTAMP'
								&& Zotero_ItemFields::getID('accessDate') == $fieldID) {
							$value = Zotero_DB::getTransactionTimestamp();
						}
						
						// Check length
						if (strlen($value) > $max) {
							$fieldName = Zotero_ItemFields::getLocalizedString(
								$this->_itemTypeID, $fieldID
							);
							$msg = "=$fieldName field value " .
								 "'" . mb_substr($value, 0, 50) . "...' too long";
							if ($this->_key) {
								$msg .= " for item '" . $this->_libraryID
									. "/" . $this->_key . "'";
							}
							throw new Exception($msg, Z_ERROR_FIELD_TOO_LONG);
						}
						
						if ($replaceCounter < $maxReplaceGroups) {
							$replaceSQL .= "(?,?,?),";
							$replaceParams = array_merge($replaceParams,
								array($this->_id, $fieldID, $value)
							);
						}
						
						if ($replaceCounter == $maxReplaceGroups - 1) {
							$replaceSQL = substr($replaceSQL, 0, -1);
							$stmt = Zotero_DB::getStatement($replaceSQL, true, $shardID);
							Zotero_DB::queryFromStatement($stmt, $replaceParams);
							$replaceSQL = $origReplaceSQL;
							$replaceParams = array();
							$replaceCounter = -1;
						}
						$replaceCounter++;
					}
					
					if ($replaceCounter > 0 && $replaceCounter < $maxReplaceGroups) {
						$replaceSQL = substr($replaceSQL, 0, -1);
						$stmt = Zotero_DB::getStatement($replaceSQL, true, $shardID);
						Zotero_DB::queryFromStatement($stmt, $replaceParams);
					}
					
					// Update memcached with used fields
					$fids = array();
					foreach ($this->itemData as $fieldID=>$value) {
						if ($value !== false && $value !== null) {
							$fids[] = $fieldID;
						}
					}
					
					// Delete blank fields
					if ($del) {
						$sql = 'DELETE from itemData WHERE itemID=? AND fieldID IN (';
						$sqlParams = array($this->_id);
						foreach ($del as $d) {
							$sql .= '?, ';
							$sqlParams[] = $d;
						}
						$sql = substr($sql, 0, -2) . ')';
						
						Zotero_DB::query($sql, $sqlParams, $shardID);
					}
				}
				
				//
				// Creators
				//
				if (!empty($this->changed['creators'])) {
					$indexes = array_keys($this->changed['creators']);
					
					$sql = "INSERT INTO itemCreators
								(itemID, creatorID, creatorTypeID, orderIndex) VALUES ";
					$placeholders = array();
					$sqlValues = array();
					
					$cacheRows = array();
					
					foreach ($indexes as $orderIndex) {
						Z_Core::debug('Creator in position ' . $orderIndex . ' has changed', 4);
						$creator = $this->getCreator($orderIndex);
						
						$sql2 = 'DELETE FROM itemCreators WHERE itemID=? AND orderIndex=?';
						Zotero_DB::query($sql2, array($this->_id, $orderIndex), $shardID);
						
						if (!$creator) {
							continue;
						}
						
						if ($creator['ref']->hasChanged()) {
							Z_Core::debug("Auto-saving changed creator {$creator['ref']->id}");
							$creator['ref']->save();
						}
						
						
						$placeholders[] = "(?, ?, ?, ?)";
						array_push(
							$sqlValues,
							$this->_id,
							$creator['ref']->id,
							$creator['creatorTypeID'],
							$orderIndex
						);
					}
					
					if ($sqlValues) {
						$sql = $sql . implode(',', $placeholders);
						Zotero_DB::query($sql, $sqlValues, $shardID);
					}
				}
				
				// Deleted item
				if (!empty($this->changed['deleted'])) {
					$deleted = $this->getDeleted();
					if ($deleted) {
						$sql = "REPLACE INTO deletedItems (itemID) VALUES (?)";
					}
					else {
						$sql = "DELETE FROM deletedItems WHERE itemID=?";
					}
					Zotero_DB::query($sql, $this->_id, $shardID);
				}
				
				
				// In case this was previously a standalone item,
				// delete from any collections it may have been in
				if (!empty($this->changed['source']) && $this->getSource()) {
					$sql = "DELETE FROM collectionItems WHERE itemID=?";
					Zotero_DB::query($sql, $this->_id, $shardID);
				}
				
				//
				// Note or attachment note
				//
				if (!empty($this->changed['note'])) {
					// If we don't have a sanitized note, generate one
					if (is_null($this->noteTextSanitized)) {
						$noteTextSanitized = Zotero_Notes::sanitize($this->noteText);
						// But if note is sanitized already, store empty string
						if ($this->noteText == $noteTextSanitized) {
							$this->noteTextSanitized = '';
						}
						else {
							$this->noteTextSanitized = $noteTextSanitized;
						}
					}
					
					$this->noteTitle = Zotero_Notes::noteToTitle(
						$this->noteTextSanitized === '' ? $this->noteText : $this->noteTextSanitized
					);
					
					// Only record sourceItemID in itemNotes for notes
					if ($this->isNote()) {
						$sourceItemID = $this->getSource();
					}
					$sourceItemID = !empty($sourceItemID) ? $sourceItemID : null;
					$hash = $this->noteText ? md5($this->noteText) : '';
					$sql = "INSERT INTO itemNotes
							(itemID, sourceItemID, note, noteSanitized, title, hash)
							VALUES (?,?,?,?,?,?)
							ON DUPLICATE KEY UPDATE sourceItemID=?, note=?, noteSanitized=?, title=?, hash=?";
					$bindParams = array(
						$this->_id,
						$sourceItemID, $this->noteText, $this->noteTextSanitized, $this->noteTitle, $hash,
						$sourceItemID, $this->noteText, $this->noteTextSanitized, $this->noteTitle, $hash
					);
					Zotero_DB::query($sql, $bindParams, $shardID);
					Zotero_Notes::updateNoteCache($this->_libraryID, $this->_id, $this->noteText);
					Zotero_Notes::updateHash($this->_libraryID, $this->_id, $hash);
					
					// TODO: handle changed source?
				}
				
				
				// Attachment
				if (!empty($this->changed['attachmentData'])) {
					$sql = "INSERT INTO itemAttachments
						(itemID, sourceItemID, linkMode, mimeType, charsetID, path, storageModTime, storageHash)
						VALUES (?,?,?,?,?,?,?,?)
						ON DUPLICATE KEY UPDATE
							sourceItemID=VALUES(sourceItemID),
							linkMode=VALUES(linkMode),
							mimeType=VALUES(mimeType),
							charsetID=VALUES(charsetID),
							path=VALUES(path),
							storageModTime=VALUES(storageModTime),
							storageHash=VALUES(storageHash)";
					$parent = $this->getSource();
					if ($parent) {
						$parentItem = Zotero_Items::get($this->_libraryID, $parent);
						if (!$parentItem) {
							throw new Exception("Parent item $parent not found");
						}
						if ($parentItem->getSource()) {
							$parentKey = $parentItem->key;
							throw new Exception("=Parent item $parentKey cannot be a child attachment", Z_ERROR_INVALID_INPUT);
						}
					}
					
					$linkMode = $this->attachmentLinkMode;
					$charsetID = Zotero_CharacterSets::getID($this->attachmentCharset);
					$path = $this->attachmentPath;
					$storageModTime = $this->attachmentStorageModTime;
					$storageHash = $this->attachmentStorageHash;
					
					$bindParams = array(
						$this->_id,
						$parent ? $parent : null,
						$linkMode + 1,
						$this->attachmentMIMEType,
						$charsetID ? $charsetID : null,
						$path ? $path : '',
						$storageModTime ? $storageModTime : null,
						$storageHash ? $storageHash : null
					);
					Zotero_DB::query($sql, $bindParams, $shardID);
				}
				
				// Sort fields
				if (!empty($this->changed['primaryData']['itemTypeID'])
						|| !empty($this->changed['itemData'])
						|| !empty($this->changed['creators'])) {
					$sql = "UPDATE itemSortFields SET sortTitle=?";
					$params = array();
					
					$sortTitle = Zotero_Items::getSortTitle($this->getDisplayTitle(true));
					if (mb_substr($sortTitle, 0, 5) == mb_substr($this->getField('title', false, true), 0, 5)) {
						$sortTitle = null;
					}
					$params[] = $sortTitle;
					
					if (!empty($this->changed['creators'])) {
						$creatorSummary = mb_strcut($this->getCreatorSummary(true), 0, Zotero_Creators::$creatorSummarySortLength);
						$sql .= ", creatorSummary=?";
						$params[] = $creatorSummary;
					}
					
					$sql .= " WHERE itemID=?";
					$params[] = $this->_id;
					
					Zotero_DB::query($sql, $params, $shardID);
				}
				
				//
				// Source item id
				//
				if (!empty($this->changed['source'])) {
					$type = Zotero_ItemTypes::getName($this->_itemTypeID);
					$Type = ucwords($type);
					
					// Update DB, if not a note or attachment we already changed above
					if (empty($this->changed['attachmentData']) && (empty($this->changed['note']) || !$this->isNote())) {
						$sql = "UPDATE item" . $Type . "s SET sourceItemID=? WHERE itemID=?";
						$parent = $this->getSource();
						$bindParams = array(
							$parent ? $parent : null,
							$this->_id
						);
						Zotero_DB::query($sql, $bindParams, $shardID);
					}
				}
				
				
				if (false && !empty($this->changed['source'])) {
					trigger_error("Unimplemented", E_USER_ERROR);
					
					$newItem = Zotero_Items::get($this->_libraryID, $sourceItemID);
					// FK check
					if ($newItem) {
						if ($sourceItemID) {
						}
						else {
							trigger_error("Cannot set $type source to invalid item $sourceItemID", E_USER_ERROR);
						}
					}
					
					$oldSourceItemID = $this->getSource();
					
					if ($oldSourceItemID == $sourceItemID) {
						Z_Core::debug("$Type source hasn't changed", 4);
					}
					else {
						$oldItem = Zotero_Items::get($this->_libraryID, $oldSourceItemID);
						if ($oldSourceItemID && $oldItem) {
						}
						else {
							//$oldItemNotifierData = null;
							Z_Core::debug("Old source item $oldSourceItemID didn't exist in setSource()", 2);
						}
						
						// If this was an independent item, remove from any collections where it
						// existed previously and add source instead if there is one
						if (!$oldSourceItemID) {
							$sql = "SELECT collectionID FROM collectionItems WHERE itemID=?";
							$changedCollections = Zotero_DB::query($sql, $itemID, $shardID);
							if ($changedCollections) {
								trigger_error("Unimplemented", E_USER_ERROR);
								if ($sourceItemID) {
									$sql = "UPDATE OR REPLACE collectionItems "
										. "SET itemID=? WHERE itemID=?";
									Zotero_DB::query($sql, array($sourceItemID, $this->_id), $shardID);
								}
								else {
									$sql = "DELETE FROM collectionItems WHERE itemID=?";
									Zotero_DB::query($sql, $this->_id, $shardID);
								}
							}
						}
						
						$sql = "UPDATE item{$Type}s SET sourceItemID=?
								WHERE itemID=?";
						$bindParams = array(
							$sourceItemID ? $sourceItemID : null,
							$itemID
						);
						Zotero_DB::query($sql, $bindParams, $shardID);
						
						//Zotero.Notifier.trigger('modify', 'item', $this->_id, notifierData);
						
						// Update the counts of the previous and new sources
						if ($oldItem) {
							/*
							switch ($type) {
								case 'note':
									$oldItem->decrementNoteCount();
									break;
								case 'attachment':
									$oldItem->decrementAttachmentCount();
									break;
							}
							*/
							//Zotero.Notifier.trigger('modify', 'item', oldSourceItemID, oldItemNotifierData);
						}
						
						if ($newItem) {
							/*
							switch ($type) {
								case 'note':
									$newItem->incrementNoteCount();
									break;
								case 'attachment':
									$newItem->incrementAttachmentCount();
									break;
							}
							*/
							//Zotero.Notifier.trigger('modify', 'item', sourceItemID, newItemNotifierData);
						}
					}
				}
				
				// Collections
				if (!empty($this->changed['collections'])) {
					$oldCollections = $this->previousData['collections'];
					$newCollections = $this->collections;
					
					$toAdd = array_diff($newCollections, $oldCollections);
					$toRemove = array_diff($oldCollections, $newCollections);
					
					foreach ($toAdd as $collectionKey) {
						$collection = Zotero_Collections::getByLibraryAndKey($this->_libraryID, $collectionKey);
						if (!$collection) {
							throw new Exception("Collection with key '$collectionKey' not found", Z_ERROR_COLLECTION_NOT_FOUND);
						}
						$collection->addItem($this->_id);
						$collection->save();
					}
					
					foreach ($toRemove as $collectionKey) {
						$collection = Zotero_Collections::getByLibraryAndKey($this->_libraryID, $collectionKey);
						$collection->removeItem($this->_id);
						$collection->save();
					}
				}
				
				if (!empty($this->changed['tags'])) {
					$oldTags = $this->previousData['tags'];
					$newTags = $this->tags;
					
					$toAdd = [];
					$toRemove = [];
					
					// Get new tags not in existing
					for ($i=0, $len=sizeOf($newTags); $i<$len; $i++) {
						if (!isset($newTags[$i]->type)) {
							$newTags[$i]->type = 0;
						}
						
						$name = trim($newTags[$i]->tag);
						$type = $newTags[$i]->type;
						
						foreach ($oldTags as $tag) {
							// Do a case-insensitive comparison, to match the client
							if (strtolower($tag->name) == strtolower($name) && $tag->type == $type) {
								continue 2;
							}
						}
						
						$toAdd[] = $newTags[$i];
					}
					
					// Get existing tags not in new
					for ($i=0, $len=sizeOf($oldTags); $i<$len; $i++) {
						$name = $oldTags[$i]->name;
						$type = $oldTags[$i]->type;
						
						foreach ($newTags as $tag) {
							if (strtolower($tag->tag) == strtolower($name) && $tag->type == $type) {
								continue 2;
							}
						}
						
						$toRemove[] = $oldTags[$i];
					}
					
					foreach ($toAdd as $tag) {
						$name = $tag->tag;
						$type = $tag->type;
						
						$tagID = Zotero_Tags::getID($this->_libraryID, $name, $type, true);
						if (!$tagID) {
							$tag = new Zotero_Tag;
							$tag->libraryID = $this->_libraryID;
							$tag->name = $name;
							$tag->type = $type;
							$tagID = $tag->save();
						}
						
						$tag = Zotero_Tags::get($this->_libraryID, $tagID);
						$tag->addItem($this->_key);
						$tag->save();
					}
					
					foreach ($toRemove as $tag) {
						$tag->removeItem($this->_key);
						$tag->save();
					}
				}
				
				// Related items
				if (!empty($this->changed['relations'])) {
					$removed = [];
					$new = [];
					$current = $this->relations;
					
					// TEMP
					// Convert old-style related items into relations
					$sql = "SELECT `key` FROM itemRelated IR "
						 . "JOIN items I ON (IR.linkedItemID=I.itemID) "
						 . "WHERE IR.itemID=?";
					$toMigrate = Zotero_DB::columnQuery($sql, $this->_id, $shardID);
					if ($toMigrate) {
						$prefix = Zotero_URI::getLibraryURI($this->_libraryID) . "/items/";
						$new = array_map(function ($key) use ($prefix) {
							return [
								Zotero_Relations::$relatedItemPredicate,
								$prefix . $key
							];
						}, $toMigrate);
						$sql = "DELETE FROM itemRelated WHERE itemID=?";
						Zotero_DB::query($sql, $this->_id, $shardID);
					}
					
					foreach ($this->previousData['relations'] as $rel) {
						if (array_search($rel, $current) === false) {
							$removed[] = $rel;
						}
					}
					
					foreach ($current as $rel) {
						if (array_search($rel, $this->previousData['relations']) !== false) {
							continue;
						}
						$new[] = $rel;
					}
					
					$uri = Zotero_URI::getItemURI($this);
					
					if ($removed) {
						$sql = "DELETE FROM relations WHERE libraryID=? AND `key`=?";
						$deleteStatement = Zotero_DB::getStatement($sql, false, $shardID);
						
						foreach ($removed as $rel) {
							$params = [
								$this->_libraryID,
								Zotero_Relations::makeKey($uri, $rel[0], $rel[1])
							];
							$deleteStatement->execute($params);
							
							// TEMP
							// For owl:sameAs, delete reverse as well, since the client
							// can save that way
							if ($rel[0] == Zotero_Relations::$linkedObjectPredicate) {
								$params = [
									$this->_libraryID,
									Zotero_Relations::makeKey($rel[1], $rel[0], $uri)
								];
								$deleteStatement->execute($params);
							}
						}
					}
					
					if ($new) {
						$sql = "INSERT IGNORE INTO relations "
						     . "(relationID, libraryID, `key`, subject, predicate, object) "
						     . "VALUES (?, ?, ?, ?, ?, ?)";
						$insertStatement = Zotero_DB::getStatement($sql, false, $shardID);
						
						foreach ($new as $rel) {
							$insertStatement->execute(
								array(
									Zotero_ID::get('relations'),
									$this->_libraryID,
									Zotero_Relations::makeKey($uri, $rel[0], $rel[1]),
									$uri,
									$rel[0],
									$rel[1]
								)
							);
							
							// If adding a related item, the version on that item has to be
							// updated as well (if it exists). Otherwise, requests for that
							// item will return cached data without the new relation.
							if ($rel[0] == Zotero_Relations::$relatedItemPredicate) {
								$relatedItem = Zotero_URI::getURIItem($rel[1]);
								if (!$relatedItem) {
									Z_Core::debug("Related item " . $rel[1] . " does not exist "
										. "for item " . $this->_libraryKey);
									continue;
								}
								// If item has already changed, assume something else is taking
								// care of saving it and don't do so now, to avoid endless loops
								// with circular relations
								if ($relatedItem->hasChanged()) {
									continue;
								}
								$relatedItem->updateVersion($userID);
							}
						}
					}
				}
			}
			
			Zotero_DB::commit();
		}
		
		catch (Exception $e) {
			Zotero_DB::rollback();
			throw ($e);
		}
		
		$this->cacheEnabled = false;
		
		$this->finalizeSave($env);
		
		if ($isNew) {
			Zotero_Notifier::trigger('add', 'item', $this->_libraryID . "/" . $this->_key);
			return $this->_id;
		}
		
		Zotero_Notifier::trigger('modify', 'item', $this->_libraryID . "/" . $this->_key);
		return true;
	}
Beispiel #4
0
 /**
  * $tags is an array of objects with properties 'tag' and 'type'
  */
 public function setTags($newTags)
 {
     if (!$this->id) {
         throw new Exception('itemID not set');
     }
     $numTags = $this->numTags();
     if (!$newTags && !$numTags) {
         return false;
     }
     Zotero_DB::beginTransaction();
     $existingTags = $this->getTags();
     $toAdd = array();
     $toRemove = array();
     // Get new tags not in existing
     for ($i = 0, $len = sizeOf($newTags); $i < $len; $i++) {
         if (!isset($newTags[$i]->type)) {
             $newTags[$i]->type = 0;
         }
         $name = trim($newTags[$i]->tag);
         // 'tag', not 'name', since that's what JSON uses
         $type = $newTags[$i]->type;
         foreach ($existingTags as $tag) {
             // Do a case-insensitive comparison, to match the client
             if (strtolower($tag->name) == strtolower($name) && $tag->type == $type) {
                 continue 2;
             }
         }
         $toAdd[] = $newTags[$i];
     }
     // Get existing tags not in new
     for ($i = 0, $len = sizeOf($existingTags); $i < $len; $i++) {
         $name = $existingTags[$i]->name;
         $type = $existingTags[$i]->type;
         foreach ($newTags as $tag) {
             if (strtolower($tag->tag) == strtolower($name) && $tag->type == $type) {
                 continue 2;
             }
         }
         $toRemove[] = $existingTags[$i];
     }
     foreach ($toAdd as $tag) {
         $name = $tag->tag;
         $type = $tag->type;
         $tagID = Zotero_Tags::getID($this->libraryID, $name, $type, true);
         if (!$tagID) {
             $tag = new Zotero_Tag();
             $tag->libraryID = $this->libraryID;
             $tag->name = $name;
             $tag->type = $type;
             $tagID = $tag->save();
         }
         $tag = Zotero_Tags::get($this->libraryID, $tagID);
         $tag->addItem($this->id);
         $tag->save();
     }
     foreach ($toRemove as $tag) {
         $tag->removeItem($this->id);
         $tag->save();
     }
     Zotero_DB::commit();
     return $toAdd || $toRemove;
 }
Beispiel #5
0
 public function keys()
 {
     $userID = $this->objectUserID;
     $key = $this->objectName;
     $this->allowMethods(['GET', 'POST', 'PUT', 'DELETE']);
     if ($this->method == 'GET') {
         // Single key
         if ($key) {
             $keyObj = Zotero_Keys::getByKey($key);
             if (!$keyObj) {
                 $this->e404("Key not found");
             }
             // /users/<userID>/keys/<keyID> (deprecated)
             if ($userID) {
                 // If we have a userID, make sure it matches
                 if ($keyObj->userID != $userID) {
                     $this->e404("Key not found");
                 }
             } else {
                 if ($this->apiVersion < 3) {
                     $this->e404();
                 }
             }
             if ($this->apiVersion >= 3) {
                 $json = $keyObj->toJSON();
                 // If not super-user, don't include name or recent IP addresses
                 if (!$this->permissions->isSuper()) {
                     unset($json['dateAdded']);
                     unset($json['lastUsed']);
                     unset($json['name']);
                     unset($json['recentIPs']);
                 }
                 header('application/json');
                 echo Zotero_Utilities::formatJSON($json);
             } else {
                 $this->responseXML = $keyObj->toXML();
                 // If not super-user, don't include name or recent IP addresses
                 if (!$this->permissions->isSuper()) {
                     unset($this->responseXML['dateAdded']);
                     unset($this->responseXML['lastUsed']);
                     unset($this->responseXML->name);
                     unset($this->responseXML->recentIPs);
                 }
             }
         } else {
             if (!$this->permissions->isSuper()) {
                 $this->e403();
             }
             $keyObjs = Zotero_Keys::getUserKeys($userID);
             if ($keyObjs) {
                 if ($this->apiVersion >= 3) {
                     $json = [];
                     foreach ($keyObjs as $keyObj) {
                         $json[] = $keyObj->toJSON();
                     }
                     echo Zotero_Utilities::formatJSON($json);
                 } else {
                     $xml = new SimpleXMLElement('<keys/>');
                     $domXML = dom_import_simplexml($xml);
                     foreach ($keyObjs as $keyObj) {
                         $keyXML = $keyObj->toXML();
                         $domKeyXML = dom_import_simplexml($keyXML);
                         $node = $domXML->ownerDocument->importNode($domKeyXML, true);
                         $domXML->appendChild($node);
                     }
                     $this->responseXML = $xml;
                 }
             }
         }
     } else {
         if ($this->method == 'DELETE') {
             if (!$key) {
                 $this->e400("DELETE requests must end with a key");
             }
             Zotero_DB::beginTransaction();
             $keyObj = Zotero_Keys::getByKey($key);
             if (!$keyObj) {
                 $this->e404("Key '{$key}' does not exist");
             }
             $keyObj->erase();
             Zotero_DB::commit();
             header("HTTP/1.1 204 No Content");
             exit;
         } else {
             // Require super-user for modifications
             if (!$this->permissions->isSuper()) {
                 $this->e403();
             }
             if ($this->method == 'POST') {
                 if ($key) {
                     $this->e400("POST requests cannot end with a key (did you mean PUT?)");
                 }
                 if ($this->apiVersion >= 3) {
                     $json = json_decode($this->body, true);
                     if (!$json) {
                         $this->e400("{$this->method} data is not valid JSON");
                     }
                     if (!empty($json['key'])) {
                         $this->e400("POST requests cannot contain a key in '" . $this->body . "'");
                     }
                     $fields = $this->getFieldsFromJSON($json);
                 } else {
                     try {
                         $keyXML = @new SimpleXMLElement($this->body);
                     } catch (Exception $e) {
                         $this->e400("{$this->method} data is not valid XML");
                     }
                     if (!empty($key['key'])) {
                         $this->e400("POST requests cannot contain a key in '" . $this->body . "'");
                     }
                     $fields = $this->getFieldsFromKeyXML($keyXML);
                 }
                 Zotero_DB::beginTransaction();
                 try {
                     $keyObj = new Zotero_Key();
                     $keyObj->userID = $userID;
                     foreach ($fields as $field => $val) {
                         if ($field == 'access') {
                             foreach ($val as $access) {
                                 $this->setKeyPermissions($keyObj, $access);
                             }
                         } else {
                             $keyObj->{$field} = $val;
                         }
                     }
                     $keyObj->save();
                 } catch (Exception $e) {
                     if ($e->getCode() == Z_ERROR_KEY_NAME_TOO_LONG) {
                         $this->e400($e->getMessage());
                     }
                     $this->handleException($e);
                 }
                 if ($this->apiVersion >= 3) {
                     header('application/json');
                     echo Zotero_Utilities::formatJSON($keyObj->toJSON());
                 } else {
                     $this->responseXML = $keyObj->toXML();
                 }
                 Zotero_DB::commit();
                 $url = Zotero_API::getKeyURI($keyObj);
                 $this->responseCode = 201;
                 header("Location: " . $url, false, 201);
             } else {
                 if ($this->method == 'PUT') {
                     if (!$key) {
                         $this->e400("PUT requests must end with a key (did you mean POST?)");
                     }
                     if ($this->apiVersion >= 3) {
                         $json = json_decode($this->body, true);
                         if (!$json) {
                             $this->e400("{$this->method} data is not valid JSON");
                         }
                         $fields = $this->getFieldsFromJSON($json);
                     } else {
                         try {
                             $keyXML = @new SimpleXMLElement($this->body);
                         } catch (Exception $e) {
                             $this->e400("{$this->method} data is not valid XML");
                         }
                         $fields = $this->getFieldsFromKeyXML($keyXML);
                     }
                     // Key attribute is optional, but, if it's there, make sure it matches
                     if (isset($fields['key']) && $fields['key'] != $key) {
                         $this->e400("Key '{$fields['key']}' does not match key '{$key}' from URI");
                     }
                     Zotero_DB::beginTransaction();
                     try {
                         $keyObj = Zotero_Keys::getByKey($key);
                         if (!$keyObj) {
                             $this->e404("Key '{$key}' does not exist");
                         }
                         foreach ($fields as $field => $val) {
                             if ($field == 'access') {
                                 foreach ($val as $access) {
                                     $this->setKeyPermissions($keyObj, $access);
                                 }
                             } else {
                                 $keyObj->{$field} = $val;
                             }
                         }
                         $keyObj->save();
                     } catch (Exception $e) {
                         if ($e->getCode() == Z_ERROR_KEY_NAME_TOO_LONG) {
                             $this->e400($e->getMessage());
                         }
                         $this->handleException($e);
                     }
                     if ($this->apiVersion >= 3) {
                         echo Zotero_Utilities::formatJSON($keyObj->toJSON());
                     } else {
                         $this->responseXML = $keyObj->toXML();
                     }
                     Zotero_DB::commit();
                 }
             }
         }
     }
     if ($this->apiVersion >= 3) {
         $this->end();
     } else {
         header('Content-Type: application/xml');
         $xmlstr = $this->responseXML->asXML();
         $doc = new DOMDocument('1.0');
         $doc->loadXML($xmlstr);
         $doc->formatOutput = true;
         echo $doc->saveXML();
         exit;
     }
 }
Beispiel #6
0
 public static function copyLibrary($libraryID, $newShardID, $overrideLock = false)
 {
     $currentShardID = self::getByLibraryID($libraryID);
     if ($currentShardID == $newShardID) {
         throw new Exception("Library {$libraryID} is already on shard {$newShardID}");
     }
     if (!self::shardIsWriteable($newShardID)) {
         throw new Exception("Shard {$newShardID} is not writeable");
     }
     if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
         throw new Exception("Library {$libraryID} is locked");
     }
     // Make sure there's no stale data on the new shard
     if (self::checkForLibrary($libraryID, $newShardID)) {
         throw new Exception("Library {$libraryID} data already exists on shard {$newShardID}");
     }
     Zotero_DB::beginTransaction();
     Zotero_DB::query("SET foreign_key_checks=0", false, $newShardID);
     $tables = array('shardLibraries', 'collections', 'creators', 'items', 'relations', 'savedSearches', 'tags', 'collectionItems', 'deletedItems', 'groupItems', 'itemAttachments', 'itemCreators', 'itemData', 'itemNotes', 'itemRelated', 'itemSortFields', 'itemTags', 'savedSearchConditions', 'storageFileItems', 'syncDeleteLogIDs', 'syncDeleteLogKeys');
     foreach ($tables as $table) {
         if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
             Zotero_DB::rollback();
             throw new Exception("Aborted due to library lock");
         }
         switch ($table) {
             case 'collections':
             case 'creators':
             case 'items':
             case 'relations':
             case 'savedSearches':
             case 'shardLibraries':
             case 'syncDeleteLogIDs':
             case 'syncDeleteLogKeys':
             case 'tags':
                 $sql = "SELECT * FROM {$table} WHERE libraryID=?";
                 break;
             case 'collectionItems':
                 $sql = "SELECT CI.* FROM collectionItems CI\n\t\t\t\t\t\t\tJOIN collections USING (collectionID) WHERE libraryID=?";
                 break;
             case 'deletedItems':
             case 'groupItems':
             case 'itemAttachments':
             case 'itemCreators':
             case 'itemData':
             case 'itemNotes':
             case 'itemRelated':
             case 'itemSortFields':
             case 'itemTags':
             case 'storageFileItems':
                 $sql = "SELECT T.* FROM {$table} T JOIN items USING (itemID) WHERE libraryID=?";
                 break;
             case 'savedSearchConditions':
                 $sql = "SELECT SSC.* FROM savedSearchConditions SSC\n\t\t\t\t\t\t\tJOIN savedSearches USING (searchID) WHERE libraryID=?";
                 break;
         }
         $rows = Zotero_DB::query($sql, $libraryID, $currentShardID);
         if ($rows) {
             $sets = array();
             foreach ($rows as $row) {
                 $sets[] = array_values($row);
             }
             $sql = "INSERT INTO {$table} VALUES ";
             Zotero_DB::bulkInsert($sql, $sets, 50, false, $newShardID);
         }
     }
     Zotero_DB::query("SET foreign_key_checks=1", false, $newShardID);
     if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
         Zotero_DB::rollback();
         throw new Exception("Aborted due to library lock");
     }
     Zotero_DB::commit();
     if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
         self::deleteLibrary($libraryID, $newShardID);
         throw new Exception("Aborted due to library lock");
     }
 }
Beispiel #7
0
 public function storageadmin()
 {
     if (!$this->permissions->isSuper()) {
         $this->e404();
     }
     $this->allowMethods(array('GET', 'POST'));
     Zotero_DB::beginTransaction();
     if ($this->method == 'POST') {
         if (!isset($_POST['quota'])) {
             $this->e400("Quota not provided");
         }
         // Accept 'unlimited' via API
         if ($_POST['quota'] == 'unlimited') {
             $_POST['quota'] = self::UNLIMITED;
         }
         if (!isset($_POST['expiration'])) {
             $this->e400("Expiration not provided");
         }
         if (!is_numeric($_POST['quota']) || $_POST['quota'] < 0) {
             $this->e400("Invalid quota");
         }
         if (!is_numeric($_POST['expiration'])) {
             $this->e400("Invalid expiration");
         }
         $halfHourAgo = strtotime("-30 minutes");
         if ($_POST['expiration'] != 0 && $_POST['expiration'] < $halfHourAgo) {
             $this->e400("Expiration is in the past");
         }
         try {
             Zotero_Storage::setUserValues($this->objectUserID, $_POST['quota'], $_POST['expiration']);
         } catch (Exception $e) {
             if ($e->getCode() == Z_ERROR_GROUP_QUOTA_SET_BELOW_USAGE) {
                 $this->e409("Cannot set quota below current usage");
             }
             $this->handleException($e);
         }
     }
     // GET request
     $xml = new SimpleXMLElement('<storage/>');
     $quota = Zotero_Storage::getEffectiveUserQuota($this->objectUserID);
     $xml->quota = $quota;
     $instQuota = Zotero_Storage::getInstitutionalUserQuota($this->objectUserID);
     // If personal quota is in effect
     if (!$instQuota || $quota > $instQuota) {
         $values = Zotero_Storage::getUserValues($this->objectUserID);
         if ($values) {
             $xml->expiration = (int) $values['expiration'];
         }
     }
     // Return 'unlimited' via API
     if ($quota == self::UNLIMITED) {
         $xml->quota = 'unlimited';
     }
     $usage = Zotero_Storage::getUserUsage($this->objectUserID);
     $xml->usage->total = $usage['total'];
     $xml->usage->library = $usage['library'];
     foreach ($usage['groups'] as $group) {
         if (!isset($group['id'])) {
             throw new Exception("Group id isn't set");
         }
         if (!isset($group['usage'])) {
             throw new Exception("Group usage isn't set");
         }
         $xmlGroup = $xml->usage->addChild('group', $group['usage']);
         $xmlGroup['id'] = $group['id'];
     }
     Zotero_DB::commit();
     header('application/xml');
     echo $xml->asXML();
     exit;
 }
Beispiel #8
0
 public static function purgeUnusedFiles()
 {
     throw new Exception("Now sharded");
     self::requireLibrary();
     // Get all used files and files that were last deleted more than a month ago
     $sql = "SELECT MD5(CONCAT(hash, filename, zip)) AS file FROM storageFiles\n\t\t\t\t\tJOIN storageFileItems USING (storageFileID)\n\t\t\t\tUNION\n\t\t\t\tSELECT MD5(CONCAT(hash, filename, zip)) AS file FROM storageFiles\n\t\t\t\t\tWHERE lastDeleted > NOW() - INTERVAL 1 MONTH";
     $files = Zotero_DB::columnQuery($sql);
     S3::setAuth(Z_CONFIG::$S3_ACCESS_KEY, Z_CONFIG::$S3_SECRET_KEY);
     $s3Files = S3::getBucket(Z_CONFIG::$S3_BUCKET);
     $toPurge = array();
     foreach ($s3Files as $s3File) {
         preg_match('/^([0-9a-g]{32})\\/(c\\/)?(.+)$/', $s3File['name'], $matches);
         if (!$matches) {
             throw new Exception("Invalid filename '" . $s3File['name'] . "'");
         }
         $zip = $matches[2] ? '1' : '0';
         // Compressed file
         $hash = md5($matches[1] . $matches[3] . $zip);
         if (!in_array($hash, $files)) {
             $toPurge[] = array('hash' => $matches[1], 'filename' => $matches[3], 'zip' => $zip);
         }
     }
     Zotero_DB::beginTransaction();
     foreach ($toPurge as $info) {
         S3::deleteObject(Z_CONFIG::$S3_BUCKET, self::getPathPrefix($info['hash'], $info['zip']) . $info['filename']);
         $sql = "DELETE FROM storageFiles WHERE hash=? AND filename=? AND zip=?";
         Zotero_DB::query($sql, array($info['hash'], $info['filename'], $info['zip']));
         // TODO: maybe check to make sure associated files haven't just been created?
     }
     Zotero_DB::commit();
     return sizeOf($toPurge);
 }
Beispiel #9
0
 public function erase()
 {
     if (!$this->loaded) {
         Z_Core::debug("Not deleting unloaded group {$this->id}");
         return;
     }
     Zotero_DB::beginTransaction();
     $userIDs = self::getUsers();
     $this->logGroupLibraryRemoval();
     Zotero_Libraries::deleteCachedData($this->libraryID);
     Zotero_Libraries::clearAllData($this->libraryID);
     $sql = "DELETE FROM shardLibraries WHERE libraryID=?";
     $deleted = Zotero_DB::query($sql, $this->libraryID, Zotero_Shards::getByLibraryID($this->libraryID));
     if (!$deleted) {
         throw new Exception("Group not deleted");
     }
     $sql = "DELETE FROM libraries WHERE libraryID=?";
     $deleted = Zotero_DB::query($sql, $this->libraryID);
     if (!$deleted) {
         throw new Exception("Group not deleted");
     }
     // Delete key permissions for this library, and then delete any keys
     // that had no other permissions
     $sql = "SELECT keyID FROM keyPermissions WHERE libraryID=?";
     $keyIDs = Zotero_DB::columnQuery($sql, $this->libraryID);
     if ($keyIDs) {
         $sql = "DELETE FROM keyPermissions WHERE libraryID=?";
         Zotero_DB::query($sql, $this->libraryID);
         $sql = "DELETE K FROM `keys` K LEFT JOIN keyPermissions KP USING (keyID)\n\t\t\t\t\tWHERE keyID IN (" . implode(', ', array_fill(0, sizeOf($keyIDs), '?')) . ") AND KP.keyID IS NULL";
         Zotero_DB::query($sql, $keyIDs);
     }
     // If group is locked by a sync, flag group for a timestamp update
     // once the sync is done so that the uploading user gets the change
     try {
         foreach ($userIDs as $userID) {
             if ($syncUploadQueueID = Zotero_Sync::getUploadQueueIDByUserID($userID)) {
                 Zotero_Sync::postWriteLog($syncUploadQueueID, 'group', $this->id, 'delete');
             }
         }
     } catch (Exception $e) {
         Z_Core::logError($e);
     }
     Zotero_Notifier::trigger('delete', 'library', $this->libraryID);
     Zotero_DB::commit();
     $this->erased = true;
 }
Beispiel #10
0
 public static function addCustomType($name)
 {
     if (self::getID($name)) {
         trigger_error("Item type '{$name}' already exists", E_USER_ERROR);
     }
     if (!preg_match('/^[a-z][^\\s0-9]+$/', $name)) {
         trigger_error("Invalid item type name '{$name}'", E_USER_ERROR);
     }
     // TODO: make sure user hasn't added too many already
     Zotero_DB::beginTransaction();
     $sql = "SELECT NEXT_ID(creatorTypeID) FROM creatorTypes";
     $creatorTypeID = Zotero_DB::valueQuery($sql);
     $sql = "INSERT INTO creatorTypes (?, ?, ?)";
     Zotero_DB::query($sql, array($creatorTypeID, $name, 1));
     Zotero_DB::commit();
     return $creatorTypeID;
 }
 public function searches()
 {
     if ($this->apiVersion < 2) {
         $this->e404();
     }
     // Check for general library access
     if (!$this->permissions->canAccess($this->objectLibraryID)) {
         $this->e403();
     }
     if ($this->isWriteMethod()) {
         // Check for library write access
         if (!$this->permissions->canWrite($this->objectLibraryID)) {
             $this->e403("Write access denied");
         }
         // Make sure library hasn't been modified
         if (!$this->singleObject) {
             $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion();
         }
         Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID);
     }
     $results = array();
     // Single search
     if ($this->singleObject) {
         $this->allowMethods(['HEAD', 'GET', 'PUT', 'PATCH', 'DELETE']);
         $search = Zotero_Searches::getByLibraryAndKey($this->objectLibraryID, $this->objectKey);
         if ($this->isWriteMethod()) {
             $search = $this->handleObjectWrite('search', $search ? $search : null);
             $this->e204();
         }
         if (!$search) {
             $this->e404("Search not found");
         }
         $this->libraryVersion = $search->version;
         if ($this->method == 'HEAD') {
             $this->end();
         }
         // Display search
         switch ($this->queryParams['format']) {
             case 'atom':
                 $this->responseXML = $search->toAtom($this->queryParams);
                 break;
             case 'json':
                 $json = $search->toResponseJSON($this->queryParams, $this->permissions);
                 echo Zotero_Utilities::formatJSON($json);
                 break;
             default:
                 throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
         }
     } else {
         $this->allowMethods(['HEAD', 'GET', 'POST', 'DELETE']);
         $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
         // Create a search
         if ($this->method == 'POST') {
             $this->queryParams['format'] = 'writereport';
             $obj = $this->jsonDecode($this->body);
             $results = Zotero_Searches::updateMultipleFromJSON($obj, $this->objectLibraryID, $this->queryParams, $this->userID, $libraryTimestampChecked ? 0 : 1, null);
             if ($cacheKey = $this->getWriteTokenCacheKey()) {
                 Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime);
             }
         } else {
             if ($this->method == 'DELETE') {
                 Zotero_DB::beginTransaction();
                 foreach ($this->queryParams['searchKey'] as $searchKey) {
                     Zotero_Searches::delete($this->objectLibraryID, $searchKey);
                 }
                 Zotero_DB::commit();
                 $this->e204();
             } else {
                 $title = "Searches";
                 $results = Zotero_Searches::search($this->objectLibraryID, $this->queryParams);
             }
         }
         $options = ['action' => $this->action, 'uri' => $this->uri, 'results' => $results, 'requestParams' => $this->queryParams, 'permissions' => $this->permissions, 'head' => $this->method == 'HEAD'];
         switch ($this->queryParams['format']) {
             case 'atom':
                 $this->responseXML = Zotero_API::multiResponse(array_merge($options, ['title' => $this->getFeedNamePrefix($this->objectLibraryID) . $title]));
                 break;
             case 'json':
             case 'keys':
             case 'versions':
             case 'writereport':
                 Zotero_API::multiResponse($options);
                 break;
             default:
                 throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
         }
     }
     $this->end();
 }
Beispiel #12
0
 public static function updateFileItemInfo($item, $storageFileID, Zotero_StorageFileInfo $info, $client = false)
 {
     if (!$item->isImportedAttachment()) {
         throw new Exception("Cannot add storage file for linked file/URL");
     }
     Zotero_DB::beginTransaction();
     if (!$client) {
         Zotero_Libraries::updateVersionAndTimestamp($item->libraryID);
     }
     self::updateLastAdded($storageFileID);
     // Note: We set the size on the shard so that usage queries are instantaneous
     $sql = "INSERT INTO storageFileItems (storageFileID, itemID, mtime, size) VALUES (?,?,?,?)\n\t\t\t\tON DUPLICATE KEY UPDATE storageFileID=?, mtime=?, size=?";
     Zotero_DB::query($sql, array($storageFileID, $item->id, $info->mtime, $info->size, $storageFileID, $info->mtime, $info->size), Zotero_Shards::getByLibraryID($item->libraryID));
     // 4.0 client doesn't set filename for ZIP files
     if (!$info->zip || !empty($info->itemFilename)) {
         $item->attachmentFilename = !empty($info->itemFilename) ? $info->itemFilename : $info->filename;
     }
     $item->attachmentStorageHash = !empty($info->itemHash) ? $info->itemHash : $info->hash;
     $item->attachmentStorageModTime = $info->mtime;
     // contentType and charset may not have been included in the
     // upload authorization, in which case we shouldn't overwrite
     // any values that may already be set on the attachment
     if (isset($info->contentType)) {
         $item->attachmentMIMEType = $info->contentType;
     }
     if (isset($info->charset)) {
         $item->attachmentCharset = $info->charset;
     }
     $item->save();
     Zotero_DB::commit();
 }
Beispiel #13
0
 public static function updateFromJSON(Zotero_Item $item, $json, $isNew = false, Zotero_Item $parentItem = null, $userID = null)
 {
     self::validateJSONItem($json, $item->libraryID, $isNew ? null : $item, !is_null($parentItem));
     Zotero_DB::beginTransaction();
     // Mark library as updated
     if (!$isNew) {
         $timestamp = Zotero_Libraries::updateTimestamps($item->libraryID);
         Zotero_DB::registerTransactionTimestamp($timestamp);
     }
     $forceChange = false;
     $twoStage = false;
     // Set itemType first
     $item->setField("itemTypeID", Zotero_ItemTypes::getID($json->itemType));
     foreach ($json as $key => $val) {
         switch ($key) {
             case 'itemType':
                 continue;
             case 'deleted':
                 continue;
             case 'creators':
                 if (!$val && !$item->numCreators()) {
                     continue 2;
                 }
                 $orderIndex = -1;
                 foreach ($val as $orderIndex => $newCreatorData) {
                     if ((!isset($newCreatorData->name) || trim($newCreatorData->name) == "") && (!isset($newCreatorData->firstName) || trim($newCreatorData->firstName) == "") && (!isset($newCreatorData->lastName) || trim($newCreatorData->lastName) == "")) {
                         // This should never happen, because of check in validateJSONItem()
                         if (!$isNew) {
                             throw new Exception("Nameless creator in update request");
                         }
                         // On item creation, ignore creators with empty names,
                         // because that's in the item template that the API returns
                         break;
                     }
                     // JSON uses 'name' and 'firstName'/'lastName',
                     // so switch to just 'firstName'/'lastName'
                     if (isset($newCreatorData->name)) {
                         $newCreatorData->firstName = '';
                         $newCreatorData->lastName = $newCreatorData->name;
                         unset($newCreatorData->name);
                         $newCreatorData->fieldMode = 1;
                     } else {
                         $newCreatorData->fieldMode = 0;
                     }
                     $newCreatorTypeID = Zotero_CreatorTypes::getID($newCreatorData->creatorType);
                     // Same creator in this position
                     $existingCreator = $item->getCreator($orderIndex);
                     if ($existingCreator && $existingCreator['ref']->equals($newCreatorData)) {
                         // Just change the creatorTypeID
                         if ($existingCreator['creatorTypeID'] != $newCreatorTypeID) {
                             $item->setCreator($orderIndex, $existingCreator['ref'], $newCreatorTypeID);
                         }
                         continue;
                     }
                     // Same creator in a different position, so use that
                     $existingCreators = $item->getCreators();
                     for ($i = 0, $len = sizeOf($existingCreators); $i < $len; $i++) {
                         if ($existingCreators[$i]['ref']->equals($newCreatorData)) {
                             $item->setCreator($orderIndex, $existingCreators[$i]['ref'], $newCreatorTypeID);
                             continue;
                         }
                     }
                     // Make a fake creator to use for the data lookup
                     $newCreator = new Zotero_Creator();
                     $newCreator->libraryID = $item->libraryID;
                     foreach ($newCreatorData as $key => $val) {
                         if ($key == 'creatorType') {
                             continue;
                         }
                         $newCreator->{$key} = $val;
                     }
                     // Look for an equivalent creator in this library
                     $candidates = Zotero_Creators::getCreatorsWithData($item->libraryID, $newCreator, true);
                     if ($candidates) {
                         $c = Zotero_Creators::get($item->libraryID, $candidates[0]);
                         $item->setCreator($orderIndex, $c, $newCreatorTypeID);
                         continue;
                     }
                     // None found, so make a new one
                     $creatorID = $newCreator->save();
                     $newCreator = Zotero_Creators::get($item->libraryID, $creatorID);
                     $item->setCreator($orderIndex, $newCreator, $newCreatorTypeID);
                 }
                 // Remove all existing creators above the current index
                 if (!$isNew && ($indexes = array_keys($item->getCreators()))) {
                     $i = max($indexes);
                     while ($i > $orderIndex) {
                         $item->removeCreator($i);
                         $i--;
                     }
                 }
                 break;
             case 'tags':
                 // If item isn't yet saved, add tags below
                 if (!$item->id) {
                     $twoStage = true;
                     break;
                 }
                 if ($item->setTags($val)) {
                     $forceChange = true;
                 }
                 break;
             case 'attachments':
             case 'notes':
                 if (!$val) {
                     continue;
                 }
                 $twoStage = true;
                 break;
             case 'note':
                 $item->setNote($val);
                 break;
                 // Attachment properties
             // Attachment properties
             case 'linkMode':
                 $item->attachmentLinkMode = Zotero_Attachments::linkModeNameToNumber($val, true);
                 break;
             case 'contentType':
             case 'charset':
             case 'filename':
                 $k = "attachment" . ucwords($key);
                 $item->{$k} = $val;
                 break;
             case 'md5':
                 $item->attachmentStorageHash = $val;
                 break;
             case 'mtime':
                 $item->attachmentStorageModTime = $val;
                 break;
             default:
                 $item->setField($key, $val);
                 break;
         }
     }
     if ($parentItem) {
         $item->setSource($parentItem->id);
     }
     $item->deleted = !empty($json->deleted);
     // For changes that don't register as changes internally, force a dateModified update
     if ($forceChange) {
         $item->setField('dateModified', Zotero_DB::getTransactionTimestamp());
     }
     $item->save($userID);
     // Additional steps that have to be performed on a saved object
     if ($twoStage) {
         foreach ($json as $key => $val) {
             switch ($key) {
                 case 'attachments':
                     if (!$val) {
                         continue;
                     }
                     foreach ($val as $attachment) {
                         $childItem = new Zotero_Item();
                         $childItem->libraryID = $item->libraryID;
                         self::updateFromJSON($childItem, $attachment, true, $item, $userID);
                     }
                     break;
                 case 'notes':
                     if (!$val) {
                         continue;
                     }
                     $noteItemTypeID = Zotero_ItemTypes::getID("note");
                     foreach ($val as $note) {
                         $childItem = new Zotero_Item();
                         $childItem->libraryID = $item->libraryID;
                         $childItem->itemTypeID = $noteItemTypeID;
                         $childItem->setSource($item->id);
                         $childItem->setNote($note->note);
                         $childItem->save();
                     }
                     break;
                 case 'tags':
                     if ($item->setTags($val)) {
                         $forceChange = true;
                     }
                     break;
             }
         }
         // For changes that don't register as changes internally, force a dateModified update
         if ($forceChange) {
             $item->setField('dateModified', Zotero_DB::getTransactionTimestamp());
         }
         $item->save($userID);
     }
     Zotero_DB::commit();
 }
 public function settings()
 {
     if ($this->apiVersion < 2) {
         $this->e404();
     }
     // Check for general library access
     if (!$this->permissions->canAccess($this->objectLibraryID)) {
         $this->e403();
     }
     if ($this->isWriteMethod()) {
         Zotero_DB::beginTransaction();
         // Check for library write access
         if (!$this->permissions->canWrite($this->objectLibraryID)) {
             $this->e403("Write access denied");
         }
         // Make sure library hasn't been modified
         if (!$this->singleObject) {
             $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion();
         }
         Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID);
     }
     // Single setting
     if ($this->singleObject) {
         $this->allowMethods(array('GET', 'PUT', 'DELETE'));
         $setting = Zotero_Settings::getByLibraryAndKey($this->objectLibraryID, $this->objectKey);
         if (!$setting) {
             if ($this->method == 'PUT') {
                 $setting = new Zotero_Setting();
                 $setting->libraryID = $this->objectLibraryID;
                 $setting->name = $this->objectKey;
             } else {
                 $this->e404("Setting not found");
             }
         }
         if ($this->isWriteMethod()) {
             if ($this->method == 'PUT') {
                 $json = $this->jsonDecode($this->body);
                 $objectVersionValidated = $this->checkSingleObjectWriteVersion('setting', $setting, $json);
             }
             $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
             // Update setting
             if ($this->method == 'PUT') {
                 $changed = Zotero_Settings::updateFromJSON($setting, $json, $this->queryParams, $this->userID, $objectVersionValidated ? 0 : 2);
                 // If not updated, return the original library version
                 if (!$changed) {
                     $this->libraryVersion = Zotero_Libraries::getOriginalVersion($this->objectLibraryID);
                     Zotero_DB::rollback();
                     $this->e204();
                 }
             } else {
                 if ($this->method == 'DELETE') {
                     Zotero_Settings::delete($this->objectLibraryID, $this->objectKey);
                 } else {
                     throw new Exception("Unexpected method {$this->method}");
                 }
             }
             Zotero_DB::commit();
             $this->e204();
         } else {
             $this->libraryVersion = $setting->version;
             $json = $setting->toJSON(true, $this->queryParams);
             echo Zotero_Utilities::formatJSON($json);
         }
     } else {
         $this->allowMethods(array('GET', 'POST'));
         $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
         // Create a setting
         if ($this->method == 'POST') {
             $obj = $this->jsonDecode($this->body);
             $changed = Zotero_Settings::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null);
             // If not updated, return the original library version
             if (!$changed) {
                 $this->libraryVersion = Zotero_Libraries::getOriginalVersion($this->objectLibraryID);
             }
             Zotero_DB::commit();
             $this->e204();
         } else {
             $settings = Zotero_Settings::search($this->objectLibraryID, $this->queryParams);
             $json = new stdClass();
             foreach ($settings as $setting) {
                 $json->{$setting->name} = $setting->toJSON(true, $this->queryParams);
             }
             echo Zotero_Utilities::formatJSON($json);
         }
     }
     $this->end();
 }
Beispiel #15
0
 /**
  * @param Zotero_Collection $collection The collection object to update;
  *                                      this should be either an existing
  *                                      collection or a new collection
  *                                      with a library assigned.
  * @param object $json Collection data to write
  * @param boolean [$requireVersion=0] See Zotero_API::checkJSONObjectVersion()
  * @return boolean True if the collection was changed, false otherwise
  */
 public static function updateFromJSON(Zotero_Collection $collection, $json, $requestParams, $userID, $requireVersion = 0, $partialUpdate = false)
 {
     $json = Zotero_API::extractEditableJSON($json);
     $exists = Zotero_API::processJSONObjectKey($collection, $json, $requestParams);
     Zotero_API::checkJSONObjectVersion($collection, $json, $requestParams, $requireVersion);
     self::validateJSONCollection($json, $requestParams, $partialUpdate && $exists);
     $changed = false;
     if (!Zotero_DB::transactionInProgress()) {
         Zotero_DB::beginTransaction();
         $transactionStarted = true;
     } else {
         $transactionStarted = false;
     }
     if (isset($json->name)) {
         $collection->name = $json->name;
     }
     if ($requestParams['v'] >= 2 && isset($json->parentCollection)) {
         $collection->parentKey = $json->parentCollection;
     } else {
         if ($requestParams['v'] < 2 && isset($json->parent)) {
             $collection->parentKey = $json->parent;
         } else {
             if (!$partialUpdate) {
                 $collection->parent = false;
             }
         }
     }
     $changed = $collection->save() || $changed;
     if ($requestParams['v'] >= 2) {
         if (isset($json->relations)) {
             $changed = $collection->setRelations($json->relations, $userID) || $changed;
         } else {
             if (!$partialUpdate) {
                 $changed = $collection->setRelations(new stdClass(), $userID) || $changed;
             }
         }
     }
     if ($transactionStarted) {
         Zotero_DB::commit();
     }
     return $changed;
 }
Beispiel #16
0
 public static function addCustomType($name)
 {
     if (self::getID($name)) {
         throw new Exception("Item type '{$name}' already exists");
     }
     if (!preg_match('/^[a-z][^\\s0-9]+$/', $name)) {
         throw new Exception("Invalid item type name '{$name}'");
     }
     // TODO: make sure user hasn't added too many already
     throw new Exception("Unimplemented");
     // TODO: add to cache
     Zotero_DB::beginTransaction();
     $sql = "SELECT NEXT_ID(itemTypeID) FROM itemTypes";
     $itemTypeID = Zotero_DB::valueQuery($sql);
     $sql = "INSERT INTO itemTypes (?, ?, ?)";
     Zotero_DB::query($sql, array($itemTypeID, $name, 1));
     Zotero_DB::commit();
     return $itemTypeID;
 }
Beispiel #17
0
 public function save($fixGaps = false)
 {
     if (!$this->libraryID) {
         throw new Exception("Library ID must be set before saving");
     }
     Zotero_Searches::editCheck($this);
     if (!$this->changed) {
         Z_Core::debug("Search {$this->id} has not changed");
         return false;
     }
     if (!isset($this->name) || $this->name === '') {
         throw new Exception("Name not provided for saved search");
     }
     $shardID = Zotero_Shards::getByLibraryID($this->libraryID);
     Zotero_DB::beginTransaction();
     $isNew = !$this->id || !$this->exists();
     try {
         $searchID = $this->id ? $this->id : Zotero_ID::get('savedSearches');
         Z_Core::debug("Saving search {$this->id}");
         if (!$isNew) {
             $sql = "DELETE FROM savedSearchConditions WHERE searchID=?";
             Zotero_DB::query($sql, $searchID, $shardID);
         }
         $key = $this->key ? $this->key : $this->generateKey();
         $fields = "searchName=?, libraryID=?, `key`=?, dateAdded=?, dateModified=?,\n\t\t\t\t\t\tserverDateModified=?";
         $timestamp = Zotero_DB::getTransactionTimestamp();
         $params = array($this->name, $this->libraryID, $key, $this->dateAdded ? $this->dateAdded : $timestamp, $this->dateModified ? $this->dateModified : $timestamp, $timestamp);
         $shardID = Zotero_Shards::getByLibraryID($this->libraryID);
         if ($isNew) {
             $sql = "INSERT INTO savedSearches SET searchID=?, {$fields}";
             $stmt = Zotero_DB::getStatement($sql, true, $shardID);
             Zotero_DB::queryFromStatement($stmt, array_merge(array($searchID), $params));
             Zotero_Searches::cacheLibraryKeyID($this->libraryID, $key, $searchID);
             // Remove from delete log if it's there
             $sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='search' AND `key`=?";
             Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
         } else {
             $sql = "UPDATE savedSearches SET {$fields} WHERE searchID=?";
             $stmt = Zotero_DB::getStatement($sql, true, $shardID);
             Zotero_DB::queryFromStatement($stmt, array_merge($params, array($searchID)));
         }
         // Close gaps in savedSearchIDs
         $saveConditions = array();
         $i = 1;
         foreach ($this->conditions as $id => $condition) {
             if (!$fixGaps && $id != $i) {
                 trigger_error('searchConditionIDs not contiguous and |fixGaps| not set in save() of saved search ' . $this->id, E_USER_ERROR);
             }
             $saveConditions[$i] = $condition;
             $i++;
         }
         $this->conditions = $saveConditions;
         // TODO: use proper bound parameters once DB class is updated
         foreach ($this->conditions as $searchConditionID => $condition) {
             $sql = "INSERT INTO savedSearchConditions (searchID,\n\t\t\t\t\t\tsearchConditionID, `condition`, mode, operator,\n\t\t\t\t\t\tvalue, required) VALUES (?,?,?,?,?,?,?)";
             $sqlParams = array($searchID, $searchConditionID, $condition['condition'], $condition['mode'] ? $condition['mode'] : '', $condition['operator'] ? $condition['operator'] : '', $condition['value'] ? $condition['value'] : '', $condition['required'] ? 1 : 0);
             try {
                 Zotero_DB::query($sql, $sqlParams, $shardID);
             } catch (Exception $e) {
                 $msg = $e->getMessage();
                 if (strpos($msg, "Data too long for column 'value'") !== false) {
                     throw new Exception("=Value '" . mb_substr($condition['value'], 0, 75) . "…' too long in saved search '" . $this->name . "'");
                 }
                 throw $e;
             }
         }
         Zotero_DB::commit();
     } catch (Exception $e) {
         Zotero_DB::rollback();
         throw $e;
     }
     // If successful, set values in object
     if (!$this->id) {
         $this->id = $searchID;
     }
     if (!$this->key) {
         $this->key = $key;
     }
     return $this->id;
 }
 public function collections()
 {
     // Check for general library access
     if (!$this->permissions->canAccess($this->objectLibraryID)) {
         $this->e403();
     }
     if ($this->isWriteMethod()) {
         // Check for library write access
         if (!$this->permissions->canWrite($this->objectLibraryID)) {
             $this->e403("Write access denied");
         }
         // Make sure library hasn't been modified
         if (!$this->singleObject) {
             $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion();
         }
         Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID);
     }
     $collectionIDs = array();
     $collectionKeys = array();
     $results = array();
     // Single collection
     if ($this->singleObject) {
         $this->allowMethods(['HEAD', 'GET', 'PUT', 'PATCH', 'DELETE']);
         if (!Zotero_ID::isValidKey($this->objectKey)) {
             $this->e404();
         }
         $collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->objectKey);
         if ($this->isWriteMethod()) {
             $collection = $this->handleObjectWrite('collection', $collection ? $collection : null);
             $this->queryParams['content'] = ['json'];
         }
         if (!$collection) {
             $this->e404("Collection not found");
         }
         $this->libraryVersion = $collection->version;
         if ($this->method == 'HEAD') {
             $this->end();
         }
         switch ($this->queryParams['format']) {
             case 'atom':
                 $this->responseXML = Zotero_Collections::convertCollectionToAtom($collection, $this->queryParams);
                 break;
             case 'json':
                 $json = $collection->toResponseJSON($this->queryParams, $this->permissions);
                 echo Zotero_Utilities::formatJSON($json);
                 break;
             default:
                 throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
         }
     } else {
         $this->allowMethods(['HEAD', 'GET', 'POST', 'DELETE']);
         $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
         if ($this->scopeObject) {
             $this->allowMethods(array('GET'));
             switch ($this->scopeObject) {
                 case 'collections':
                     $collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->scopeObjectKey);
                     if (!$collection) {
                         $this->e404("Collection not found");
                     }
                     $title = "Child Collections of ‘{$collection->name}'’";
                     $collectionIDs = $collection->getChildCollections();
                     break;
                 default:
                     throw new Exception("Invalid collections scope object '{$this->scopeObject}'");
             }
         } else {
             // Top-level items
             if ($this->subset == 'top') {
                 $this->allowMethods(array('GET'));
                 $title = "Top-Level Collections";
                 $results = Zotero_Collections::search($this->objectLibraryID, true, $this->queryParams);
             } else {
                 // Create a collection
                 if ($this->method == 'POST') {
                     $this->queryParams['format'] = 'writereport';
                     $obj = $this->jsonDecode($this->body);
                     $results = Zotero_Collections::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null);
                     if ($cacheKey = $this->getWriteTokenCacheKey()) {
                         Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime);
                     }
                     if ($this->apiVersion < 2) {
                         $uri = Zotero_API::getCollectionsURI($this->objectLibraryID);
                         $keys = array_merge(get_object_vars($results['success']), get_object_vars($results['unchanged']));
                         $queryString = "collectionKey=" . urlencode(implode(",", $keys)) . "&format=atom&content=json&order=collectionKeyList&sort=asc";
                         if ($this->apiKey) {
                             $queryString .= "&key=" . $this->apiKey;
                         }
                         $uri .= "?" . $queryString;
                         $this->queryParams = Zotero_API::parseQueryParams($queryString, $this->action, true, $this->apiVersion);
                         $title = "Collections";
                         $results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams);
                     }
                 } else {
                     if ($this->method == 'DELETE') {
                         Zotero_DB::beginTransaction();
                         foreach ($this->queryParams['collectionKey'] as $collectionKey) {
                             Zotero_Collections::delete($this->objectLibraryID, $collectionKey);
                         }
                         Zotero_DB::commit();
                         $this->e204();
                     } else {
                         $title = "Collections";
                         $results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams);
                     }
                 }
             }
         }
         if ($collectionIDs) {
             $this->queryParams['collectionIDs'] = $collectionIDs;
             $results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams);
         }
         $options = ['action' => $this->action, 'uri' => $this->uri, 'results' => $results, 'requestParams' => $this->queryParams, 'permissions' => $this->permissions, 'head' => $this->method == 'HEAD'];
         switch ($this->queryParams['format']) {
             case 'atom':
                 $this->responseXML = Zotero_API::multiResponse(array_merge($options, ['title' => $this->getFeedNamePrefix($this->objectLibraryID) . $title]));
                 break;
             case 'json':
             case 'keys':
             case 'versions':
             case 'writereport':
                 Zotero_API::multiResponse($options);
                 break;
             default:
                 throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
         }
     }
     $this->end();
 }
Beispiel #19
0
 public static function deleteByLibrary($libraryID)
 {
     Zotero_DB::beginTransaction();
     // Delete from MySQL
     self::deleteByLibraryMySQL($libraryID);
     // Delete from Elasticsearch
     $type = self::getWriteType();
     $libraryQuery = new \Elastica\Query\Term();
     $libraryQuery->setTerm("libraryID", $libraryID);
     $query = new \Elastica\Query($libraryQuery);
     $start = microtime(true);
     $response = $type->deleteByQuery($query);
     StatsD::timing("elasticsearch.client.item_fulltext.delete_library", (microtime(true) - $start) * 1000);
     if ($response->hasError()) {
         throw new Exception($response->getError());
     }
     Zotero_DB::commit();
 }
Beispiel #20
0
 public function save()
 {
     if (!$this->libraryID) {
         trigger_error("Library ID must be set before saving", E_USER_ERROR);
     }
     Zotero_Creators::editCheck($this);
     // If empty, move on
     if ($this->firstName === '' && $this->lastName === '') {
         throw new Exception('First and last name are empty');
     }
     if ($this->fieldMode == 1 && $this->firstName !== '') {
         throw new Exception('First name must be empty in single-field mode');
     }
     if (!$this->hasChanged()) {
         Z_Core::debug("Creator {$this->id} has not changed");
         return false;
     }
     Zotero_DB::beginTransaction();
     try {
         $creatorID = $this->id ? $this->id : Zotero_ID::get('creators');
         $isNew = !$this->id;
         Z_Core::debug("Saving creator {$this->id}");
         $key = $this->key ? $this->key : $this->generateKey();
         $timestamp = Zotero_DB::getTransactionTimestamp();
         $dateAdded = $this->dateAdded ? $this->dateAdded : $timestamp;
         $dateModified = $this->changed['dateModified'] ? $this->dateModified : $timestamp;
         $fields = "firstName=?, lastName=?, fieldMode=?,\n\t\t\t\t\t\tlibraryID=?, `key`=?, dateAdded=?, dateModified=?, serverDateModified=?";
         $params = array($this->firstName, $this->lastName, $this->fieldMode, $this->libraryID, $key, $dateAdded, $dateModified, $timestamp);
         $shardID = Zotero_Shards::getByLibraryID($this->libraryID);
         try {
             if ($isNew) {
                 $sql = "INSERT INTO creators SET creatorID=?, {$fields}";
                 $stmt = Zotero_DB::getStatement($sql, true, $shardID);
                 Zotero_DB::queryFromStatement($stmt, array_merge(array($creatorID), $params));
                 // Remove from delete log if it's there
                 $sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='creator' AND `key`=?";
                 Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
             } else {
                 $sql = "UPDATE creators SET {$fields} WHERE creatorID=?";
                 $stmt = Zotero_DB::getStatement($sql, true, $shardID);
                 Zotero_DB::queryFromStatement($stmt, array_merge($params, array($creatorID)));
             }
         } catch (Exception $e) {
             if (strpos($e->getMessage(), " too long") !== false) {
                 if (strlen($this->firstName) > 255) {
                     throw new Exception("=First name '" . mb_substr($this->firstName, 0, 50) . "…' too long");
                 }
                 if (strlen($this->lastName) > 255) {
                     if ($this->fieldMode == 1) {
                         throw new Exception("=Last name '" . mb_substr($this->lastName, 0, 50) . "…' too long");
                     } else {
                         throw new Exception("=Name '" . mb_substr($this->lastName, 0, 50) . "…' too long");
                     }
                 }
             }
             throw $e;
         }
         // The client updates the mod time of associated items here, but
         // we don't, because either A) this is from syncing, where appropriate
         // mod times come from the client or B) the change is made through
         // $item->setCreator(), which updates the mod time.
         //
         // If the server started to make other independent creator changes,
         // linked items would need to be updated.
         Zotero_DB::commit();
         Zotero_Creators::cachePrimaryData(array('id' => $creatorID, 'libraryID' => $this->libraryID, 'key' => $key, 'dateAdded' => $dateAdded, 'dateModified' => $dateModified, 'firstName' => $this->firstName, 'lastName' => $this->lastName, 'fieldMode' => $this->fieldMode));
     } catch (Exception $e) {
         Zotero_DB::rollback();
         throw $e;
     }
     // If successful, set values in object
     if (!$this->id) {
         $this->id = $creatorID;
     }
     if (!$this->key) {
         $this->key = $key;
     }
     $this->init();
     if ($isNew) {
         Zotero_Creators::cache($this);
         Zotero_Creators::cacheLibraryKeyID($this->libraryID, $key, $creatorID);
     }
     // TODO: invalidate memcache?
     return $this->id;
 }
Beispiel #21
0
 /**
  * Used for integration tests
  *
  * Valid only on testing site
  */
 public function testSetup()
 {
     if (!$this->permissions->isSuper()) {
         $this->e404();
     }
     if (!Z_ENV_TESTING_SITE) {
         $this->e404();
     }
     $this->allowMethods(['POST']);
     if (empty($_GET['u'])) {
         throw new Exception("User not provided (e.g., ?u=1)");
     }
     $userID = $_GET['u'];
     // Clear keys
     $keys = Zotero_Keys::getUserKeys($userID);
     foreach ($keys as $keyObj) {
         $keyObj->erase();
     }
     $keys = Zotero_Keys::getUserKeys($userID);
     if ($keys) {
         throw new Exception("Keys still exist");
     }
     // Create new key
     $keyObj = new Zotero_Key();
     $keyObj->userID = $userID;
     $keyObj->name = "Tests Key";
     $libraryID = Zotero_Users::getLibraryIDFromUserID($userID);
     $keyObj->setPermission($libraryID, 'library', true);
     $keyObj->setPermission($libraryID, 'notes', true);
     $keyObj->setPermission($libraryID, 'write', true);
     $keyObj->setPermission(0, 'group', true);
     $keyObj->setPermission(0, 'write', true);
     $keyObj->save();
     $key = $keyObj->key;
     Zotero_DB::beginTransaction();
     // Clear data
     Zotero_Users::clearAllData($userID);
     // Delete publications library, so we can test auto-creating it
     $publicationsLibraryID = Zotero_Users::getLibraryIDFromUserID($userID, 'publications');
     if ($publicationsLibraryID) {
         // Delete user publications shard library
         $sql = "DELETE FROM shardLibraries WHERE libraryID=?";
         Zotero_DB::query($sql, $publicationsLibraryID, Zotero_Shards::getByUserID($userID));
         // Delete user publications library
         $sql = "DELETE FROM libraries WHERE libraryID=?";
         Zotero_DB::query($sql, $publicationsLibraryID);
         Z_Core::$MC->delete('userPublicationsLibraryID_' . $userID);
         Z_Core::$MC->delete('libraryUserID_' . $publicationsLibraryID);
     }
     Zotero_DB::commit();
     echo json_encode(["apiKey" => $key]);
     $this->end();
 }
Beispiel #22
0
 /**
  * Updates the collection's relations. No separate save of the collection is required.
  *
  * @param object $newRelations Object with predicates as keys and URIs as values
  * @param int $userID User making the change
  */
 public function setRelations($newRelations, $userID)
 {
     if (!$this->_id) {
         throw new Exception('collectionID not set');
     }
     // An empty array is allowed by updateFromJSON()
     if (is_array($newRelations) && empty($newRelations)) {
         $newRelations = new stdClass();
     }
     Zotero_DB::beginTransaction();
     // Get arrays from objects
     $oldRelations = get_object_vars($this->getRelations());
     $newRelations = get_object_vars($newRelations);
     $toAdd = array_diff($newRelations, $oldRelations);
     $toRemove = array_diff($oldRelations, $newRelations);
     if (!$toAdd && !$toRemove) {
         Zotero_DB::commit();
         return false;
     }
     $subject = Zotero_URI::getCollectionURI($this);
     foreach ($toAdd as $predicate => $object) {
         Zotero_Relations::add($this->libraryID, $subject, $predicate, $object);
     }
     foreach ($toRemove as $predicate => $object) {
         $relations = Zotero_Relations::getByURIs($this->libraryID, $subject, $predicate, $object);
         foreach ($relations as $relation) {
             Zotero_Relations::delete($this->libraryID, $relation->key);
         }
     }
     $this->updateVersion($userID);
     Zotero_DB::commit();
     return true;
 }
 public static function delete($libraryID, $key, $updateLibrary = false)
 {
     $table = static::field('table');
     $id = static::field('id');
     $type = static::field('object');
     $types = static::field('objects');
     if (!$key) {
         throw new Exception("Invalid key {$key}");
     }
     // Get object (and trigger caching)
     $obj = static::getByLibraryAndKey($libraryID, $key);
     if (!$obj) {
         return;
     }
     static::editCheck($obj);
     Z_Core::debug("Deleting {$type} {$libraryID}/{$key}", 4);
     $shardID = Zotero_Shards::getByLibraryID($libraryID);
     Zotero_DB::beginTransaction();
     // Needed for API deletes to get propagated via sync
     if ($updateLibrary) {
         $timestamp = Zotero_Libraries::updateTimestamps($obj->libraryID);
         Zotero_DB::registerTransactionTimestamp($timestamp);
     }
     // Delete child items
     if ($type == 'item') {
         if ($obj->isRegularItem()) {
             $children = array_merge($obj->getNotes(), $obj->getAttachments());
             if ($children) {
                 $children = Zotero_Items::get($libraryID, $children);
                 foreach ($children as $child) {
                     static::delete($child->libraryID, $child->key);
                 }
             }
         }
     }
     if ($type == 'relation') {
         // TODO: add key column to relations to speed this up
         $sql = "DELETE FROM {$table} WHERE libraryID=? AND MD5(CONCAT(subject, '_', predicate, '_', object))=?";
         $deleted = Zotero_DB::query($sql, array($libraryID, $key), $shardID);
     } else {
         $sql = "DELETE FROM {$table} WHERE libraryID=? AND `key`=?";
         $deleted = Zotero_DB::query($sql, array($libraryID, $key), $shardID);
     }
     unset(self::$idCache[$type][$libraryID][$key]);
     static::uncachePrimaryData($libraryID, $key);
     if ($deleted) {
         $sql = "INSERT INTO syncDeleteLogKeys (libraryID, objectType, `key`, timestamp)\n\t\t\t\t\t\tVALUES (?, '{$type}', ?, ?) ON DUPLICATE KEY UPDATE timestamp=?";
         $timestamp = Zotero_DB::getTransactionTimestamp();
         $params = array($libraryID, $key, $timestamp, $timestamp);
         Zotero_DB::query($sql, $params, $shardID);
     }
     Zotero_DB::commit();
 }
Beispiel #24
0
 public function save($userID = false)
 {
     if (!$this->libraryID) {
         throw new Exception("Library ID must be set before saving");
     }
     Zotero_Searches::editCheck($this, $userID);
     if (!$this->changed) {
         Z_Core::debug("Search {$this->id} has not changed");
         return false;
     }
     if (!isset($this->name) || $this->name === '') {
         throw new Exception("Name not provided for saved search");
     }
     $shardID = Zotero_Shards::getByLibraryID($this->libraryID);
     Zotero_DB::beginTransaction();
     $isNew = !$this->id || !$this->exists();
     try {
         $searchID = $this->id ? $this->id : Zotero_ID::get('savedSearches');
         Z_Core::debug("Saving search {$this->id}");
         if (!$isNew) {
             $sql = "DELETE FROM savedSearchConditions WHERE searchID=?";
             Zotero_DB::query($sql, $searchID, $shardID);
         }
         $key = $this->key ? $this->key : Zotero_ID::getKey();
         $fields = "searchName=?, libraryID=?, `key`=?, dateAdded=?, dateModified=?,\n\t\t\t\t\t\tserverDateModified=?, version=?";
         $timestamp = Zotero_DB::getTransactionTimestamp();
         $params = array($this->name, $this->libraryID, $key, $this->dateAdded ? $this->dateAdded : $timestamp, $this->dateModified ? $this->dateModified : $timestamp, $timestamp, Zotero_Libraries::getUpdatedVersion($this->libraryID));
         $shardID = Zotero_Shards::getByLibraryID($this->libraryID);
         if ($isNew) {
             $sql = "INSERT INTO savedSearches SET searchID=?, {$fields}";
             $stmt = Zotero_DB::getStatement($sql, true, $shardID);
             Zotero_DB::queryFromStatement($stmt, array_merge(array($searchID), $params));
             // Remove from delete log if it's there
             $sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='search' AND `key`=?";
             Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
         } else {
             $sql = "UPDATE savedSearches SET {$fields} WHERE searchID=?";
             $stmt = Zotero_DB::getStatement($sql, true, $shardID);
             Zotero_DB::queryFromStatement($stmt, array_merge($params, array($searchID)));
         }
         foreach ($this->conditions as $searchConditionID => $condition) {
             $sql = "INSERT INTO savedSearchConditions (searchID,\n\t\t\t\t\t\tsearchConditionID, `condition`, mode, operator,\n\t\t\t\t\t\tvalue, required) VALUES (?,?,?,?,?,?,?)";
             $sqlParams = array($searchID, $searchConditionID + 1, $condition['condition'], $condition['mode'] ? $condition['mode'] : '', $condition['operator'] ? $condition['operator'] : '', $condition['value'] ? $condition['value'] : '', !empty($condition['required']) ? 1 : 0);
             try {
                 Zotero_DB::query($sql, $sqlParams, $shardID);
             } catch (Exception $e) {
                 $msg = $e->getMessage();
                 if (strpos($msg, "Data too long for column 'value'") !== false) {
                     throw new Exception("=Value '" . mb_substr($condition['value'], 0, 75) . "…' too long in saved search '" . $this->name . "'");
                 }
                 throw $e;
             }
         }
         Zotero_DB::commit();
     } catch (Exception $e) {
         Zotero_DB::rollback();
         throw $e;
     }
     if (!$this->id) {
         $this->id = $searchID;
     }
     if (!$this->key) {
         $this->key = $key;
     }
     return $this->id;
 }
Beispiel #25
0
 public function save($full = false)
 {
     if (!$this->libraryID) {
         trigger_error("Library ID must be set before saving", E_USER_ERROR);
     }
     Zotero_Tags::editCheck($this);
     if (!$this->changed) {
         Z_Core::debug("Tag {$this->id} has not changed");
         return false;
     }
     $shardID = Zotero_Shards::getByLibraryID($this->libraryID);
     Zotero_DB::beginTransaction();
     try {
         $tagID = $this->id ? $this->id : Zotero_ID::get('tags');
         $isNew = !$this->id;
         Z_Core::debug("Saving tag {$tagID}");
         $key = $this->key ? $this->key : $this->generateKey();
         $timestamp = Zotero_DB::getTransactionTimestamp();
         $dateAdded = $this->dateAdded ? $this->dateAdded : $timestamp;
         $dateModified = $this->dateModified ? $this->dateModified : $timestamp;
         $fields = "name=?, `type`=?, dateAdded=?, dateModified=?,\n\t\t\t\tlibraryID=?, `key`=?, serverDateModified=?";
         $params = array($this->name, $this->type ? $this->type : 0, $dateAdded, $dateModified, $this->libraryID, $key, $timestamp);
         try {
             if ($isNew) {
                 $sql = "INSERT INTO tags SET tagID=?, {$fields}";
                 $stmt = Zotero_DB::getStatement($sql, true, $shardID);
                 Zotero_DB::queryFromStatement($stmt, array_merge(array($tagID), $params));
                 // Remove from delete log if it's there
                 $sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='tag' AND `key`=?";
                 Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
             } else {
                 $sql = "UPDATE tags SET {$fields} WHERE tagID=?";
                 $stmt = Zotero_DB::getStatement($sql, true, Zotero_Shards::getByLibraryID($this->libraryID));
                 Zotero_DB::queryFromStatement($stmt, array_merge($params, array($tagID)));
             }
         } catch (Exception $e) {
             // If an incoming tag is the same as an existing tag, but with a different key,
             // then delete the old tag and add its linked items to the new tag
             if (preg_match("/Duplicate entry .+ for key 'uniqueTags'/", $e->getMessage())) {
                 // GET existing tag
                 $existing = Zotero_Tags::getIDs($this->libraryID, $this->name);
                 if (!$existing) {
                     throw new Exception("Existing tag not found");
                 }
                 foreach ($existing as $id) {
                     $tag = Zotero_Tags::get($this->libraryID, $id, true);
                     if ($tag->__get('type') == $this->type) {
                         $linked = $tag->getLinkedItems(true);
                         Zotero_Tags::delete($this->libraryID, $tag->key);
                         break;
                     }
                 }
                 // Save again
                 if ($isNew) {
                     $sql = "INSERT INTO tags SET tagID=?, {$fields}";
                     $stmt = Zotero_DB::getStatement($sql, true, $shardID);
                     Zotero_DB::queryFromStatement($stmt, array_merge(array($tagID), $params));
                     // Remove from delete log if it's there
                     $sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='tag' AND `key`=?";
                     Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
                 } else {
                     $sql = "UPDATE tags SET {$fields} WHERE tagID=?";
                     $stmt = Zotero_DB::getStatement($sql, true, Zotero_Shards::getByLibraryID($this->libraryID));
                     Zotero_DB::queryFromStatement($stmt, array_merge($params, array($tagID)));
                 }
                 $new = array_unique(array_merge($linked, $this->getLinkedItems(true)));
                 $this->setLinkedItems($new);
             } else {
                 throw $e;
             }
         }
         // Linked items
         if ($full || !empty($this->changed['linkedItems'])) {
             $removed = array();
             $newids = array();
             $currentIDs = $this->getLinkedItems(true);
             if (!$currentIDs) {
                 $currentIDs = array();
             }
             if ($full) {
                 $sql = "SELECT itemID FROM itemTags WHERE tagID=?";
                 $stmt = Zotero_DB::getStatement($sql, true, $shardID);
                 $dbItemIDs = Zotero_DB::columnQueryFromStatement($stmt, $tagID);
                 if ($dbItemIDs) {
                     $removed = array_diff($dbItemIDs, $currentIDs);
                     $newids = array_diff($currentIDs, $dbItemIDs);
                 } else {
                     $newids = $currentIDs;
                 }
             } else {
                 if ($this->previousData['linkedItems']) {
                     $removed = array_diff($this->previousData['linkedItems'], $currentIDs);
                     $newids = array_diff($currentIDs, $this->previousData['linkedItems']);
                 } else {
                     $newids = $currentIDs;
                 }
             }
             if ($removed) {
                 $sql = "DELETE FROM itemTags WHERE tagID=? AND itemID IN (";
                 $q = array_fill(0, sizeOf($removed), '?');
                 $sql .= implode(', ', $q) . ")";
                 Zotero_DB::query($sql, array_merge(array($this->id), $removed), $shardID);
             }
             if ($newids) {
                 $newids = array_values($newids);
                 $sql = "INSERT INTO itemTags (tagID, itemID) VALUES ";
                 $maxInsertGroups = 50;
                 Zotero_DB::bulkInsert($sql, $newids, $maxInsertGroups, $tagID, $shardID);
             }
             //Zotero.Notifier.trigger('add', 'collection-item', $this->id . '-' . $itemID);
         }
         Zotero_DB::commit();
         Zotero_Tags::cachePrimaryData(array('id' => $tagID, 'libraryID' => $this->libraryID, 'key' => $key, 'name' => $this->name, 'type' => $this->type ? $this->type : 0, 'dateAdded' => $dateAdded, 'dateModified' => $dateModified));
     } catch (Exception $e) {
         Zotero_DB::rollback();
         throw $e;
     }
     // If successful, set values in object
     if (!$this->id) {
         $this->id = $tagID;
     }
     if (!$this->key) {
         $this->key = $key;
     }
     $this->init();
     if ($isNew) {
         Zotero_Tags::cache($this);
         Zotero_Tags::cacheLibraryKeyID($this->libraryID, $key, $tagID);
     }
     return $this->id;
 }
Beispiel #26
0
 public static function clearAllData($libraryID)
 {
     if (empty($libraryID)) {
         throw new Exception("libraryID not provided");
     }
     Zotero_DB::beginTransaction();
     $tables = array('collections', 'creators', 'items', 'relations', 'savedSearches', 'tags', 'syncDeleteLogIDs', 'syncDeleteLogKeys', 'settings');
     $shardID = Zotero_Shards::getByLibraryID($libraryID);
     self::deleteCachedData($libraryID);
     // Because of the foreign key constraint on the itemID, delete MySQL full-text rows
     // first, and then clear from Elasticsearch below
     Zotero_FullText::deleteByLibraryMySQL($libraryID);
     foreach ($tables as $table) {
         // Delete notes and attachments first (since they may be child items)
         if ($table == 'items') {
             $sql = "DELETE FROM {$table} WHERE libraryID=? AND itemTypeID IN (1,14)";
             Zotero_DB::query($sql, $libraryID, $shardID);
         }
         $sql = "DELETE FROM {$table} WHERE libraryID=?";
         Zotero_DB::query($sql, $libraryID, $shardID);
     }
     Zotero_FullText::deleteByLibrary($libraryID);
     self::updateVersion($libraryID);
     self::updateTimestamps($libraryID);
     Zotero_Notifier::trigger("clear", "library", $libraryID);
     Zotero_DB::commit();
 }
Beispiel #27
0
 public static function delete($libraryID, $key)
 {
     $table = self::$table;
     $type = self::$objectType;
     $types = self::$objectTypePlural;
     if (!$key) {
         throw new Exception("Invalid key {$key}");
     }
     // Get object (and trigger caching)
     $obj = self::getByLibraryAndKey($libraryID, $key);
     if (!$obj) {
         return;
     }
     self::editCheck($obj);
     Z_Core::debug("Deleting {$type} {$libraryID}/{$key}", 4);
     $shardID = Zotero_Shards::getByLibraryID($libraryID);
     Zotero_DB::beginTransaction();
     // Delete child items
     if ($type == 'item') {
         if ($obj->isRegularItem()) {
             $children = array_merge($obj->getNotes(), $obj->getAttachments());
             if ($children) {
                 $children = Zotero_Items::get($libraryID, $children);
                 foreach ($children as $child) {
                     self::delete($child->libraryID, $child->key);
                 }
             }
         }
         // Remove relations (except for merge tracker)
         $uri = Zotero_URI::getItemURI($obj);
         Zotero_Relations::eraseByURI($libraryID, $uri, array(Zotero_Relations::$deletedItemPredicate));
     } else {
         if ($type == 'tag') {
             $tagName = $obj->name;
         }
     }
     if ($type == 'item' && $obj->isAttachment()) {
         Zotero_FullText::deleteItemContent($obj);
     }
     $sql = "DELETE FROM {$table} WHERE libraryID=? AND `key`=?";
     $deleted = Zotero_DB::query($sql, array($libraryID, $key), $shardID);
     self::unload($obj->id);
     if ($deleted) {
         $sql = "INSERT INTO syncDeleteLogKeys\n\t\t\t\t\t\t(libraryID, objectType, `key`, timestamp, version)\n\t\t\t\t\t\tVALUES (?, '{$type}', ?, ?, ?)\n\t\t\t\t\t\tON DUPLICATE KEY UPDATE timestamp=?, version=?";
         $timestamp = Zotero_DB::getTransactionTimestamp();
         $version = Zotero_Libraries::getUpdatedVersion($libraryID);
         $params = array($libraryID, $key, $timestamp, $version, $timestamp, $version);
         Zotero_DB::query($sql, $params, $shardID);
         if ($type == 'tag') {
             $sql = "INSERT INTO syncDeleteLogKeys\n\t\t\t\t\t\t\t(libraryID, objectType, `key`, timestamp, version)\n\t\t\t\t\t\t\tVALUES (?, 'tagName', ?, ?, ?)\n\t\t\t\t\t\t\tON DUPLICATE KEY UPDATE timestamp=?, version=?";
             $params = array($libraryID, $tagName, $timestamp, $version, $timestamp, $version);
             Zotero_DB::query($sql, $params, $shardID);
         }
     }
     Zotero_DB::commit();
 }
Beispiel #28
0
 /**
  * Add sync process and associated locks to database
  */
 private static function addUploadProcess($userID, $libraryIDs, $syncQueueID = null, $syncProcessID = null)
 {
     Zotero_DB::beginTransaction();
     $syncProcessID = $syncProcessID ? $syncProcessID : Zotero_ID::getBigInt();
     $sql = "INSERT INTO syncProcesses (syncProcessID, userID) VALUES (?, ?)";
     try {
         Zotero_DB::query($sql, array($syncProcessID, $userID));
     } catch (Exception $e) {
         $sql = "SELECT CONCAT(syncProcessID,' ',userID,' ',started) FROM syncProcesses WHERE userID=?";
         $val = Zotero_DB::valueQuery($sql, $userID);
         Z_Core::logError($val);
     }
     if ($libraryIDs) {
         $sql = "INSERT INTO syncProcessLocks VALUES ";
         $sql .= implode(', ', array_fill(0, sizeOf($libraryIDs), '(?,?)'));
         $params = array();
         foreach ($libraryIDs as $libraryID) {
             $params[] = $syncProcessID;
             $params[] = $libraryID;
         }
         Zotero_DB::query($sql, $params);
     }
     // Record the process id in the queue entry, if given
     if ($syncQueueID) {
         $sql = "UPDATE syncUploadQueue SET syncProcessID=? WHERE syncUploadQueueID=?";
         Zotero_DB::query($sql, array($syncProcessID, $syncQueueID));
     }
     Zotero_DB::commit();
     return $syncProcessID;
 }
Beispiel #29
0
 public static function updateFromJSON(Zotero_Item $item, $json, Zotero_Item $parentItem = null, $requestParams, $userID, $requireVersion = 0, $partialUpdate = false)
 {
     $json = Zotero_API::extractEditableJSON($json);
     $exists = Zotero_API::processJSONObjectKey($item, $json, $requestParams);
     // computerProgram used 'version' instead of 'versionNumber' before v3
     if ($requestParams['v'] < 3 && isset($json->version)) {
         $json->versionNumber = $json->version;
         unset($json->version);
     }
     Zotero_API::checkJSONObjectVersion($item, $json, $requestParams, $requireVersion);
     self::validateJSONItem($json, $item->libraryID, $exists ? $item : null, $parentItem || ($exists ? !!$item->getSourceKey() : false), $requestParams, $partialUpdate && $exists);
     $changed = false;
     $twoStage = false;
     if (!Zotero_DB::transactionInProgress()) {
         Zotero_DB::beginTransaction();
         $transactionStarted = true;
     } else {
         $transactionStarted = false;
     }
     // Set itemType first
     if (isset($json->itemType)) {
         $item->setField("itemTypeID", Zotero_ItemTypes::getID($json->itemType));
     }
     $changedDateModified = false;
     foreach ($json as $key => $val) {
         switch ($key) {
             case 'key':
             case 'version':
             case 'itemKey':
             case 'itemVersion':
             case 'itemType':
             case 'deleted':
                 continue;
             case 'parentItem':
                 $item->setSourceKey($val);
                 break;
             case 'creators':
                 if (!$val && !$item->numCreators()) {
                     continue 2;
                 }
                 $orderIndex = -1;
                 foreach ($val as $newCreatorData) {
                     // JSON uses 'name' and 'firstName'/'lastName',
                     // so switch to just 'firstName'/'lastName'
                     if (isset($newCreatorData->name)) {
                         $newCreatorData->firstName = '';
                         $newCreatorData->lastName = $newCreatorData->name;
                         unset($newCreatorData->name);
                         $newCreatorData->fieldMode = 1;
                     } else {
                         $newCreatorData->fieldMode = 0;
                     }
                     // Skip empty creators
                     if (Zotero_Utilities::unicodeTrim($newCreatorData->firstName) === "" && Zotero_Utilities::unicodeTrim($newCreatorData->lastName) === "") {
                         break;
                     }
                     $orderIndex++;
                     $newCreatorTypeID = Zotero_CreatorTypes::getID($newCreatorData->creatorType);
                     // Same creator in this position
                     $existingCreator = $item->getCreator($orderIndex);
                     if ($existingCreator && $existingCreator['ref']->equals($newCreatorData)) {
                         // Just change the creatorTypeID
                         if ($existingCreator['creatorTypeID'] != $newCreatorTypeID) {
                             $item->setCreator($orderIndex, $existingCreator['ref'], $newCreatorTypeID);
                         }
                         continue;
                     }
                     // Same creator in a different position, so use that
                     $existingCreators = $item->getCreators();
                     for ($i = 0, $len = sizeOf($existingCreators); $i < $len; $i++) {
                         if ($existingCreators[$i]['ref']->equals($newCreatorData)) {
                             $item->setCreator($orderIndex, $existingCreators[$i]['ref'], $newCreatorTypeID);
                             continue;
                         }
                     }
                     // Make a fake creator to use for the data lookup
                     $newCreator = new Zotero_Creator();
                     $newCreator->libraryID = $item->libraryID;
                     foreach ($newCreatorData as $key => $val) {
                         if ($key == 'creatorType') {
                             continue;
                         }
                         $newCreator->{$key} = $val;
                     }
                     // Look for an equivalent creator in this library
                     $candidates = Zotero_Creators::getCreatorsWithData($item->libraryID, $newCreator, true);
                     if ($candidates) {
                         $c = Zotero_Creators::get($item->libraryID, $candidates[0]);
                         $item->setCreator($orderIndex, $c, $newCreatorTypeID);
                         continue;
                     }
                     // None found, so make a new one
                     $creatorID = $newCreator->save();
                     $newCreator = Zotero_Creators::get($item->libraryID, $creatorID);
                     $item->setCreator($orderIndex, $newCreator, $newCreatorTypeID);
                 }
                 // Remove all existing creators above the current index
                 if ($exists && ($indexes = array_keys($item->getCreators()))) {
                     $i = max($indexes);
                     while ($i > $orderIndex) {
                         $item->removeCreator($i);
                         $i--;
                     }
                 }
                 break;
             case 'tags':
                 $item->setTags($val);
                 break;
             case 'collections':
                 $item->setCollections($val);
                 break;
             case 'relations':
                 $item->setRelations($val);
                 break;
             case 'attachments':
             case 'notes':
                 if (!$val) {
                     continue;
                 }
                 $twoStage = true;
                 break;
             case 'note':
                 $item->setNote($val);
                 break;
                 // Attachment properties
             // Attachment properties
             case 'linkMode':
                 $item->attachmentLinkMode = Zotero_Attachments::linkModeNameToNumber($val, true);
                 break;
             case 'contentType':
             case 'charset':
             case 'filename':
                 $k = "attachment" . ucwords($key);
                 $item->{$k} = $val;
                 break;
             case 'md5':
                 $item->attachmentStorageHash = $val;
                 break;
             case 'mtime':
                 $item->attachmentStorageModTime = $val;
                 break;
             case 'dateModified':
                 $changedDateModified = $item->setField($key, $val);
                 break;
             default:
                 $item->setField($key, $val);
                 break;
         }
     }
     if ($parentItem) {
         $item->setSource($parentItem->id);
     } else {
         if ($requestParams['v'] >= 2 && !$partialUpdate && $item->getSourceKey() && !isset($json->parentItem)) {
             $item->setSourceKey(false);
         }
     }
     $item->deleted = !empty($json->deleted);
     // If item has changed, update it with the current timestamp
     if ($item->hasChanged() && !$changedDateModified) {
         $item->dateModified = Zotero_DB::getTransactionTimestamp();
     }
     $changed = $item->save($userID) || $changed;
     // Additional steps that have to be performed on a saved object
     if ($twoStage) {
         foreach ($json as $key => $val) {
             switch ($key) {
                 case 'attachments':
                     if (!$val) {
                         continue;
                     }
                     foreach ($val as $attachmentJSON) {
                         $childItem = new Zotero_Item();
                         $childItem->libraryID = $item->libraryID;
                         self::updateFromJSON($childItem, $attachmentJSON, $item, $requestParams, $userID);
                     }
                     break;
                 case 'notes':
                     if (!$val) {
                         continue;
                     }
                     $noteItemTypeID = Zotero_ItemTypes::getID("note");
                     foreach ($val as $note) {
                         $childItem = new Zotero_Item();
                         $childItem->libraryID = $item->libraryID;
                         $childItem->itemTypeID = $noteItemTypeID;
                         $childItem->setSource($item->id);
                         $childItem->setNote($note->note);
                         $childItem->save();
                     }
                     break;
             }
         }
     }
     if ($transactionStarted) {
         Zotero_DB::commit();
     }
     return $changed;
 }
Beispiel #30
0
 public static function purge($libraryID)
 {
     $sql = "SELECT subject FROM relations " . "WHERE libraryID=? AND predicate!=? " . "UNION " . "SELECT object FROM relations " . "WHERE libraryID=? AND predicate!=?";
     $uris = Zotero . DB . columnQuery($sql, array($libraryID, self::$deletedItemPredicate, $libraryID, self::$deletedItemPredicate), Zotero_Shards::getByLibraryID($libraryID));
     if ($uris) {
         $prefix = Zotero_URI::getBaseURI();
         Zotero_DB::beginTransaction();
         foreach ($uris as $uri) {
             // Skip URIs that don't begin with the default prefix,
             // since they don't correspond to local items
             if (strpos($uri, $prefix) === false) {
                 continue;
             }
             if (preg_match('/\\/items\\//', $uri) && !Zotero_URI::getURIItem($uri)) {
                 self::eraseByURI($uri);
             }
             if (preg_match('/\\/collections\\//', $uri) && !Zotero_URI::getURICollection($uri)) {
                 self::eraseByURI($uri);
             }
         }
         Zotero_DB::commit();
     }
 }