public static function add($userID)
{
Z_Core::debug("Creating publications library for user {$userID}");
Zotero_DB::beginTransaction();
// Use same shard as user library
$shardID = Zotero_Shards::getByUserID($userID);
$libraryID = Zotero_Libraries::add('publications', $shardID);
$sql = "INSERT INTO userPublications (userID, libraryID) VALUES (?, ?)";
Zotero_DB::query($sql, [$userID, $libraryID]);
Zotero_DB::commit();
return $libraryID;
}
/**
* Handle uploaded data, overwriting existing data
*/
public function upload()
{
$this->sessionCheck();
// Another session is either queued or writing — upload data won't be valid,
// so client should wait and return to /updated with 'upload' flag
Zotero_DB::beginTransaction();
if (Zotero_Sync::userIsReadLocked($this->userID) || Zotero_Sync::userIsWriteLocked($this->userID)) {
Zotero_DB::commit();
$locked = $this->responseXML->addChild('locked');
$locked['wait'] = $this->getWaitTime($this->sessionID);
$this->end();
}
Zotero_DB::commit();
$this->clearWaitTime($this->sessionID);
if (empty($_REQUEST['updateKey'])) {
$this->error(400, 'INVALID_UPLOAD_DATA', 'Update key not provided');
}
if ($_REQUEST['updateKey'] != Zotero_Users::getUpdateKey($this->userID)) {
$this->e409("Server data has changed since last retrieval");
}
// TODO: change to POST
if (empty($_REQUEST['data'])) {
$this->error(400, 'MISSING_UPLOAD_DATA', 'Uploaded data not provided');
}
$xmldata =& $_REQUEST['data'];
try {
$doc = new DOMDocument();
$doc->loadXML($xmldata, LIBXML_PARSEHUGE);
// For huge uploads, make sure notes aren't bigger than SimpleXML can parse
if (strlen($xmldata) > 7000000) {
$xpath = new DOMXPath($doc);
$results = $xpath->query('/data/items/item/note[string-length(text()) > ' . Zotero_Notes::$MAX_NOTE_LENGTH . ']');
if ($results->length) {
$noteElem = $results->item(0);
$text = $noteElem->textContent;
$libraryID = $noteElem->parentNode->getAttribute('libraryID');
$key = $noteElem->parentNode->getAttribute('key');
// UTF-8 (0xC2 0xA0) isn't trimmed by default
$whitespace = chr(0x20) . chr(0x9) . chr(0xa) . chr(0xd) . chr(0x0) . chr(0xb) . chr(0xc2) . chr(0xa0);
$excerpt = iconv("UTF-8", "UTF-8//IGNORE", Zotero_Notes::noteToTitle(trim($text), true));
$excerpt = trim($excerpt, $whitespace);
// If tag-stripped version is empty, just return raw HTML
if ($excerpt == '') {
$excerpt = iconv("UTF-8", "UTF-8//IGNORE", preg_replace('/\\s+/', ' ', mb_substr(trim($text), 0, Zotero_Notes::$MAX_TITLE_LENGTH)));
$excerpt = html_entity_decode($excerpt);
$excerpt = trim($excerpt, $whitespace);
}
$msg = "=Note '" . $excerpt . "...' too long";
if ($key) {
$msg .= " for item '" . $libraryID . "/" . $key . "'";
}
throw new Exception($msg, Z_ERROR_NOTE_TOO_LONG);
}
}
} catch (Exception $e) {
$this->handleUploadError($e, $xmldata);
}
function relaxNGErrorHandler($errno, $errstr)
{
//Z_Core::logError($errstr);
}
set_error_handler('relaxNGErrorHandler');
set_time_limit(60);
if (!$doc->relaxNGValidate(Z_ENV_MODEL_PATH . 'relax-ng/upload.rng')) {
$id = substr(md5(uniqid(rand(), true)), 0, 10);
$str = date("D M j G:i:s T Y") . "\n";
$str .= "IP address: " . $_SERVER['REMOTE_ADDR'] . "\n";
if (isset($_SERVER['HTTP_X_ZOTERO_VERSION'])) {
$str .= "Version: " . $_SERVER['HTTP_X_ZOTERO_VERSION'] . "\n";
}
$str .= "Error: RELAX NG validation failed\n\n";
$str .= $xmldata;
if (!file_put_contents(Z_CONFIG::$SYNC_ERROR_PATH . $id, $str)) {
error_log("Unable to save error report to " . Z_CONFIG::$SYNC_ERROR_PATH . $id);
}
$this->error(500, 'INVALID_UPLOAD_DATA', "Uploaded data not well-formed (Report ID: {$id})");
}
restore_error_handler();
try {
$xml = simplexml_import_dom($doc);
$queue = true;
if (Z_ENV_TESTING_SITE && !empty($_GET['noqueue'])) {
$queue = false;
}
if ($queue) {
$affectedLibraries = Zotero_Sync::parseAffectedLibraries($xmldata);
// Relations-only uploads don't have affected libraries
if (!$affectedLibraries) {
$affectedLibraries = array(Zotero_Users::getLibraryIDFromUserID($this->userID));
}
Zotero_Sync::queueUpload($this->userID, $this->sessionID, $xmldata, $affectedLibraries);
try {
Zotero_Processors::notifyProcessors('upload');
Zotero_Processors::notifyProcessors('error');
usleep(750000);
} catch (Exception $e) {
Z_Core::logError($e);
}
// Give processor a chance to finish while we're still here
$this->uploadstatus();
} else {
set_time_limit(210);
$timestamp = Zotero_Sync::processUpload($this->userID, $xml);
$this->responseXML['timestamp'] = $timestamp;
$this->responseXML->addChild('uploaded');
$this->end();
}
} catch (Exception $e) {
$this->handleUploadError($e, $xmldata);
}
}
public function save($userID=false) {
if (!$this->_libraryID) {
trigger_error("Library ID must be set before saving", E_USER_ERROR);
}
Zotero_Items::editCheck($this, $userID);
if (!$this->hasChanged()) {
Z_Core::debug("Item $this->id has not changed");
return false;
}
$this->cacheEnabled = false;
// Make sure there are no gaps in the creator indexes
$creators = $this->getCreators();
$lastPos = -1;
foreach ($creators as $pos=>$creator) {
if ($pos != $lastPos + 1) {
trigger_error("Creator index $pos out of sequence for item $this->id", E_USER_ERROR);
}
$lastPos++;
}
$shardID = Zotero_Shards::getByLibraryID($this->_libraryID);
$env = [];
Zotero_DB::beginTransaction();
try {
//
// New item, insert and return id
//
if (!$this->id || (empty($this->changed['version']) && !$this->exists())) {
Z_Core::debug('Saving data for new item to database');
$isNew = $env['isNew'] = true;
$sqlColumns = array();
$sqlValues = array();
//
// Primary fields
//
$itemID = $this->_id = $this->_id ? $this->_id : Zotero_ID::get('items');
$key = $this->_key = $this->_key ? $this->_key : Zotero_ID::getKey();
$sqlColumns = array(
'itemID',
'itemTypeID',
'libraryID',
'key',
'dateAdded',
'dateModified',
'serverDateModified',
'version'
);
$timestamp = Zotero_DB::getTransactionTimestamp();
$dateAdded = $this->_dateAdded ? $this->_dateAdded : $timestamp;
$dateModified = $this->_dateModified ? $this->_dateModified : $timestamp;
$version = Zotero_Libraries::getUpdatedVersion($this->_libraryID);
$sqlValues = array(
$itemID,
$this->_itemTypeID,
$this->_libraryID,
$key,
$dateAdded,
$dateModified,
$timestamp,
$version
);
$sql = 'INSERT INTO items (`' . implode('`, `', $sqlColumns) . '`) VALUES (';
// Insert placeholders for bind parameters
for ($i=0; $i<sizeOf($sqlValues); $i++) {
$sql .= '?, ';
}
$sql = substr($sql, 0, -2) . ')';
// Save basic data to items table
try {
$insertID = Zotero_DB::query($sql, $sqlValues, $shardID);
}
catch (Exception $e) {
if (strpos($e->getMessage(), "Incorrect datetime value") !== false) {
preg_match("/Incorrect datetime value: '([^']+)'/", $e->getMessage(), $matches);
throw new Exception("=Invalid date value '{$matches[1]}' for item $key", Z_ERROR_INVALID_INPUT);
}
throw $e;
}
if (!$this->_id) {
if (!$insertID) {
throw new Exception("Item id not available after INSERT");
}
$itemID = $insertID;
$this->_serverDateModified = $timestamp;
}
// Group item data
if (Zotero_Libraries::getType($this->_libraryID) == 'group' && $userID) {
$sql = "INSERT INTO groupItems VALUES (?, ?, ?)";
Zotero_DB::query($sql, array($itemID, $userID, $userID), $shardID);
}
//
// ItemData
//
if (!empty($this->changed['itemData'])) {
// Use manual bound parameters to speed things up
$origInsertSQL = "INSERT INTO itemData (itemID, fieldID, value) VALUES ";
$insertSQL = $origInsertSQL;
$insertParams = array();
$insertCounter = 0;
$maxInsertGroups = 40;
$max = Zotero_Items::$maxDataValueLength;
$fieldIDs = array_keys($this->changed['itemData']);
foreach ($fieldIDs as $fieldID) {
$value = $this->getField($fieldID, true, false, true);
if ($value == 'CURRENT_TIMESTAMP'
&& Zotero_ItemFields::getID('accessDate') == $fieldID) {
$value = Zotero_DB::getTransactionTimestamp();
}
// Check length
if (strlen($value) > $max) {
$fieldName = Zotero_ItemFields::getLocalizedString(
$this->_itemTypeID, $fieldID
);
$msg = "=$fieldName field value " .
"'" . mb_substr($value, 0, 50) . "...' too long";
if ($this->_key) {
$msg .= " for item '" . $this->_libraryID . "/" . $key . "'";
}
throw new Exception($msg, Z_ERROR_FIELD_TOO_LONG);
}
if ($insertCounter < $maxInsertGroups) {
$insertSQL .= "(?,?,?),";
$insertParams = array_merge(
$insertParams,
array($itemID, $fieldID, $value)
);
}
if ($insertCounter == $maxInsertGroups - 1) {
$insertSQL = substr($insertSQL, 0, -1);
$stmt = Zotero_DB::getStatement($insertSQL, true, $shardID);
Zotero_DB::queryFromStatement($stmt, $insertParams);
$insertSQL = $origInsertSQL;
$insertParams = array();
$insertCounter = -1;
}
$insertCounter++;
}
if ($insertCounter > 0 && $insertCounter < $maxInsertGroups) {
$insertSQL = substr($insertSQL, 0, -1);
$stmt = Zotero_DB::getStatement($insertSQL, true, $shardID);
Zotero_DB::queryFromStatement($stmt, $insertParams);
}
}
//
// Creators
//
if (!empty($this->changed['creators'])) {
$indexes = array_keys($this->changed['creators']);
// TODO: group queries
$sql = "INSERT INTO itemCreators
(itemID, creatorID, creatorTypeID, orderIndex) VALUES ";
$placeholders = array();
$sqlValues = array();
$cacheRows = array();
foreach ($indexes as $orderIndex) {
Z_Core::debug('Adding creator in position ' . $orderIndex, 4);
$creator = $this->getCreator($orderIndex);
if (!$creator) {
continue;
}
if ($creator['ref']->hasChanged()) {
Z_Core::debug("Auto-saving changed creator {$creator['ref']->id}");
try {
$creator['ref']->save();
}
catch (Exception $e) {
// TODO: Provide the item in question
/*if (strpos($e->getCode() == Z_ERROR_CREATOR_TOO_LONG)) {
$msg = $e->getMessage();
$msg = str_replace(
"with this name and shorten it.",
"with this name, or paste '$key' into the quick search bar "
. "in the Zotero toolbar, and shorten the name."
);
throw new Exception($msg, Z_ERROR_CREATOR_TOO_LONG);
}*/
throw $e;
}
}
$placeholders[] = "(?, ?, ?, ?)";
array_push(
$sqlValues,
$itemID,
$creator['ref']->id,
$creator['creatorTypeID'],
$orderIndex
);
$cacheRows[] = array(
'creatorID' => $creator['ref']->id,
'creatorTypeID' => $creator['creatorTypeID'],
'orderIndex' => $orderIndex
);
}
if ($sqlValues) {
$sql = $sql . implode(',', $placeholders);
Zotero_DB::query($sql, $sqlValues, $shardID);
}
}
// Deleted item
if (!empty($this->changed['deleted'])) {
$deleted = $this->getDeleted();
if ($deleted) {
$sql = "REPLACE INTO deletedItems (itemID) VALUES (?)";
}
else {
$sql = "DELETE FROM deletedItems WHERE itemID=?";
}
Zotero_DB::query($sql, $itemID, $shardID);
}
// Note
if ($this->isNote() || !empty($this->changed['note'])) {
if (!is_string($this->noteText)) {
$this->noteText = '';
}
// If we don't have a sanitized note, generate one
if (is_null($this->noteTextSanitized)) {
$noteTextSanitized = Zotero_Notes::sanitize($this->noteText);
// But if note is sanitized already, store empty string
if ($this->noteText === $noteTextSanitized) {
$this->noteTextSanitized = '';
}
else {
$this->noteTextSanitized = $noteTextSanitized;
}
}
$this->noteTitle = Zotero_Notes::noteToTitle(
$this->noteTextSanitized === '' ? $this->noteText : $this->noteTextSanitized
);
$sql = "INSERT INTO itemNotes
(itemID, sourceItemID, note, noteSanitized, title, hash)
VALUES (?,?,?,?,?,?)";
$parent = $this->isNote() ? $this->getSource() : null;
$hash = $this->noteText ? md5($this->noteText) : '';
$bindParams = array(
$itemID,
$parent ? $parent : null,
$this->noteText !== null ? $this->noteText : '',
$this->noteTextSanitized,
$this->noteTitle,
$hash
);
try {
Zotero_DB::query($sql, $bindParams, $shardID);
}
catch (Exception $e) {
if (strpos($e->getMessage(), "Incorrect string value") !== false) {
throw new Exception("=Invalid character in note '" . Zotero_Utilities::ellipsize($title, 70) . "'", Z_ERROR_INVALID_INPUT);
}
throw ($e);
}
Zotero_Notes::updateNoteCache($this->_libraryID, $itemID, $this->noteText);
Zotero_Notes::updateHash($this->_libraryID, $itemID, $hash);
}
// Attachment
if ($this->isAttachment()) {
$sql = "INSERT INTO itemAttachments
(itemID, sourceItemID, linkMode, mimeType, charsetID, path, storageModTime, storageHash)
VALUES (?,?,?,?,?,?,?,?)";
$parent = $this->getSource();
if ($parent) {
$parentItem = Zotero_Items::get($this->_libraryID, $parent);
if (!$parentItem) {
throw new Exception("Parent item $parent not found");
}
if ($parentItem->getSource()) {
$parentKey = $parentItem->key;
throw new Exception("=Parent item $parentKey cannot be a child attachment", Z_ERROR_INVALID_INPUT);
}
}
$linkMode = $this->attachmentLinkMode;
$charsetID = Zotero_CharacterSets::getID($this->attachmentCharset);
$path = $this->attachmentPath;
$storageModTime = $this->attachmentStorageModTime;
$storageHash = $this->attachmentStorageHash;
$bindParams = array(
$itemID,
$parent ? $parent : null,
$linkMode + 1,
$this->attachmentMIMEType,
$charsetID ? $charsetID : null,
$path ? $path : '',
$storageModTime ? $storageModTime : null,
$storageHash ? $storageHash : null
);
Zotero_DB::query($sql, $bindParams, $shardID);
}
// Sort fields
$sortTitle = Zotero_Items::getSortTitle($this->getDisplayTitle(true));
if (mb_substr($sortTitle, 0, 5) == mb_substr($this->getField('title', false, true), 0, 5)) {
$sortTitle = null;
}
$creatorSummary = $this->isRegularItem()
? mb_strcut($this->getCreatorSummary(true), 0, Zotero_Creators::$creatorSummarySortLength)
: '';
$sql = "INSERT INTO itemSortFields (itemID, sortTitle, creatorSummary) VALUES (?, ?, ?)";
Zotero_DB::query($sql, array($itemID, $sortTitle, $creatorSummary), $shardID);
//
// Source item id
//
if ($sourceItemID = $this->getSource()) {
$newSourceItem = Zotero_Items::get($this->_libraryID, $sourceItemID);
if (!$newSourceItem) {
throw new Exception("Cannot set source to invalid item");
}
switch (Zotero_ItemTypes::getName($this->_itemTypeID)) {
case 'note':
$newSourceItem->incrementNoteCount();
break;
case 'attachment':
$newSourceItem->incrementAttachmentCount();
break;
}
}
// Collections
if (!empty($this->changed['collections'])) {
foreach ($this->collections as $collectionKey) {
$collection = Zotero_Collections::getByLibraryAndKey($this->_libraryID, $collectionKey);
if (!$collection) {
throw new Exception("Collection with key '$collectionKey' not found", Z_ERROR_COLLECTION_NOT_FOUND);
}
$collection->addItem($itemID);
$collection->save();
}
}
// Tags
if (!empty($this->changed['tags'])) {
foreach ($this->tags as $tag) {
$tagID = Zotero_Tags::getID($this->libraryID, $tag->tag, $tag->type);
if ($tagID) {
$tagObj = Zotero_Tags::get($this->_libraryID, $tagID);
}
else {
$tagObj = new Zotero_Tag;
$tagObj->libraryID = $this->_libraryID;
$tagObj->name = $tag->tag;
$tagObj->type = (int) $tag->type ? $tag->type : 0;
}
$tagObj->addItem($this->_key);
$tagObj->save();
}
}
// Related items
if (!empty($this->changed['relations'])) {
$uri = Zotero_URI::getItemURI($this);
$sql = "INSERT IGNORE INTO relations "
. "(relationID, libraryID, `key`, subject, predicate, object) "
. "VALUES (?, ?, ?, ?, ?, ?)";
$insertStatement = Zotero_DB::getStatement($sql, false, $shardID);
foreach ($this->relations as $rel) {
$insertStatement->execute(
array(
Zotero_ID::get('relations'),
$this->_libraryID,
Zotero_Relations::makeKey($uri, $rel[0], $rel[1]),
$uri,
$rel[0],
$rel[1]
)
);
}
}
// Remove from delete log if it's there
$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='item' AND `key`=?";
Zotero_DB::query($sql, array($this->_libraryID, $key), $shardID);
}
//
// Existing item, update
//
else {
Z_Core::debug('Updating database with new item data for item '
. $this->_libraryID . '/' . $this->_key, 4);
$isNew = $env['isNew'] = false;
//
// Primary fields
//
$sql = "UPDATE items SET ";
$sqlValues = array();
$timestamp = Zotero_DB::getTransactionTimestamp();
$version = Zotero_Libraries::getUpdatedVersion($this->_libraryID);
$updateFields = array(
'itemTypeID',
'libraryID',
'key',
'dateAdded',
'dateModified'
);
if (!empty($this->changed['primaryData'])) {
foreach ($updateFields as $updateField) {
if (in_array($updateField, $this->changed['primaryData'])) {
$sql .= "`$updateField`=?, ";
$sqlValues[] = $this->{"_$updateField"};
}
}
}
$sql .= "serverDateModified=?, version=? WHERE itemID=?";
array_push(
$sqlValues,
$timestamp,
$version,
$this->_id
);
Zotero_DB::query($sql, $sqlValues, $shardID);
$this->_serverDateModified = $timestamp;
// Group item data
if (Zotero_Libraries::getType($this->_libraryID) == 'group' && $userID) {
$sql = "INSERT INTO groupItems VALUES (?, ?, ?)
ON DUPLICATE KEY UPDATE lastModifiedByUserID=?";
Zotero_DB::query($sql, array($this->_id, null, $userID, $userID), $shardID);
}
//
// ItemData
//
if (!empty($this->changed['itemData'])) {
$del = array();
$origReplaceSQL = "REPLACE INTO itemData (itemID, fieldID, value) VALUES ";
$replaceSQL = $origReplaceSQL;
$replaceParams = array();
$replaceCounter = 0;
$maxReplaceGroups = 40;
$max = Zotero_Items::$maxDataValueLength;
$fieldIDs = array_keys($this->changed['itemData']);
foreach ($fieldIDs as $fieldID) {
$value = $this->getField($fieldID, true, false, true);
// If field changed and is empty, mark row for deletion
if ($value === "") {
$del[] = $fieldID;
continue;
}
if ($value == 'CURRENT_TIMESTAMP'
&& Zotero_ItemFields::getID('accessDate') == $fieldID) {
$value = Zotero_DB::getTransactionTimestamp();
}
// Check length
if (strlen($value) > $max) {
$fieldName = Zotero_ItemFields::getLocalizedString(
$this->_itemTypeID, $fieldID
);
$msg = "=$fieldName field value " .
"'" . mb_substr($value, 0, 50) . "...' too long";
if ($this->_key) {
$msg .= " for item '" . $this->_libraryID
. "/" . $this->_key . "'";
}
throw new Exception($msg, Z_ERROR_FIELD_TOO_LONG);
}
if ($replaceCounter < $maxReplaceGroups) {
$replaceSQL .= "(?,?,?),";
$replaceParams = array_merge($replaceParams,
array($this->_id, $fieldID, $value)
);
}
if ($replaceCounter == $maxReplaceGroups - 1) {
$replaceSQL = substr($replaceSQL, 0, -1);
$stmt = Zotero_DB::getStatement($replaceSQL, true, $shardID);
Zotero_DB::queryFromStatement($stmt, $replaceParams);
$replaceSQL = $origReplaceSQL;
$replaceParams = array();
$replaceCounter = -1;
}
$replaceCounter++;
}
if ($replaceCounter > 0 && $replaceCounter < $maxReplaceGroups) {
$replaceSQL = substr($replaceSQL, 0, -1);
$stmt = Zotero_DB::getStatement($replaceSQL, true, $shardID);
Zotero_DB::queryFromStatement($stmt, $replaceParams);
}
// Update memcached with used fields
$fids = array();
foreach ($this->itemData as $fieldID=>$value) {
if ($value !== false && $value !== null) {
$fids[] = $fieldID;
}
}
// Delete blank fields
if ($del) {
$sql = 'DELETE from itemData WHERE itemID=? AND fieldID IN (';
$sqlParams = array($this->_id);
foreach ($del as $d) {
$sql .= '?, ';
$sqlParams[] = $d;
}
$sql = substr($sql, 0, -2) . ')';
Zotero_DB::query($sql, $sqlParams, $shardID);
}
}
//
// Creators
//
if (!empty($this->changed['creators'])) {
$indexes = array_keys($this->changed['creators']);
$sql = "INSERT INTO itemCreators
(itemID, creatorID, creatorTypeID, orderIndex) VALUES ";
$placeholders = array();
$sqlValues = array();
$cacheRows = array();
foreach ($indexes as $orderIndex) {
Z_Core::debug('Creator in position ' . $orderIndex . ' has changed', 4);
$creator = $this->getCreator($orderIndex);
$sql2 = 'DELETE FROM itemCreators WHERE itemID=? AND orderIndex=?';
Zotero_DB::query($sql2, array($this->_id, $orderIndex), $shardID);
if (!$creator) {
continue;
}
if ($creator['ref']->hasChanged()) {
Z_Core::debug("Auto-saving changed creator {$creator['ref']->id}");
$creator['ref']->save();
}
$placeholders[] = "(?, ?, ?, ?)";
array_push(
$sqlValues,
$this->_id,
$creator['ref']->id,
$creator['creatorTypeID'],
$orderIndex
);
}
if ($sqlValues) {
$sql = $sql . implode(',', $placeholders);
Zotero_DB::query($sql, $sqlValues, $shardID);
}
}
// Deleted item
if (!empty($this->changed['deleted'])) {
$deleted = $this->getDeleted();
if ($deleted) {
$sql = "REPLACE INTO deletedItems (itemID) VALUES (?)";
}
else {
$sql = "DELETE FROM deletedItems WHERE itemID=?";
}
Zotero_DB::query($sql, $this->_id, $shardID);
}
// In case this was previously a standalone item,
// delete from any collections it may have been in
if (!empty($this->changed['source']) && $this->getSource()) {
$sql = "DELETE FROM collectionItems WHERE itemID=?";
Zotero_DB::query($sql, $this->_id, $shardID);
}
//
// Note or attachment note
//
if (!empty($this->changed['note'])) {
// If we don't have a sanitized note, generate one
if (is_null($this->noteTextSanitized)) {
$noteTextSanitized = Zotero_Notes::sanitize($this->noteText);
// But if note is sanitized already, store empty string
if ($this->noteText == $noteTextSanitized) {
$this->noteTextSanitized = '';
}
else {
$this->noteTextSanitized = $noteTextSanitized;
}
}
$this->noteTitle = Zotero_Notes::noteToTitle(
$this->noteTextSanitized === '' ? $this->noteText : $this->noteTextSanitized
);
// Only record sourceItemID in itemNotes for notes
if ($this->isNote()) {
$sourceItemID = $this->getSource();
}
$sourceItemID = !empty($sourceItemID) ? $sourceItemID : null;
$hash = $this->noteText ? md5($this->noteText) : '';
$sql = "INSERT INTO itemNotes
(itemID, sourceItemID, note, noteSanitized, title, hash)
VALUES (?,?,?,?,?,?)
ON DUPLICATE KEY UPDATE sourceItemID=?, note=?, noteSanitized=?, title=?, hash=?";
$bindParams = array(
$this->_id,
$sourceItemID, $this->noteText, $this->noteTextSanitized, $this->noteTitle, $hash,
$sourceItemID, $this->noteText, $this->noteTextSanitized, $this->noteTitle, $hash
);
Zotero_DB::query($sql, $bindParams, $shardID);
Zotero_Notes::updateNoteCache($this->_libraryID, $this->_id, $this->noteText);
Zotero_Notes::updateHash($this->_libraryID, $this->_id, $hash);
// TODO: handle changed source?
}
// Attachment
if (!empty($this->changed['attachmentData'])) {
$sql = "INSERT INTO itemAttachments
(itemID, sourceItemID, linkMode, mimeType, charsetID, path, storageModTime, storageHash)
VALUES (?,?,?,?,?,?,?,?)
ON DUPLICATE KEY UPDATE
sourceItemID=VALUES(sourceItemID),
linkMode=VALUES(linkMode),
mimeType=VALUES(mimeType),
charsetID=VALUES(charsetID),
path=VALUES(path),
storageModTime=VALUES(storageModTime),
storageHash=VALUES(storageHash)";
$parent = $this->getSource();
if ($parent) {
$parentItem = Zotero_Items::get($this->_libraryID, $parent);
if (!$parentItem) {
throw new Exception("Parent item $parent not found");
}
if ($parentItem->getSource()) {
$parentKey = $parentItem->key;
throw new Exception("=Parent item $parentKey cannot be a child attachment", Z_ERROR_INVALID_INPUT);
}
}
$linkMode = $this->attachmentLinkMode;
$charsetID = Zotero_CharacterSets::getID($this->attachmentCharset);
$path = $this->attachmentPath;
$storageModTime = $this->attachmentStorageModTime;
$storageHash = $this->attachmentStorageHash;
$bindParams = array(
$this->_id,
$parent ? $parent : null,
$linkMode + 1,
$this->attachmentMIMEType,
$charsetID ? $charsetID : null,
$path ? $path : '',
$storageModTime ? $storageModTime : null,
$storageHash ? $storageHash : null
);
Zotero_DB::query($sql, $bindParams, $shardID);
}
// Sort fields
if (!empty($this->changed['primaryData']['itemTypeID'])
|| !empty($this->changed['itemData'])
|| !empty($this->changed['creators'])) {
$sql = "UPDATE itemSortFields SET sortTitle=?";
$params = array();
$sortTitle = Zotero_Items::getSortTitle($this->getDisplayTitle(true));
if (mb_substr($sortTitle, 0, 5) == mb_substr($this->getField('title', false, true), 0, 5)) {
$sortTitle = null;
}
$params[] = $sortTitle;
if (!empty($this->changed['creators'])) {
$creatorSummary = mb_strcut($this->getCreatorSummary(true), 0, Zotero_Creators::$creatorSummarySortLength);
$sql .= ", creatorSummary=?";
$params[] = $creatorSummary;
}
$sql .= " WHERE itemID=?";
$params[] = $this->_id;
Zotero_DB::query($sql, $params, $shardID);
}
//
// Source item id
//
if (!empty($this->changed['source'])) {
$type = Zotero_ItemTypes::getName($this->_itemTypeID);
$Type = ucwords($type);
// Update DB, if not a note or attachment we already changed above
if (empty($this->changed['attachmentData']) && (empty($this->changed['note']) || !$this->isNote())) {
$sql = "UPDATE item" . $Type . "s SET sourceItemID=? WHERE itemID=?";
$parent = $this->getSource();
$bindParams = array(
$parent ? $parent : null,
$this->_id
);
Zotero_DB::query($sql, $bindParams, $shardID);
}
}
if (false && !empty($this->changed['source'])) {
trigger_error("Unimplemented", E_USER_ERROR);
$newItem = Zotero_Items::get($this->_libraryID, $sourceItemID);
// FK check
if ($newItem) {
if ($sourceItemID) {
}
else {
trigger_error("Cannot set $type source to invalid item $sourceItemID", E_USER_ERROR);
}
}
$oldSourceItemID = $this->getSource();
if ($oldSourceItemID == $sourceItemID) {
Z_Core::debug("$Type source hasn't changed", 4);
}
else {
$oldItem = Zotero_Items::get($this->_libraryID, $oldSourceItemID);
if ($oldSourceItemID && $oldItem) {
}
else {
//$oldItemNotifierData = null;
Z_Core::debug("Old source item $oldSourceItemID didn't exist in setSource()", 2);
}
// If this was an independent item, remove from any collections where it
// existed previously and add source instead if there is one
if (!$oldSourceItemID) {
$sql = "SELECT collectionID FROM collectionItems WHERE itemID=?";
$changedCollections = Zotero_DB::query($sql, $itemID, $shardID);
if ($changedCollections) {
trigger_error("Unimplemented", E_USER_ERROR);
if ($sourceItemID) {
$sql = "UPDATE OR REPLACE collectionItems "
. "SET itemID=? WHERE itemID=?";
Zotero_DB::query($sql, array($sourceItemID, $this->_id), $shardID);
}
else {
$sql = "DELETE FROM collectionItems WHERE itemID=?";
Zotero_DB::query($sql, $this->_id, $shardID);
}
}
}
$sql = "UPDATE item{$Type}s SET sourceItemID=?
WHERE itemID=?";
$bindParams = array(
$sourceItemID ? $sourceItemID : null,
$itemID
);
Zotero_DB::query($sql, $bindParams, $shardID);
//Zotero.Notifier.trigger('modify', 'item', $this->_id, notifierData);
// Update the counts of the previous and new sources
if ($oldItem) {
/*
switch ($type) {
case 'note':
$oldItem->decrementNoteCount();
break;
case 'attachment':
$oldItem->decrementAttachmentCount();
break;
}
*/
//Zotero.Notifier.trigger('modify', 'item', oldSourceItemID, oldItemNotifierData);
}
if ($newItem) {
/*
switch ($type) {
case 'note':
$newItem->incrementNoteCount();
break;
case 'attachment':
$newItem->incrementAttachmentCount();
break;
}
*/
//Zotero.Notifier.trigger('modify', 'item', sourceItemID, newItemNotifierData);
}
}
}
// Collections
if (!empty($this->changed['collections'])) {
$oldCollections = $this->previousData['collections'];
$newCollections = $this->collections;
$toAdd = array_diff($newCollections, $oldCollections);
$toRemove = array_diff($oldCollections, $newCollections);
foreach ($toAdd as $collectionKey) {
$collection = Zotero_Collections::getByLibraryAndKey($this->_libraryID, $collectionKey);
if (!$collection) {
throw new Exception("Collection with key '$collectionKey' not found", Z_ERROR_COLLECTION_NOT_FOUND);
}
$collection->addItem($this->_id);
$collection->save();
}
foreach ($toRemove as $collectionKey) {
$collection = Zotero_Collections::getByLibraryAndKey($this->_libraryID, $collectionKey);
$collection->removeItem($this->_id);
$collection->save();
}
}
if (!empty($this->changed['tags'])) {
$oldTags = $this->previousData['tags'];
$newTags = $this->tags;
$toAdd = [];
$toRemove = [];
// Get new tags not in existing
for ($i=0, $len=sizeOf($newTags); $i<$len; $i++) {
if (!isset($newTags[$i]->type)) {
$newTags[$i]->type = 0;
}
$name = trim($newTags[$i]->tag);
$type = $newTags[$i]->type;
foreach ($oldTags as $tag) {
// Do a case-insensitive comparison, to match the client
if (strtolower($tag->name) == strtolower($name) && $tag->type == $type) {
continue 2;
}
}
$toAdd[] = $newTags[$i];
}
// Get existing tags not in new
for ($i=0, $len=sizeOf($oldTags); $i<$len; $i++) {
$name = $oldTags[$i]->name;
$type = $oldTags[$i]->type;
foreach ($newTags as $tag) {
if (strtolower($tag->tag) == strtolower($name) && $tag->type == $type) {
continue 2;
}
}
$toRemove[] = $oldTags[$i];
}
foreach ($toAdd as $tag) {
$name = $tag->tag;
$type = $tag->type;
$tagID = Zotero_Tags::getID($this->_libraryID, $name, $type, true);
if (!$tagID) {
$tag = new Zotero_Tag;
$tag->libraryID = $this->_libraryID;
$tag->name = $name;
$tag->type = $type;
$tagID = $tag->save();
}
$tag = Zotero_Tags::get($this->_libraryID, $tagID);
$tag->addItem($this->_key);
$tag->save();
}
foreach ($toRemove as $tag) {
$tag->removeItem($this->_key);
$tag->save();
}
}
// Related items
if (!empty($this->changed['relations'])) {
$removed = [];
$new = [];
$current = $this->relations;
// TEMP
// Convert old-style related items into relations
$sql = "SELECT `key` FROM itemRelated IR "
. "JOIN items I ON (IR.linkedItemID=I.itemID) "
. "WHERE IR.itemID=?";
$toMigrate = Zotero_DB::columnQuery($sql, $this->_id, $shardID);
if ($toMigrate) {
$prefix = Zotero_URI::getLibraryURI($this->_libraryID) . "/items/";
$new = array_map(function ($key) use ($prefix) {
return [
Zotero_Relations::$relatedItemPredicate,
$prefix . $key
];
}, $toMigrate);
$sql = "DELETE FROM itemRelated WHERE itemID=?";
Zotero_DB::query($sql, $this->_id, $shardID);
}
foreach ($this->previousData['relations'] as $rel) {
if (array_search($rel, $current) === false) {
$removed[] = $rel;
}
}
foreach ($current as $rel) {
if (array_search($rel, $this->previousData['relations']) !== false) {
continue;
}
$new[] = $rel;
}
$uri = Zotero_URI::getItemURI($this);
if ($removed) {
$sql = "DELETE FROM relations WHERE libraryID=? AND `key`=?";
$deleteStatement = Zotero_DB::getStatement($sql, false, $shardID);
foreach ($removed as $rel) {
$params = [
$this->_libraryID,
Zotero_Relations::makeKey($uri, $rel[0], $rel[1])
];
$deleteStatement->execute($params);
// TEMP
// For owl:sameAs, delete reverse as well, since the client
// can save that way
if ($rel[0] == Zotero_Relations::$linkedObjectPredicate) {
$params = [
$this->_libraryID,
Zotero_Relations::makeKey($rel[1], $rel[0], $uri)
];
$deleteStatement->execute($params);
}
}
}
if ($new) {
$sql = "INSERT IGNORE INTO relations "
. "(relationID, libraryID, `key`, subject, predicate, object) "
. "VALUES (?, ?, ?, ?, ?, ?)";
$insertStatement = Zotero_DB::getStatement($sql, false, $shardID);
foreach ($new as $rel) {
$insertStatement->execute(
array(
Zotero_ID::get('relations'),
$this->_libraryID,
Zotero_Relations::makeKey($uri, $rel[0], $rel[1]),
$uri,
$rel[0],
$rel[1]
)
);
// If adding a related item, the version on that item has to be
// updated as well (if it exists). Otherwise, requests for that
// item will return cached data without the new relation.
if ($rel[0] == Zotero_Relations::$relatedItemPredicate) {
$relatedItem = Zotero_URI::getURIItem($rel[1]);
if (!$relatedItem) {
Z_Core::debug("Related item " . $rel[1] . " does not exist "
. "for item " . $this->_libraryKey);
continue;
}
// If item has already changed, assume something else is taking
// care of saving it and don't do so now, to avoid endless loops
// with circular relations
if ($relatedItem->hasChanged()) {
continue;
}
$relatedItem->updateVersion($userID);
}
}
}
}
}
Zotero_DB::commit();
}
catch (Exception $e) {
Zotero_DB::rollback();
throw ($e);
}
$this->cacheEnabled = false;
$this->finalizeSave($env);
if ($isNew) {
Zotero_Notifier::trigger('add', 'item', $this->_libraryID . "/" . $this->_key);
return $this->_id;
}
Zotero_Notifier::trigger('modify', 'item', $this->_libraryID . "/" . $this->_key);
return true;
}
/**
* $tags is an array of objects with properties 'tag' and 'type'
*/
public function setTags($newTags)
{
if (!$this->id) {
throw new Exception('itemID not set');
}
$numTags = $this->numTags();
if (!$newTags && !$numTags) {
return false;
}
Zotero_DB::beginTransaction();
$existingTags = $this->getTags();
$toAdd = array();
$toRemove = array();
// Get new tags not in existing
for ($i = 0, $len = sizeOf($newTags); $i < $len; $i++) {
if (!isset($newTags[$i]->type)) {
$newTags[$i]->type = 0;
}
$name = trim($newTags[$i]->tag);
// 'tag', not 'name', since that's what JSON uses
$type = $newTags[$i]->type;
foreach ($existingTags as $tag) {
// Do a case-insensitive comparison, to match the client
if (strtolower($tag->name) == strtolower($name) && $tag->type == $type) {
continue 2;
}
}
$toAdd[] = $newTags[$i];
}
// Get existing tags not in new
for ($i = 0, $len = sizeOf($existingTags); $i < $len; $i++) {
$name = $existingTags[$i]->name;
$type = $existingTags[$i]->type;
foreach ($newTags as $tag) {
if (strtolower($tag->tag) == strtolower($name) && $tag->type == $type) {
continue 2;
}
}
$toRemove[] = $existingTags[$i];
}
foreach ($toAdd as $tag) {
$name = $tag->tag;
$type = $tag->type;
$tagID = Zotero_Tags::getID($this->libraryID, $name, $type, true);
if (!$tagID) {
$tag = new Zotero_Tag();
$tag->libraryID = $this->libraryID;
$tag->name = $name;
$tag->type = $type;
$tagID = $tag->save();
}
$tag = Zotero_Tags::get($this->libraryID, $tagID);
$tag->addItem($this->id);
$tag->save();
}
foreach ($toRemove as $tag) {
$tag->removeItem($this->id);
$tag->save();
}
Zotero_DB::commit();
return $toAdd || $toRemove;
}
public function keys()
{
$userID = $this->objectUserID;
$key = $this->objectName;
$this->allowMethods(['GET', 'POST', 'PUT', 'DELETE']);
if ($this->method == 'GET') {
// Single key
if ($key) {
$keyObj = Zotero_Keys::getByKey($key);
if (!$keyObj) {
$this->e404("Key not found");
}
// /users/<userID>/keys/<keyID> (deprecated)
if ($userID) {
// If we have a userID, make sure it matches
if ($keyObj->userID != $userID) {
$this->e404("Key not found");
}
} else {
if ($this->apiVersion < 3) {
$this->e404();
}
}
if ($this->apiVersion >= 3) {
$json = $keyObj->toJSON();
// If not super-user, don't include name or recent IP addresses
if (!$this->permissions->isSuper()) {
unset($json['dateAdded']);
unset($json['lastUsed']);
unset($json['name']);
unset($json['recentIPs']);
}
header('application/json');
echo Zotero_Utilities::formatJSON($json);
} else {
$this->responseXML = $keyObj->toXML();
// If not super-user, don't include name or recent IP addresses
if (!$this->permissions->isSuper()) {
unset($this->responseXML['dateAdded']);
unset($this->responseXML['lastUsed']);
unset($this->responseXML->name);
unset($this->responseXML->recentIPs);
}
}
} else {
if (!$this->permissions->isSuper()) {
$this->e403();
}
$keyObjs = Zotero_Keys::getUserKeys($userID);
if ($keyObjs) {
if ($this->apiVersion >= 3) {
$json = [];
foreach ($keyObjs as $keyObj) {
$json[] = $keyObj->toJSON();
}
echo Zotero_Utilities::formatJSON($json);
} else {
$xml = new SimpleXMLElement('<keys/>');
$domXML = dom_import_simplexml($xml);
foreach ($keyObjs as $keyObj) {
$keyXML = $keyObj->toXML();
$domKeyXML = dom_import_simplexml($keyXML);
$node = $domXML->ownerDocument->importNode($domKeyXML, true);
$domXML->appendChild($node);
}
$this->responseXML = $xml;
}
}
}
} else {
if ($this->method == 'DELETE') {
if (!$key) {
$this->e400("DELETE requests must end with a key");
}
Zotero_DB::beginTransaction();
$keyObj = Zotero_Keys::getByKey($key);
if (!$keyObj) {
$this->e404("Key '{$key}' does not exist");
}
$keyObj->erase();
Zotero_DB::commit();
header("HTTP/1.1 204 No Content");
exit;
} else {
// Require super-user for modifications
if (!$this->permissions->isSuper()) {
$this->e403();
}
if ($this->method == 'POST') {
if ($key) {
$this->e400("POST requests cannot end with a key (did you mean PUT?)");
}
if ($this->apiVersion >= 3) {
$json = json_decode($this->body, true);
if (!$json) {
$this->e400("{$this->method} data is not valid JSON");
}
if (!empty($json['key'])) {
$this->e400("POST requests cannot contain a key in '" . $this->body . "'");
}
$fields = $this->getFieldsFromJSON($json);
} else {
try {
$keyXML = @new SimpleXMLElement($this->body);
} catch (Exception $e) {
$this->e400("{$this->method} data is not valid XML");
}
if (!empty($key['key'])) {
$this->e400("POST requests cannot contain a key in '" . $this->body . "'");
}
$fields = $this->getFieldsFromKeyXML($keyXML);
}
Zotero_DB::beginTransaction();
try {
$keyObj = new Zotero_Key();
$keyObj->userID = $userID;
foreach ($fields as $field => $val) {
if ($field == 'access') {
foreach ($val as $access) {
$this->setKeyPermissions($keyObj, $access);
}
} else {
$keyObj->{$field} = $val;
}
}
$keyObj->save();
} catch (Exception $e) {
if ($e->getCode() == Z_ERROR_KEY_NAME_TOO_LONG) {
$this->e400($e->getMessage());
}
$this->handleException($e);
}
if ($this->apiVersion >= 3) {
header('application/json');
echo Zotero_Utilities::formatJSON($keyObj->toJSON());
} else {
$this->responseXML = $keyObj->toXML();
}
Zotero_DB::commit();
$url = Zotero_API::getKeyURI($keyObj);
$this->responseCode = 201;
header("Location: " . $url, false, 201);
} else {
if ($this->method == 'PUT') {
if (!$key) {
$this->e400("PUT requests must end with a key (did you mean POST?)");
}
if ($this->apiVersion >= 3) {
$json = json_decode($this->body, true);
if (!$json) {
$this->e400("{$this->method} data is not valid JSON");
}
$fields = $this->getFieldsFromJSON($json);
} else {
try {
$keyXML = @new SimpleXMLElement($this->body);
} catch (Exception $e) {
$this->e400("{$this->method} data is not valid XML");
}
$fields = $this->getFieldsFromKeyXML($keyXML);
}
// Key attribute is optional, but, if it's there, make sure it matches
if (isset($fields['key']) && $fields['key'] != $key) {
$this->e400("Key '{$fields['key']}' does not match key '{$key}' from URI");
}
Zotero_DB::beginTransaction();
try {
$keyObj = Zotero_Keys::getByKey($key);
if (!$keyObj) {
$this->e404("Key '{$key}' does not exist");
}
foreach ($fields as $field => $val) {
if ($field == 'access') {
foreach ($val as $access) {
$this->setKeyPermissions($keyObj, $access);
}
} else {
$keyObj->{$field} = $val;
}
}
$keyObj->save();
} catch (Exception $e) {
if ($e->getCode() == Z_ERROR_KEY_NAME_TOO_LONG) {
$this->e400($e->getMessage());
}
$this->handleException($e);
}
if ($this->apiVersion >= 3) {
echo Zotero_Utilities::formatJSON($keyObj->toJSON());
} else {
$this->responseXML = $keyObj->toXML();
}
Zotero_DB::commit();
}
}
}
}
if ($this->apiVersion >= 3) {
$this->end();
} else {
header('Content-Type: application/xml');
$xmlstr = $this->responseXML->asXML();
$doc = new DOMDocument('1.0');
$doc->loadXML($xmlstr);
$doc->formatOutput = true;
echo $doc->saveXML();
exit;
}
}
public static function copyLibrary($libraryID, $newShardID, $overrideLock = false)
{
$currentShardID = self::getByLibraryID($libraryID);
if ($currentShardID == $newShardID) {
throw new Exception("Library {$libraryID} is already on shard {$newShardID}");
}
if (!self::shardIsWriteable($newShardID)) {
throw new Exception("Shard {$newShardID} is not writeable");
}
if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
throw new Exception("Library {$libraryID} is locked");
}
// Make sure there's no stale data on the new shard
if (self::checkForLibrary($libraryID, $newShardID)) {
throw new Exception("Library {$libraryID} data already exists on shard {$newShardID}");
}
Zotero_DB::beginTransaction();
Zotero_DB::query("SET foreign_key_checks=0", false, $newShardID);
$tables = array('shardLibraries', 'collections', 'creators', 'items', 'relations', 'savedSearches', 'tags', 'collectionItems', 'deletedItems', 'groupItems', 'itemAttachments', 'itemCreators', 'itemData', 'itemNotes', 'itemRelated', 'itemSortFields', 'itemTags', 'savedSearchConditions', 'storageFileItems', 'syncDeleteLogIDs', 'syncDeleteLogKeys');
foreach ($tables as $table) {
if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
Zotero_DB::rollback();
throw new Exception("Aborted due to library lock");
}
switch ($table) {
case 'collections':
case 'creators':
case 'items':
case 'relations':
case 'savedSearches':
case 'shardLibraries':
case 'syncDeleteLogIDs':
case 'syncDeleteLogKeys':
case 'tags':
$sql = "SELECT * FROM {$table} WHERE libraryID=?";
break;
case 'collectionItems':
$sql = "SELECT CI.* FROM collectionItems CI\n\t\t\t\t\t\t\tJOIN collections USING (collectionID) WHERE libraryID=?";
break;
case 'deletedItems':
case 'groupItems':
case 'itemAttachments':
case 'itemCreators':
case 'itemData':
case 'itemNotes':
case 'itemRelated':
case 'itemSortFields':
case 'itemTags':
case 'storageFileItems':
$sql = "SELECT T.* FROM {$table} T JOIN items USING (itemID) WHERE libraryID=?";
break;
case 'savedSearchConditions':
$sql = "SELECT SSC.* FROM savedSearchConditions SSC\n\t\t\t\t\t\t\tJOIN savedSearches USING (searchID) WHERE libraryID=?";
break;
}
$rows = Zotero_DB::query($sql, $libraryID, $currentShardID);
if ($rows) {
$sets = array();
foreach ($rows as $row) {
$sets[] = array_values($row);
}
$sql = "INSERT INTO {$table} VALUES ";
Zotero_DB::bulkInsert($sql, $sets, 50, false, $newShardID);
}
}
Zotero_DB::query("SET foreign_key_checks=1", false, $newShardID);
if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
Zotero_DB::rollback();
throw new Exception("Aborted due to library lock");
}
Zotero_DB::commit();
if (!$overrideLock && Zotero_Libraries::isLocked($libraryID)) {
self::deleteLibrary($libraryID, $newShardID);
throw new Exception("Aborted due to library lock");
}
}
public function storageadmin()
{
if (!$this->permissions->isSuper()) {
$this->e404();
}
$this->allowMethods(array('GET', 'POST'));
Zotero_DB::beginTransaction();
if ($this->method == 'POST') {
if (!isset($_POST['quota'])) {
$this->e400("Quota not provided");
}
// Accept 'unlimited' via API
if ($_POST['quota'] == 'unlimited') {
$_POST['quota'] = self::UNLIMITED;
}
if (!isset($_POST['expiration'])) {
$this->e400("Expiration not provided");
}
if (!is_numeric($_POST['quota']) || $_POST['quota'] < 0) {
$this->e400("Invalid quota");
}
if (!is_numeric($_POST['expiration'])) {
$this->e400("Invalid expiration");
}
$halfHourAgo = strtotime("-30 minutes");
if ($_POST['expiration'] != 0 && $_POST['expiration'] < $halfHourAgo) {
$this->e400("Expiration is in the past");
}
try {
Zotero_Storage::setUserValues($this->objectUserID, $_POST['quota'], $_POST['expiration']);
} catch (Exception $e) {
if ($e->getCode() == Z_ERROR_GROUP_QUOTA_SET_BELOW_USAGE) {
$this->e409("Cannot set quota below current usage");
}
$this->handleException($e);
}
}
// GET request
$xml = new SimpleXMLElement('<storage/>');
$quota = Zotero_Storage::getEffectiveUserQuota($this->objectUserID);
$xml->quota = $quota;
$instQuota = Zotero_Storage::getInstitutionalUserQuota($this->objectUserID);
// If personal quota is in effect
if (!$instQuota || $quota > $instQuota) {
$values = Zotero_Storage::getUserValues($this->objectUserID);
if ($values) {
$xml->expiration = (int) $values['expiration'];
}
}
// Return 'unlimited' via API
if ($quota == self::UNLIMITED) {
$xml->quota = 'unlimited';
}
$usage = Zotero_Storage::getUserUsage($this->objectUserID);
$xml->usage->total = $usage['total'];
$xml->usage->library = $usage['library'];
foreach ($usage['groups'] as $group) {
if (!isset($group['id'])) {
throw new Exception("Group id isn't set");
}
if (!isset($group['usage'])) {
throw new Exception("Group usage isn't set");
}
$xmlGroup = $xml->usage->addChild('group', $group['usage']);
$xmlGroup['id'] = $group['id'];
}
Zotero_DB::commit();
header('application/xml');
echo $xml->asXML();
exit;
}
public static function purgeUnusedFiles()
{
throw new Exception("Now sharded");
self::requireLibrary();
// Get all used files and files that were last deleted more than a month ago
$sql = "SELECT MD5(CONCAT(hash, filename, zip)) AS file FROM storageFiles\n\t\t\t\t\tJOIN storageFileItems USING (storageFileID)\n\t\t\t\tUNION\n\t\t\t\tSELECT MD5(CONCAT(hash, filename, zip)) AS file FROM storageFiles\n\t\t\t\t\tWHERE lastDeleted > NOW() - INTERVAL 1 MONTH";
$files = Zotero_DB::columnQuery($sql);
S3::setAuth(Z_CONFIG::$S3_ACCESS_KEY, Z_CONFIG::$S3_SECRET_KEY);
$s3Files = S3::getBucket(Z_CONFIG::$S3_BUCKET);
$toPurge = array();
foreach ($s3Files as $s3File) {
preg_match('/^([0-9a-g]{32})\\/(c\\/)?(.+)$/', $s3File['name'], $matches);
if (!$matches) {
throw new Exception("Invalid filename '" . $s3File['name'] . "'");
}
$zip = $matches[2] ? '1' : '0';
// Compressed file
$hash = md5($matches[1] . $matches[3] . $zip);
if (!in_array($hash, $files)) {
$toPurge[] = array('hash' => $matches[1], 'filename' => $matches[3], 'zip' => $zip);
}
}
Zotero_DB::beginTransaction();
foreach ($toPurge as $info) {
S3::deleteObject(Z_CONFIG::$S3_BUCKET, self::getPathPrefix($info['hash'], $info['zip']) . $info['filename']);
$sql = "DELETE FROM storageFiles WHERE hash=? AND filename=? AND zip=?";
Zotero_DB::query($sql, array($info['hash'], $info['filename'], $info['zip']));
// TODO: maybe check to make sure associated files haven't just been created?
}
Zotero_DB::commit();
return sizeOf($toPurge);
}
public function erase()
{
if (!$this->loaded) {
Z_Core::debug("Not deleting unloaded group {$this->id}");
return;
}
Zotero_DB::beginTransaction();
$userIDs = self::getUsers();
$this->logGroupLibraryRemoval();
Zotero_Libraries::deleteCachedData($this->libraryID);
Zotero_Libraries::clearAllData($this->libraryID);
$sql = "DELETE FROM shardLibraries WHERE libraryID=?";
$deleted = Zotero_DB::query($sql, $this->libraryID, Zotero_Shards::getByLibraryID($this->libraryID));
if (!$deleted) {
throw new Exception("Group not deleted");
}
$sql = "DELETE FROM libraries WHERE libraryID=?";
$deleted = Zotero_DB::query($sql, $this->libraryID);
if (!$deleted) {
throw new Exception("Group not deleted");
}
// Delete key permissions for this library, and then delete any keys
// that had no other permissions
$sql = "SELECT keyID FROM keyPermissions WHERE libraryID=?";
$keyIDs = Zotero_DB::columnQuery($sql, $this->libraryID);
if ($keyIDs) {
$sql = "DELETE FROM keyPermissions WHERE libraryID=?";
Zotero_DB::query($sql, $this->libraryID);
$sql = "DELETE K FROM `keys` K LEFT JOIN keyPermissions KP USING (keyID)\n\t\t\t\t\tWHERE keyID IN (" . implode(', ', array_fill(0, sizeOf($keyIDs), '?')) . ") AND KP.keyID IS NULL";
Zotero_DB::query($sql, $keyIDs);
}
// If group is locked by a sync, flag group for a timestamp update
// once the sync is done so that the uploading user gets the change
try {
foreach ($userIDs as $userID) {
if ($syncUploadQueueID = Zotero_Sync::getUploadQueueIDByUserID($userID)) {
Zotero_Sync::postWriteLog($syncUploadQueueID, 'group', $this->id, 'delete');
}
}
} catch (Exception $e) {
Z_Core::logError($e);
}
Zotero_Notifier::trigger('delete', 'library', $this->libraryID);
Zotero_DB::commit();
$this->erased = true;
}
public static function addCustomType($name)
{
if (self::getID($name)) {
trigger_error("Item type '{$name}' already exists", E_USER_ERROR);
}
if (!preg_match('/^[a-z][^\\s0-9]+$/', $name)) {
trigger_error("Invalid item type name '{$name}'", E_USER_ERROR);
}
// TODO: make sure user hasn't added too many already
Zotero_DB::beginTransaction();
$sql = "SELECT NEXT_ID(creatorTypeID) FROM creatorTypes";
$creatorTypeID = Zotero_DB::valueQuery($sql);
$sql = "INSERT INTO creatorTypes (?, ?, ?)";
Zotero_DB::query($sql, array($creatorTypeID, $name, 1));
Zotero_DB::commit();
return $creatorTypeID;
}
public function searches()
{
if ($this->apiVersion < 2) {
$this->e404();
}
// Check for general library access
if (!$this->permissions->canAccess($this->objectLibraryID)) {
$this->e403();
}
if ($this->isWriteMethod()) {
// Check for library write access
if (!$this->permissions->canWrite($this->objectLibraryID)) {
$this->e403("Write access denied");
}
// Make sure library hasn't been modified
if (!$this->singleObject) {
$libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion();
}
Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID);
}
$results = array();
// Single search
if ($this->singleObject) {
$this->allowMethods(['HEAD', 'GET', 'PUT', 'PATCH', 'DELETE']);
$search = Zotero_Searches::getByLibraryAndKey($this->objectLibraryID, $this->objectKey);
if ($this->isWriteMethod()) {
$search = $this->handleObjectWrite('search', $search ? $search : null);
$this->e204();
}
if (!$search) {
$this->e404("Search not found");
}
$this->libraryVersion = $search->version;
if ($this->method == 'HEAD') {
$this->end();
}
// Display search
switch ($this->queryParams['format']) {
case 'atom':
$this->responseXML = $search->toAtom($this->queryParams);
break;
case 'json':
$json = $search->toResponseJSON($this->queryParams, $this->permissions);
echo Zotero_Utilities::formatJSON($json);
break;
default:
throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
}
} else {
$this->allowMethods(['HEAD', 'GET', 'POST', 'DELETE']);
$this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
// Create a search
if ($this->method == 'POST') {
$this->queryParams['format'] = 'writereport';
$obj = $this->jsonDecode($this->body);
$results = Zotero_Searches::updateMultipleFromJSON($obj, $this->objectLibraryID, $this->queryParams, $this->userID, $libraryTimestampChecked ? 0 : 1, null);
if ($cacheKey = $this->getWriteTokenCacheKey()) {
Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime);
}
} else {
if ($this->method == 'DELETE') {
Zotero_DB::beginTransaction();
foreach ($this->queryParams['searchKey'] as $searchKey) {
Zotero_Searches::delete($this->objectLibraryID, $searchKey);
}
Zotero_DB::commit();
$this->e204();
} else {
$title = "Searches";
$results = Zotero_Searches::search($this->objectLibraryID, $this->queryParams);
}
}
$options = ['action' => $this->action, 'uri' => $this->uri, 'results' => $results, 'requestParams' => $this->queryParams, 'permissions' => $this->permissions, 'head' => $this->method == 'HEAD'];
switch ($this->queryParams['format']) {
case 'atom':
$this->responseXML = Zotero_API::multiResponse(array_merge($options, ['title' => $this->getFeedNamePrefix($this->objectLibraryID) . $title]));
break;
case 'json':
case 'keys':
case 'versions':
case 'writereport':
Zotero_API::multiResponse($options);
break;
default:
throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
}
}
$this->end();
}
public static function updateFileItemInfo($item, $storageFileID, Zotero_StorageFileInfo $info, $client = false)
{
if (!$item->isImportedAttachment()) {
throw new Exception("Cannot add storage file for linked file/URL");
}
Zotero_DB::beginTransaction();
if (!$client) {
Zotero_Libraries::updateVersionAndTimestamp($item->libraryID);
}
self::updateLastAdded($storageFileID);
// Note: We set the size on the shard so that usage queries are instantaneous
$sql = "INSERT INTO storageFileItems (storageFileID, itemID, mtime, size) VALUES (?,?,?,?)\n\t\t\t\tON DUPLICATE KEY UPDATE storageFileID=?, mtime=?, size=?";
Zotero_DB::query($sql, array($storageFileID, $item->id, $info->mtime, $info->size, $storageFileID, $info->mtime, $info->size), Zotero_Shards::getByLibraryID($item->libraryID));
// 4.0 client doesn't set filename for ZIP files
if (!$info->zip || !empty($info->itemFilename)) {
$item->attachmentFilename = !empty($info->itemFilename) ? $info->itemFilename : $info->filename;
}
$item->attachmentStorageHash = !empty($info->itemHash) ? $info->itemHash : $info->hash;
$item->attachmentStorageModTime = $info->mtime;
// contentType and charset may not have been included in the
// upload authorization, in which case we shouldn't overwrite
// any values that may already be set on the attachment
if (isset($info->contentType)) {
$item->attachmentMIMEType = $info->contentType;
}
if (isset($info->charset)) {
$item->attachmentCharset = $info->charset;
}
$item->save();
Zotero_DB::commit();
}
public static function updateFromJSON(Zotero_Item $item, $json, $isNew = false, Zotero_Item $parentItem = null, $userID = null)
{
self::validateJSONItem($json, $item->libraryID, $isNew ? null : $item, !is_null($parentItem));
Zotero_DB::beginTransaction();
// Mark library as updated
if (!$isNew) {
$timestamp = Zotero_Libraries::updateTimestamps($item->libraryID);
Zotero_DB::registerTransactionTimestamp($timestamp);
}
$forceChange = false;
$twoStage = false;
// Set itemType first
$item->setField("itemTypeID", Zotero_ItemTypes::getID($json->itemType));
foreach ($json as $key => $val) {
switch ($key) {
case 'itemType':
continue;
case 'deleted':
continue;
case 'creators':
if (!$val && !$item->numCreators()) {
continue 2;
}
$orderIndex = -1;
foreach ($val as $orderIndex => $newCreatorData) {
if ((!isset($newCreatorData->name) || trim($newCreatorData->name) == "") && (!isset($newCreatorData->firstName) || trim($newCreatorData->firstName) == "") && (!isset($newCreatorData->lastName) || trim($newCreatorData->lastName) == "")) {
// This should never happen, because of check in validateJSONItem()
if (!$isNew) {
throw new Exception("Nameless creator in update request");
}
// On item creation, ignore creators with empty names,
// because that's in the item template that the API returns
break;
}
// JSON uses 'name' and 'firstName'/'lastName',
// so switch to just 'firstName'/'lastName'
if (isset($newCreatorData->name)) {
$newCreatorData->firstName = '';
$newCreatorData->lastName = $newCreatorData->name;
unset($newCreatorData->name);
$newCreatorData->fieldMode = 1;
} else {
$newCreatorData->fieldMode = 0;
}
$newCreatorTypeID = Zotero_CreatorTypes::getID($newCreatorData->creatorType);
// Same creator in this position
$existingCreator = $item->getCreator($orderIndex);
if ($existingCreator && $existingCreator['ref']->equals($newCreatorData)) {
// Just change the creatorTypeID
if ($existingCreator['creatorTypeID'] != $newCreatorTypeID) {
$item->setCreator($orderIndex, $existingCreator['ref'], $newCreatorTypeID);
}
continue;
}
// Same creator in a different position, so use that
$existingCreators = $item->getCreators();
for ($i = 0, $len = sizeOf($existingCreators); $i < $len; $i++) {
if ($existingCreators[$i]['ref']->equals($newCreatorData)) {
$item->setCreator($orderIndex, $existingCreators[$i]['ref'], $newCreatorTypeID);
continue;
}
}
// Make a fake creator to use for the data lookup
$newCreator = new Zotero_Creator();
$newCreator->libraryID = $item->libraryID;
foreach ($newCreatorData as $key => $val) {
if ($key == 'creatorType') {
continue;
}
$newCreator->{$key} = $val;
}
// Look for an equivalent creator in this library
$candidates = Zotero_Creators::getCreatorsWithData($item->libraryID, $newCreator, true);
if ($candidates) {
$c = Zotero_Creators::get($item->libraryID, $candidates[0]);
$item->setCreator($orderIndex, $c, $newCreatorTypeID);
continue;
}
// None found, so make a new one
$creatorID = $newCreator->save();
$newCreator = Zotero_Creators::get($item->libraryID, $creatorID);
$item->setCreator($orderIndex, $newCreator, $newCreatorTypeID);
}
// Remove all existing creators above the current index
if (!$isNew && ($indexes = array_keys($item->getCreators()))) {
$i = max($indexes);
while ($i > $orderIndex) {
$item->removeCreator($i);
$i--;
}
}
break;
case 'tags':
// If item isn't yet saved, add tags below
if (!$item->id) {
$twoStage = true;
break;
}
if ($item->setTags($val)) {
$forceChange = true;
}
break;
case 'attachments':
case 'notes':
if (!$val) {
continue;
}
$twoStage = true;
break;
case 'note':
$item->setNote($val);
break;
// Attachment properties
// Attachment properties
case 'linkMode':
$item->attachmentLinkMode = Zotero_Attachments::linkModeNameToNumber($val, true);
break;
case 'contentType':
case 'charset':
case 'filename':
$k = "attachment" . ucwords($key);
$item->{$k} = $val;
break;
case 'md5':
$item->attachmentStorageHash = $val;
break;
case 'mtime':
$item->attachmentStorageModTime = $val;
break;
default:
$item->setField($key, $val);
break;
}
}
if ($parentItem) {
$item->setSource($parentItem->id);
}
$item->deleted = !empty($json->deleted);
// For changes that don't register as changes internally, force a dateModified update
if ($forceChange) {
$item->setField('dateModified', Zotero_DB::getTransactionTimestamp());
}
$item->save($userID);
// Additional steps that have to be performed on a saved object
if ($twoStage) {
foreach ($json as $key => $val) {
switch ($key) {
case 'attachments':
if (!$val) {
continue;
}
foreach ($val as $attachment) {
$childItem = new Zotero_Item();
$childItem->libraryID = $item->libraryID;
self::updateFromJSON($childItem, $attachment, true, $item, $userID);
}
break;
case 'notes':
if (!$val) {
continue;
}
$noteItemTypeID = Zotero_ItemTypes::getID("note");
foreach ($val as $note) {
$childItem = new Zotero_Item();
$childItem->libraryID = $item->libraryID;
$childItem->itemTypeID = $noteItemTypeID;
$childItem->setSource($item->id);
$childItem->setNote($note->note);
$childItem->save();
}
break;
case 'tags':
if ($item->setTags($val)) {
$forceChange = true;
}
break;
}
}
// For changes that don't register as changes internally, force a dateModified update
if ($forceChange) {
$item->setField('dateModified', Zotero_DB::getTransactionTimestamp());
}
$item->save($userID);
}
Zotero_DB::commit();
}
public function settings()
{
if ($this->apiVersion < 2) {
$this->e404();
}
// Check for general library access
if (!$this->permissions->canAccess($this->objectLibraryID)) {
$this->e403();
}
if ($this->isWriteMethod()) {
Zotero_DB::beginTransaction();
// Check for library write access
if (!$this->permissions->canWrite($this->objectLibraryID)) {
$this->e403("Write access denied");
}
// Make sure library hasn't been modified
if (!$this->singleObject) {
$libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion();
}
Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID);
}
// Single setting
if ($this->singleObject) {
$this->allowMethods(array('GET', 'PUT', 'DELETE'));
$setting = Zotero_Settings::getByLibraryAndKey($this->objectLibraryID, $this->objectKey);
if (!$setting) {
if ($this->method == 'PUT') {
$setting = new Zotero_Setting();
$setting->libraryID = $this->objectLibraryID;
$setting->name = $this->objectKey;
} else {
$this->e404("Setting not found");
}
}
if ($this->isWriteMethod()) {
if ($this->method == 'PUT') {
$json = $this->jsonDecode($this->body);
$objectVersionValidated = $this->checkSingleObjectWriteVersion('setting', $setting, $json);
}
$this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
// Update setting
if ($this->method == 'PUT') {
$changed = Zotero_Settings::updateFromJSON($setting, $json, $this->queryParams, $this->userID, $objectVersionValidated ? 0 : 2);
// If not updated, return the original library version
if (!$changed) {
$this->libraryVersion = Zotero_Libraries::getOriginalVersion($this->objectLibraryID);
Zotero_DB::rollback();
$this->e204();
}
} else {
if ($this->method == 'DELETE') {
Zotero_Settings::delete($this->objectLibraryID, $this->objectKey);
} else {
throw new Exception("Unexpected method {$this->method}");
}
}
Zotero_DB::commit();
$this->e204();
} else {
$this->libraryVersion = $setting->version;
$json = $setting->toJSON(true, $this->queryParams);
echo Zotero_Utilities::formatJSON($json);
}
} else {
$this->allowMethods(array('GET', 'POST'));
$this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
// Create a setting
if ($this->method == 'POST') {
$obj = $this->jsonDecode($this->body);
$changed = Zotero_Settings::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null);
// If not updated, return the original library version
if (!$changed) {
$this->libraryVersion = Zotero_Libraries::getOriginalVersion($this->objectLibraryID);
}
Zotero_DB::commit();
$this->e204();
} else {
$settings = Zotero_Settings::search($this->objectLibraryID, $this->queryParams);
$json = new stdClass();
foreach ($settings as $setting) {
$json->{$setting->name} = $setting->toJSON(true, $this->queryParams);
}
echo Zotero_Utilities::formatJSON($json);
}
}
$this->end();
}
/**
* @param Zotero_Collection $collection The collection object to update;
* this should be either an existing
* collection or a new collection
* with a library assigned.
* @param object $json Collection data to write
* @param boolean [$requireVersion=0] See Zotero_API::checkJSONObjectVersion()
* @return boolean True if the collection was changed, false otherwise
*/
public static function updateFromJSON(Zotero_Collection $collection, $json, $requestParams, $userID, $requireVersion = 0, $partialUpdate = false)
{
$json = Zotero_API::extractEditableJSON($json);
$exists = Zotero_API::processJSONObjectKey($collection, $json, $requestParams);
Zotero_API::checkJSONObjectVersion($collection, $json, $requestParams, $requireVersion);
self::validateJSONCollection($json, $requestParams, $partialUpdate && $exists);
$changed = false;
if (!Zotero_DB::transactionInProgress()) {
Zotero_DB::beginTransaction();
$transactionStarted = true;
} else {
$transactionStarted = false;
}
if (isset($json->name)) {
$collection->name = $json->name;
}
if ($requestParams['v'] >= 2 && isset($json->parentCollection)) {
$collection->parentKey = $json->parentCollection;
} else {
if ($requestParams['v'] < 2 && isset($json->parent)) {
$collection->parentKey = $json->parent;
} else {
if (!$partialUpdate) {
$collection->parent = false;
}
}
}
$changed = $collection->save() || $changed;
if ($requestParams['v'] >= 2) {
if (isset($json->relations)) {
$changed = $collection->setRelations($json->relations, $userID) || $changed;
} else {
if (!$partialUpdate) {
$changed = $collection->setRelations(new stdClass(), $userID) || $changed;
}
}
}
if ($transactionStarted) {
Zotero_DB::commit();
}
return $changed;
}
public static function addCustomType($name)
{
if (self::getID($name)) {
throw new Exception("Item type '{$name}' already exists");
}
if (!preg_match('/^[a-z][^\\s0-9]+$/', $name)) {
throw new Exception("Invalid item type name '{$name}'");
}
// TODO: make sure user hasn't added too many already
throw new Exception("Unimplemented");
// TODO: add to cache
Zotero_DB::beginTransaction();
$sql = "SELECT NEXT_ID(itemTypeID) FROM itemTypes";
$itemTypeID = Zotero_DB::valueQuery($sql);
$sql = "INSERT INTO itemTypes (?, ?, ?)";
Zotero_DB::query($sql, array($itemTypeID, $name, 1));
Zotero_DB::commit();
return $itemTypeID;
}
public function save($fixGaps = false)
{
if (!$this->libraryID) {
throw new Exception("Library ID must be set before saving");
}
Zotero_Searches::editCheck($this);
if (!$this->changed) {
Z_Core::debug("Search {$this->id} has not changed");
return false;
}
if (!isset($this->name) || $this->name === '') {
throw new Exception("Name not provided for saved search");
}
$shardID = Zotero_Shards::getByLibraryID($this->libraryID);
Zotero_DB::beginTransaction();
$isNew = !$this->id || !$this->exists();
try {
$searchID = $this->id ? $this->id : Zotero_ID::get('savedSearches');
Z_Core::debug("Saving search {$this->id}");
if (!$isNew) {
$sql = "DELETE FROM savedSearchConditions WHERE searchID=?";
Zotero_DB::query($sql, $searchID, $shardID);
}
$key = $this->key ? $this->key : $this->generateKey();
$fields = "searchName=?, libraryID=?, `key`=?, dateAdded=?, dateModified=?,\n\t\t\t\t\t\tserverDateModified=?";
$timestamp = Zotero_DB::getTransactionTimestamp();
$params = array($this->name, $this->libraryID, $key, $this->dateAdded ? $this->dateAdded : $timestamp, $this->dateModified ? $this->dateModified : $timestamp, $timestamp);
$shardID = Zotero_Shards::getByLibraryID($this->libraryID);
if ($isNew) {
$sql = "INSERT INTO savedSearches SET searchID=?, {$fields}";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge(array($searchID), $params));
Zotero_Searches::cacheLibraryKeyID($this->libraryID, $key, $searchID);
// Remove from delete log if it's there
$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='search' AND `key`=?";
Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
} else {
$sql = "UPDATE savedSearches SET {$fields} WHERE searchID=?";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge($params, array($searchID)));
}
// Close gaps in savedSearchIDs
$saveConditions = array();
$i = 1;
foreach ($this->conditions as $id => $condition) {
if (!$fixGaps && $id != $i) {
trigger_error('searchConditionIDs not contiguous and |fixGaps| not set in save() of saved search ' . $this->id, E_USER_ERROR);
}
$saveConditions[$i] = $condition;
$i++;
}
$this->conditions = $saveConditions;
// TODO: use proper bound parameters once DB class is updated
foreach ($this->conditions as $searchConditionID => $condition) {
$sql = "INSERT INTO savedSearchConditions (searchID,\n\t\t\t\t\t\tsearchConditionID, `condition`, mode, operator,\n\t\t\t\t\t\tvalue, required) VALUES (?,?,?,?,?,?,?)";
$sqlParams = array($searchID, $searchConditionID, $condition['condition'], $condition['mode'] ? $condition['mode'] : '', $condition['operator'] ? $condition['operator'] : '', $condition['value'] ? $condition['value'] : '', $condition['required'] ? 1 : 0);
try {
Zotero_DB::query($sql, $sqlParams, $shardID);
} catch (Exception $e) {
$msg = $e->getMessage();
if (strpos($msg, "Data too long for column 'value'") !== false) {
throw new Exception("=Value '" . mb_substr($condition['value'], 0, 75) . "…' too long in saved search '" . $this->name . "'");
}
throw $e;
}
}
Zotero_DB::commit();
} catch (Exception $e) {
Zotero_DB::rollback();
throw $e;
}
// If successful, set values in object
if (!$this->id) {
$this->id = $searchID;
}
if (!$this->key) {
$this->key = $key;
}
return $this->id;
}
public function collections()
{
// Check for general library access
if (!$this->permissions->canAccess($this->objectLibraryID)) {
$this->e403();
}
if ($this->isWriteMethod()) {
// Check for library write access
if (!$this->permissions->canWrite($this->objectLibraryID)) {
$this->e403("Write access denied");
}
// Make sure library hasn't been modified
if (!$this->singleObject) {
$libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion();
}
Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID);
}
$collectionIDs = array();
$collectionKeys = array();
$results = array();
// Single collection
if ($this->singleObject) {
$this->allowMethods(['HEAD', 'GET', 'PUT', 'PATCH', 'DELETE']);
if (!Zotero_ID::isValidKey($this->objectKey)) {
$this->e404();
}
$collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->objectKey);
if ($this->isWriteMethod()) {
$collection = $this->handleObjectWrite('collection', $collection ? $collection : null);
$this->queryParams['content'] = ['json'];
}
if (!$collection) {
$this->e404("Collection not found");
}
$this->libraryVersion = $collection->version;
if ($this->method == 'HEAD') {
$this->end();
}
switch ($this->queryParams['format']) {
case 'atom':
$this->responseXML = Zotero_Collections::convertCollectionToAtom($collection, $this->queryParams);
break;
case 'json':
$json = $collection->toResponseJSON($this->queryParams, $this->permissions);
echo Zotero_Utilities::formatJSON($json);
break;
default:
throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
}
} else {
$this->allowMethods(['HEAD', 'GET', 'POST', 'DELETE']);
$this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID);
if ($this->scopeObject) {
$this->allowMethods(array('GET'));
switch ($this->scopeObject) {
case 'collections':
$collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->scopeObjectKey);
if (!$collection) {
$this->e404("Collection not found");
}
$title = "Child Collections of ‘{$collection->name}'’";
$collectionIDs = $collection->getChildCollections();
break;
default:
throw new Exception("Invalid collections scope object '{$this->scopeObject}'");
}
} else {
// Top-level items
if ($this->subset == 'top') {
$this->allowMethods(array('GET'));
$title = "Top-Level Collections";
$results = Zotero_Collections::search($this->objectLibraryID, true, $this->queryParams);
} else {
// Create a collection
if ($this->method == 'POST') {
$this->queryParams['format'] = 'writereport';
$obj = $this->jsonDecode($this->body);
$results = Zotero_Collections::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null);
if ($cacheKey = $this->getWriteTokenCacheKey()) {
Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime);
}
if ($this->apiVersion < 2) {
$uri = Zotero_API::getCollectionsURI($this->objectLibraryID);
$keys = array_merge(get_object_vars($results['success']), get_object_vars($results['unchanged']));
$queryString = "collectionKey=" . urlencode(implode(",", $keys)) . "&format=atom&content=json&order=collectionKeyList&sort=asc";
if ($this->apiKey) {
$queryString .= "&key=" . $this->apiKey;
}
$uri .= "?" . $queryString;
$this->queryParams = Zotero_API::parseQueryParams($queryString, $this->action, true, $this->apiVersion);
$title = "Collections";
$results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams);
}
} else {
if ($this->method == 'DELETE') {
Zotero_DB::beginTransaction();
foreach ($this->queryParams['collectionKey'] as $collectionKey) {
Zotero_Collections::delete($this->objectLibraryID, $collectionKey);
}
Zotero_DB::commit();
$this->e204();
} else {
$title = "Collections";
$results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams);
}
}
}
}
if ($collectionIDs) {
$this->queryParams['collectionIDs'] = $collectionIDs;
$results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams);
}
$options = ['action' => $this->action, 'uri' => $this->uri, 'results' => $results, 'requestParams' => $this->queryParams, 'permissions' => $this->permissions, 'head' => $this->method == 'HEAD'];
switch ($this->queryParams['format']) {
case 'atom':
$this->responseXML = Zotero_API::multiResponse(array_merge($options, ['title' => $this->getFeedNamePrefix($this->objectLibraryID) . $title]));
break;
case 'json':
case 'keys':
case 'versions':
case 'writereport':
Zotero_API::multiResponse($options);
break;
default:
throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'");
}
}
$this->end();
}
public static function deleteByLibrary($libraryID)
{
Zotero_DB::beginTransaction();
// Delete from MySQL
self::deleteByLibraryMySQL($libraryID);
// Delete from Elasticsearch
$type = self::getWriteType();
$libraryQuery = new \Elastica\Query\Term();
$libraryQuery->setTerm("libraryID", $libraryID);
$query = new \Elastica\Query($libraryQuery);
$start = microtime(true);
$response = $type->deleteByQuery($query);
StatsD::timing("elasticsearch.client.item_fulltext.delete_library", (microtime(true) - $start) * 1000);
if ($response->hasError()) {
throw new Exception($response->getError());
}
Zotero_DB::commit();
}
public function save()
{
if (!$this->libraryID) {
trigger_error("Library ID must be set before saving", E_USER_ERROR);
}
Zotero_Creators::editCheck($this);
// If empty, move on
if ($this->firstName === '' && $this->lastName === '') {
throw new Exception('First and last name are empty');
}
if ($this->fieldMode == 1 && $this->firstName !== '') {
throw new Exception('First name must be empty in single-field mode');
}
if (!$this->hasChanged()) {
Z_Core::debug("Creator {$this->id} has not changed");
return false;
}
Zotero_DB::beginTransaction();
try {
$creatorID = $this->id ? $this->id : Zotero_ID::get('creators');
$isNew = !$this->id;
Z_Core::debug("Saving creator {$this->id}");
$key = $this->key ? $this->key : $this->generateKey();
$timestamp = Zotero_DB::getTransactionTimestamp();
$dateAdded = $this->dateAdded ? $this->dateAdded : $timestamp;
$dateModified = $this->changed['dateModified'] ? $this->dateModified : $timestamp;
$fields = "firstName=?, lastName=?, fieldMode=?,\n\t\t\t\t\t\tlibraryID=?, `key`=?, dateAdded=?, dateModified=?, serverDateModified=?";
$params = array($this->firstName, $this->lastName, $this->fieldMode, $this->libraryID, $key, $dateAdded, $dateModified, $timestamp);
$shardID = Zotero_Shards::getByLibraryID($this->libraryID);
try {
if ($isNew) {
$sql = "INSERT INTO creators SET creatorID=?, {$fields}";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge(array($creatorID), $params));
// Remove from delete log if it's there
$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='creator' AND `key`=?";
Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
} else {
$sql = "UPDATE creators SET {$fields} WHERE creatorID=?";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge($params, array($creatorID)));
}
} catch (Exception $e) {
if (strpos($e->getMessage(), " too long") !== false) {
if (strlen($this->firstName) > 255) {
throw new Exception("=First name '" . mb_substr($this->firstName, 0, 50) . "…' too long");
}
if (strlen($this->lastName) > 255) {
if ($this->fieldMode == 1) {
throw new Exception("=Last name '" . mb_substr($this->lastName, 0, 50) . "…' too long");
} else {
throw new Exception("=Name '" . mb_substr($this->lastName, 0, 50) . "…' too long");
}
}
}
throw $e;
}
// The client updates the mod time of associated items here, but
// we don't, because either A) this is from syncing, where appropriate
// mod times come from the client or B) the change is made through
// $item->setCreator(), which updates the mod time.
//
// If the server started to make other independent creator changes,
// linked items would need to be updated.
Zotero_DB::commit();
Zotero_Creators::cachePrimaryData(array('id' => $creatorID, 'libraryID' => $this->libraryID, 'key' => $key, 'dateAdded' => $dateAdded, 'dateModified' => $dateModified, 'firstName' => $this->firstName, 'lastName' => $this->lastName, 'fieldMode' => $this->fieldMode));
} catch (Exception $e) {
Zotero_DB::rollback();
throw $e;
}
// If successful, set values in object
if (!$this->id) {
$this->id = $creatorID;
}
if (!$this->key) {
$this->key = $key;
}
$this->init();
if ($isNew) {
Zotero_Creators::cache($this);
Zotero_Creators::cacheLibraryKeyID($this->libraryID, $key, $creatorID);
}
// TODO: invalidate memcache?
return $this->id;
}
/**
* Used for integration tests
*
* Valid only on testing site
*/
public function testSetup()
{
if (!$this->permissions->isSuper()) {
$this->e404();
}
if (!Z_ENV_TESTING_SITE) {
$this->e404();
}
$this->allowMethods(['POST']);
if (empty($_GET['u'])) {
throw new Exception("User not provided (e.g., ?u=1)");
}
$userID = $_GET['u'];
// Clear keys
$keys = Zotero_Keys::getUserKeys($userID);
foreach ($keys as $keyObj) {
$keyObj->erase();
}
$keys = Zotero_Keys::getUserKeys($userID);
if ($keys) {
throw new Exception("Keys still exist");
}
// Create new key
$keyObj = new Zotero_Key();
$keyObj->userID = $userID;
$keyObj->name = "Tests Key";
$libraryID = Zotero_Users::getLibraryIDFromUserID($userID);
$keyObj->setPermission($libraryID, 'library', true);
$keyObj->setPermission($libraryID, 'notes', true);
$keyObj->setPermission($libraryID, 'write', true);
$keyObj->setPermission(0, 'group', true);
$keyObj->setPermission(0, 'write', true);
$keyObj->save();
$key = $keyObj->key;
Zotero_DB::beginTransaction();
// Clear data
Zotero_Users::clearAllData($userID);
// Delete publications library, so we can test auto-creating it
$publicationsLibraryID = Zotero_Users::getLibraryIDFromUserID($userID, 'publications');
if ($publicationsLibraryID) {
// Delete user publications shard library
$sql = "DELETE FROM shardLibraries WHERE libraryID=?";
Zotero_DB::query($sql, $publicationsLibraryID, Zotero_Shards::getByUserID($userID));
// Delete user publications library
$sql = "DELETE FROM libraries WHERE libraryID=?";
Zotero_DB::query($sql, $publicationsLibraryID);
Z_Core::$MC->delete('userPublicationsLibraryID_' . $userID);
Z_Core::$MC->delete('libraryUserID_' . $publicationsLibraryID);
}
Zotero_DB::commit();
echo json_encode(["apiKey" => $key]);
$this->end();
}
/**
* Updates the collection's relations. No separate save of the collection is required.
*
* @param object $newRelations Object with predicates as keys and URIs as values
* @param int $userID User making the change
*/
public function setRelations($newRelations, $userID)
{
if (!$this->_id) {
throw new Exception('collectionID not set');
}
// An empty array is allowed by updateFromJSON()
if (is_array($newRelations) && empty($newRelations)) {
$newRelations = new stdClass();
}
Zotero_DB::beginTransaction();
// Get arrays from objects
$oldRelations = get_object_vars($this->getRelations());
$newRelations = get_object_vars($newRelations);
$toAdd = array_diff($newRelations, $oldRelations);
$toRemove = array_diff($oldRelations, $newRelations);
if (!$toAdd && !$toRemove) {
Zotero_DB::commit();
return false;
}
$subject = Zotero_URI::getCollectionURI($this);
foreach ($toAdd as $predicate => $object) {
Zotero_Relations::add($this->libraryID, $subject, $predicate, $object);
}
foreach ($toRemove as $predicate => $object) {
$relations = Zotero_Relations::getByURIs($this->libraryID, $subject, $predicate, $object);
foreach ($relations as $relation) {
Zotero_Relations::delete($this->libraryID, $relation->key);
}
}
$this->updateVersion($userID);
Zotero_DB::commit();
return true;
}
public static function delete($libraryID, $key, $updateLibrary = false)
{
$table = static::field('table');
$id = static::field('id');
$type = static::field('object');
$types = static::field('objects');
if (!$key) {
throw new Exception("Invalid key {$key}");
}
// Get object (and trigger caching)
$obj = static::getByLibraryAndKey($libraryID, $key);
if (!$obj) {
return;
}
static::editCheck($obj);
Z_Core::debug("Deleting {$type} {$libraryID}/{$key}", 4);
$shardID = Zotero_Shards::getByLibraryID($libraryID);
Zotero_DB::beginTransaction();
// Needed for API deletes to get propagated via sync
if ($updateLibrary) {
$timestamp = Zotero_Libraries::updateTimestamps($obj->libraryID);
Zotero_DB::registerTransactionTimestamp($timestamp);
}
// Delete child items
if ($type == 'item') {
if ($obj->isRegularItem()) {
$children = array_merge($obj->getNotes(), $obj->getAttachments());
if ($children) {
$children = Zotero_Items::get($libraryID, $children);
foreach ($children as $child) {
static::delete($child->libraryID, $child->key);
}
}
}
}
if ($type == 'relation') {
// TODO: add key column to relations to speed this up
$sql = "DELETE FROM {$table} WHERE libraryID=? AND MD5(CONCAT(subject, '_', predicate, '_', object))=?";
$deleted = Zotero_DB::query($sql, array($libraryID, $key), $shardID);
} else {
$sql = "DELETE FROM {$table} WHERE libraryID=? AND `key`=?";
$deleted = Zotero_DB::query($sql, array($libraryID, $key), $shardID);
}
unset(self::$idCache[$type][$libraryID][$key]);
static::uncachePrimaryData($libraryID, $key);
if ($deleted) {
$sql = "INSERT INTO syncDeleteLogKeys (libraryID, objectType, `key`, timestamp)\n\t\t\t\t\t\tVALUES (?, '{$type}', ?, ?) ON DUPLICATE KEY UPDATE timestamp=?";
$timestamp = Zotero_DB::getTransactionTimestamp();
$params = array($libraryID, $key, $timestamp, $timestamp);
Zotero_DB::query($sql, $params, $shardID);
}
Zotero_DB::commit();
}
public function save($userID = false)
{
if (!$this->libraryID) {
throw new Exception("Library ID must be set before saving");
}
Zotero_Searches::editCheck($this, $userID);
if (!$this->changed) {
Z_Core::debug("Search {$this->id} has not changed");
return false;
}
if (!isset($this->name) || $this->name === '') {
throw new Exception("Name not provided for saved search");
}
$shardID = Zotero_Shards::getByLibraryID($this->libraryID);
Zotero_DB::beginTransaction();
$isNew = !$this->id || !$this->exists();
try {
$searchID = $this->id ? $this->id : Zotero_ID::get('savedSearches');
Z_Core::debug("Saving search {$this->id}");
if (!$isNew) {
$sql = "DELETE FROM savedSearchConditions WHERE searchID=?";
Zotero_DB::query($sql, $searchID, $shardID);
}
$key = $this->key ? $this->key : Zotero_ID::getKey();
$fields = "searchName=?, libraryID=?, `key`=?, dateAdded=?, dateModified=?,\n\t\t\t\t\t\tserverDateModified=?, version=?";
$timestamp = Zotero_DB::getTransactionTimestamp();
$params = array($this->name, $this->libraryID, $key, $this->dateAdded ? $this->dateAdded : $timestamp, $this->dateModified ? $this->dateModified : $timestamp, $timestamp, Zotero_Libraries::getUpdatedVersion($this->libraryID));
$shardID = Zotero_Shards::getByLibraryID($this->libraryID);
if ($isNew) {
$sql = "INSERT INTO savedSearches SET searchID=?, {$fields}";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge(array($searchID), $params));
// Remove from delete log if it's there
$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='search' AND `key`=?";
Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
} else {
$sql = "UPDATE savedSearches SET {$fields} WHERE searchID=?";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge($params, array($searchID)));
}
foreach ($this->conditions as $searchConditionID => $condition) {
$sql = "INSERT INTO savedSearchConditions (searchID,\n\t\t\t\t\t\tsearchConditionID, `condition`, mode, operator,\n\t\t\t\t\t\tvalue, required) VALUES (?,?,?,?,?,?,?)";
$sqlParams = array($searchID, $searchConditionID + 1, $condition['condition'], $condition['mode'] ? $condition['mode'] : '', $condition['operator'] ? $condition['operator'] : '', $condition['value'] ? $condition['value'] : '', !empty($condition['required']) ? 1 : 0);
try {
Zotero_DB::query($sql, $sqlParams, $shardID);
} catch (Exception $e) {
$msg = $e->getMessage();
if (strpos($msg, "Data too long for column 'value'") !== false) {
throw new Exception("=Value '" . mb_substr($condition['value'], 0, 75) . "…' too long in saved search '" . $this->name . "'");
}
throw $e;
}
}
Zotero_DB::commit();
} catch (Exception $e) {
Zotero_DB::rollback();
throw $e;
}
if (!$this->id) {
$this->id = $searchID;
}
if (!$this->key) {
$this->key = $key;
}
return $this->id;
}
public function save($full = false)
{
if (!$this->libraryID) {
trigger_error("Library ID must be set before saving", E_USER_ERROR);
}
Zotero_Tags::editCheck($this);
if (!$this->changed) {
Z_Core::debug("Tag {$this->id} has not changed");
return false;
}
$shardID = Zotero_Shards::getByLibraryID($this->libraryID);
Zotero_DB::beginTransaction();
try {
$tagID = $this->id ? $this->id : Zotero_ID::get('tags');
$isNew = !$this->id;
Z_Core::debug("Saving tag {$tagID}");
$key = $this->key ? $this->key : $this->generateKey();
$timestamp = Zotero_DB::getTransactionTimestamp();
$dateAdded = $this->dateAdded ? $this->dateAdded : $timestamp;
$dateModified = $this->dateModified ? $this->dateModified : $timestamp;
$fields = "name=?, `type`=?, dateAdded=?, dateModified=?,\n\t\t\t\tlibraryID=?, `key`=?, serverDateModified=?";
$params = array($this->name, $this->type ? $this->type : 0, $dateAdded, $dateModified, $this->libraryID, $key, $timestamp);
try {
if ($isNew) {
$sql = "INSERT INTO tags SET tagID=?, {$fields}";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge(array($tagID), $params));
// Remove from delete log if it's there
$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='tag' AND `key`=?";
Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
} else {
$sql = "UPDATE tags SET {$fields} WHERE tagID=?";
$stmt = Zotero_DB::getStatement($sql, true, Zotero_Shards::getByLibraryID($this->libraryID));
Zotero_DB::queryFromStatement($stmt, array_merge($params, array($tagID)));
}
} catch (Exception $e) {
// If an incoming tag is the same as an existing tag, but with a different key,
// then delete the old tag and add its linked items to the new tag
if (preg_match("/Duplicate entry .+ for key 'uniqueTags'/", $e->getMessage())) {
// GET existing tag
$existing = Zotero_Tags::getIDs($this->libraryID, $this->name);
if (!$existing) {
throw new Exception("Existing tag not found");
}
foreach ($existing as $id) {
$tag = Zotero_Tags::get($this->libraryID, $id, true);
if ($tag->__get('type') == $this->type) {
$linked = $tag->getLinkedItems(true);
Zotero_Tags::delete($this->libraryID, $tag->key);
break;
}
}
// Save again
if ($isNew) {
$sql = "INSERT INTO tags SET tagID=?, {$fields}";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
Zotero_DB::queryFromStatement($stmt, array_merge(array($tagID), $params));
// Remove from delete log if it's there
$sql = "DELETE FROM syncDeleteLogKeys WHERE libraryID=? AND objectType='tag' AND `key`=?";
Zotero_DB::query($sql, array($this->libraryID, $key), $shardID);
} else {
$sql = "UPDATE tags SET {$fields} WHERE tagID=?";
$stmt = Zotero_DB::getStatement($sql, true, Zotero_Shards::getByLibraryID($this->libraryID));
Zotero_DB::queryFromStatement($stmt, array_merge($params, array($tagID)));
}
$new = array_unique(array_merge($linked, $this->getLinkedItems(true)));
$this->setLinkedItems($new);
} else {
throw $e;
}
}
// Linked items
if ($full || !empty($this->changed['linkedItems'])) {
$removed = array();
$newids = array();
$currentIDs = $this->getLinkedItems(true);
if (!$currentIDs) {
$currentIDs = array();
}
if ($full) {
$sql = "SELECT itemID FROM itemTags WHERE tagID=?";
$stmt = Zotero_DB::getStatement($sql, true, $shardID);
$dbItemIDs = Zotero_DB::columnQueryFromStatement($stmt, $tagID);
if ($dbItemIDs) {
$removed = array_diff($dbItemIDs, $currentIDs);
$newids = array_diff($currentIDs, $dbItemIDs);
} else {
$newids = $currentIDs;
}
} else {
if ($this->previousData['linkedItems']) {
$removed = array_diff($this->previousData['linkedItems'], $currentIDs);
$newids = array_diff($currentIDs, $this->previousData['linkedItems']);
} else {
$newids = $currentIDs;
}
}
if ($removed) {
$sql = "DELETE FROM itemTags WHERE tagID=? AND itemID IN (";
$q = array_fill(0, sizeOf($removed), '?');
$sql .= implode(', ', $q) . ")";
Zotero_DB::query($sql, array_merge(array($this->id), $removed), $shardID);
}
if ($newids) {
$newids = array_values($newids);
$sql = "INSERT INTO itemTags (tagID, itemID) VALUES ";
$maxInsertGroups = 50;
Zotero_DB::bulkInsert($sql, $newids, $maxInsertGroups, $tagID, $shardID);
}
//Zotero.Notifier.trigger('add', 'collection-item', $this->id . '-' . $itemID);
}
Zotero_DB::commit();
Zotero_Tags::cachePrimaryData(array('id' => $tagID, 'libraryID' => $this->libraryID, 'key' => $key, 'name' => $this->name, 'type' => $this->type ? $this->type : 0, 'dateAdded' => $dateAdded, 'dateModified' => $dateModified));
} catch (Exception $e) {
Zotero_DB::rollback();
throw $e;
}
// If successful, set values in object
if (!$this->id) {
$this->id = $tagID;
}
if (!$this->key) {
$this->key = $key;
}
$this->init();
if ($isNew) {
Zotero_Tags::cache($this);
Zotero_Tags::cacheLibraryKeyID($this->libraryID, $key, $tagID);
}
return $this->id;
}
public static function clearAllData($libraryID)
{
if (empty($libraryID)) {
throw new Exception("libraryID not provided");
}
Zotero_DB::beginTransaction();
$tables = array('collections', 'creators', 'items', 'relations', 'savedSearches', 'tags', 'syncDeleteLogIDs', 'syncDeleteLogKeys', 'settings');
$shardID = Zotero_Shards::getByLibraryID($libraryID);
self::deleteCachedData($libraryID);
// Because of the foreign key constraint on the itemID, delete MySQL full-text rows
// first, and then clear from Elasticsearch below
Zotero_FullText::deleteByLibraryMySQL($libraryID);
foreach ($tables as $table) {
// Delete notes and attachments first (since they may be child items)
if ($table == 'items') {
$sql = "DELETE FROM {$table} WHERE libraryID=? AND itemTypeID IN (1,14)";
Zotero_DB::query($sql, $libraryID, $shardID);
}
$sql = "DELETE FROM {$table} WHERE libraryID=?";
Zotero_DB::query($sql, $libraryID, $shardID);
}
Zotero_FullText::deleteByLibrary($libraryID);
self::updateVersion($libraryID);
self::updateTimestamps($libraryID);
Zotero_Notifier::trigger("clear", "library", $libraryID);
Zotero_DB::commit();
}
public static function delete($libraryID, $key)
{
$table = self::$table;
$type = self::$objectType;
$types = self::$objectTypePlural;
if (!$key) {
throw new Exception("Invalid key {$key}");
}
// Get object (and trigger caching)
$obj = self::getByLibraryAndKey($libraryID, $key);
if (!$obj) {
return;
}
self::editCheck($obj);
Z_Core::debug("Deleting {$type} {$libraryID}/{$key}", 4);
$shardID = Zotero_Shards::getByLibraryID($libraryID);
Zotero_DB::beginTransaction();
// Delete child items
if ($type == 'item') {
if ($obj->isRegularItem()) {
$children = array_merge($obj->getNotes(), $obj->getAttachments());
if ($children) {
$children = Zotero_Items::get($libraryID, $children);
foreach ($children as $child) {
self::delete($child->libraryID, $child->key);
}
}
}
// Remove relations (except for merge tracker)
$uri = Zotero_URI::getItemURI($obj);
Zotero_Relations::eraseByURI($libraryID, $uri, array(Zotero_Relations::$deletedItemPredicate));
} else {
if ($type == 'tag') {
$tagName = $obj->name;
}
}
if ($type == 'item' && $obj->isAttachment()) {
Zotero_FullText::deleteItemContent($obj);
}
$sql = "DELETE FROM {$table} WHERE libraryID=? AND `key`=?";
$deleted = Zotero_DB::query($sql, array($libraryID, $key), $shardID);
self::unload($obj->id);
if ($deleted) {
$sql = "INSERT INTO syncDeleteLogKeys\n\t\t\t\t\t\t(libraryID, objectType, `key`, timestamp, version)\n\t\t\t\t\t\tVALUES (?, '{$type}', ?, ?, ?)\n\t\t\t\t\t\tON DUPLICATE KEY UPDATE timestamp=?, version=?";
$timestamp = Zotero_DB::getTransactionTimestamp();
$version = Zotero_Libraries::getUpdatedVersion($libraryID);
$params = array($libraryID, $key, $timestamp, $version, $timestamp, $version);
Zotero_DB::query($sql, $params, $shardID);
if ($type == 'tag') {
$sql = "INSERT INTO syncDeleteLogKeys\n\t\t\t\t\t\t\t(libraryID, objectType, `key`, timestamp, version)\n\t\t\t\t\t\t\tVALUES (?, 'tagName', ?, ?, ?)\n\t\t\t\t\t\t\tON DUPLICATE KEY UPDATE timestamp=?, version=?";
$params = array($libraryID, $tagName, $timestamp, $version, $timestamp, $version);
Zotero_DB::query($sql, $params, $shardID);
}
}
Zotero_DB::commit();
}
/**
* Add sync process and associated locks to database
*/
private static function addUploadProcess($userID, $libraryIDs, $syncQueueID = null, $syncProcessID = null)
{
Zotero_DB::beginTransaction();
$syncProcessID = $syncProcessID ? $syncProcessID : Zotero_ID::getBigInt();
$sql = "INSERT INTO syncProcesses (syncProcessID, userID) VALUES (?, ?)";
try {
Zotero_DB::query($sql, array($syncProcessID, $userID));
} catch (Exception $e) {
$sql = "SELECT CONCAT(syncProcessID,' ',userID,' ',started) FROM syncProcesses WHERE userID=?";
$val = Zotero_DB::valueQuery($sql, $userID);
Z_Core::logError($val);
}
if ($libraryIDs) {
$sql = "INSERT INTO syncProcessLocks VALUES ";
$sql .= implode(', ', array_fill(0, sizeOf($libraryIDs), '(?,?)'));
$params = array();
foreach ($libraryIDs as $libraryID) {
$params[] = $syncProcessID;
$params[] = $libraryID;
}
Zotero_DB::query($sql, $params);
}
// Record the process id in the queue entry, if given
if ($syncQueueID) {
$sql = "UPDATE syncUploadQueue SET syncProcessID=? WHERE syncUploadQueueID=?";
Zotero_DB::query($sql, array($syncProcessID, $syncQueueID));
}
Zotero_DB::commit();
return $syncProcessID;
}
public static function updateFromJSON(Zotero_Item $item, $json, Zotero_Item $parentItem = null, $requestParams, $userID, $requireVersion = 0, $partialUpdate = false)
{
$json = Zotero_API::extractEditableJSON($json);
$exists = Zotero_API::processJSONObjectKey($item, $json, $requestParams);
// computerProgram used 'version' instead of 'versionNumber' before v3
if ($requestParams['v'] < 3 && isset($json->version)) {
$json->versionNumber = $json->version;
unset($json->version);
}
Zotero_API::checkJSONObjectVersion($item, $json, $requestParams, $requireVersion);
self::validateJSONItem($json, $item->libraryID, $exists ? $item : null, $parentItem || ($exists ? !!$item->getSourceKey() : false), $requestParams, $partialUpdate && $exists);
$changed = false;
$twoStage = false;
if (!Zotero_DB::transactionInProgress()) {
Zotero_DB::beginTransaction();
$transactionStarted = true;
} else {
$transactionStarted = false;
}
// Set itemType first
if (isset($json->itemType)) {
$item->setField("itemTypeID", Zotero_ItemTypes::getID($json->itemType));
}
$changedDateModified = false;
foreach ($json as $key => $val) {
switch ($key) {
case 'key':
case 'version':
case 'itemKey':
case 'itemVersion':
case 'itemType':
case 'deleted':
continue;
case 'parentItem':
$item->setSourceKey($val);
break;
case 'creators':
if (!$val && !$item->numCreators()) {
continue 2;
}
$orderIndex = -1;
foreach ($val as $newCreatorData) {
// JSON uses 'name' and 'firstName'/'lastName',
// so switch to just 'firstName'/'lastName'
if (isset($newCreatorData->name)) {
$newCreatorData->firstName = '';
$newCreatorData->lastName = $newCreatorData->name;
unset($newCreatorData->name);
$newCreatorData->fieldMode = 1;
} else {
$newCreatorData->fieldMode = 0;
}
// Skip empty creators
if (Zotero_Utilities::unicodeTrim($newCreatorData->firstName) === "" && Zotero_Utilities::unicodeTrim($newCreatorData->lastName) === "") {
break;
}
$orderIndex++;
$newCreatorTypeID = Zotero_CreatorTypes::getID($newCreatorData->creatorType);
// Same creator in this position
$existingCreator = $item->getCreator($orderIndex);
if ($existingCreator && $existingCreator['ref']->equals($newCreatorData)) {
// Just change the creatorTypeID
if ($existingCreator['creatorTypeID'] != $newCreatorTypeID) {
$item->setCreator($orderIndex, $existingCreator['ref'], $newCreatorTypeID);
}
continue;
}
// Same creator in a different position, so use that
$existingCreators = $item->getCreators();
for ($i = 0, $len = sizeOf($existingCreators); $i < $len; $i++) {
if ($existingCreators[$i]['ref']->equals($newCreatorData)) {
$item->setCreator($orderIndex, $existingCreators[$i]['ref'], $newCreatorTypeID);
continue;
}
}
// Make a fake creator to use for the data lookup
$newCreator = new Zotero_Creator();
$newCreator->libraryID = $item->libraryID;
foreach ($newCreatorData as $key => $val) {
if ($key == 'creatorType') {
continue;
}
$newCreator->{$key} = $val;
}
// Look for an equivalent creator in this library
$candidates = Zotero_Creators::getCreatorsWithData($item->libraryID, $newCreator, true);
if ($candidates) {
$c = Zotero_Creators::get($item->libraryID, $candidates[0]);
$item->setCreator($orderIndex, $c, $newCreatorTypeID);
continue;
}
// None found, so make a new one
$creatorID = $newCreator->save();
$newCreator = Zotero_Creators::get($item->libraryID, $creatorID);
$item->setCreator($orderIndex, $newCreator, $newCreatorTypeID);
}
// Remove all existing creators above the current index
if ($exists && ($indexes = array_keys($item->getCreators()))) {
$i = max($indexes);
while ($i > $orderIndex) {
$item->removeCreator($i);
$i--;
}
}
break;
case 'tags':
$item->setTags($val);
break;
case 'collections':
$item->setCollections($val);
break;
case 'relations':
$item->setRelations($val);
break;
case 'attachments':
case 'notes':
if (!$val) {
continue;
}
$twoStage = true;
break;
case 'note':
$item->setNote($val);
break;
// Attachment properties
// Attachment properties
case 'linkMode':
$item->attachmentLinkMode = Zotero_Attachments::linkModeNameToNumber($val, true);
break;
case 'contentType':
case 'charset':
case 'filename':
$k = "attachment" . ucwords($key);
$item->{$k} = $val;
break;
case 'md5':
$item->attachmentStorageHash = $val;
break;
case 'mtime':
$item->attachmentStorageModTime = $val;
break;
case 'dateModified':
$changedDateModified = $item->setField($key, $val);
break;
default:
$item->setField($key, $val);
break;
}
}
if ($parentItem) {
$item->setSource($parentItem->id);
} else {
if ($requestParams['v'] >= 2 && !$partialUpdate && $item->getSourceKey() && !isset($json->parentItem)) {
$item->setSourceKey(false);
}
}
$item->deleted = !empty($json->deleted);
// If item has changed, update it with the current timestamp
if ($item->hasChanged() && !$changedDateModified) {
$item->dateModified = Zotero_DB::getTransactionTimestamp();
}
$changed = $item->save($userID) || $changed;
// Additional steps that have to be performed on a saved object
if ($twoStage) {
foreach ($json as $key => $val) {
switch ($key) {
case 'attachments':
if (!$val) {
continue;
}
foreach ($val as $attachmentJSON) {
$childItem = new Zotero_Item();
$childItem->libraryID = $item->libraryID;
self::updateFromJSON($childItem, $attachmentJSON, $item, $requestParams, $userID);
}
break;
case 'notes':
if (!$val) {
continue;
}
$noteItemTypeID = Zotero_ItemTypes::getID("note");
foreach ($val as $note) {
$childItem = new Zotero_Item();
$childItem->libraryID = $item->libraryID;
$childItem->itemTypeID = $noteItemTypeID;
$childItem->setSource($item->id);
$childItem->setNote($note->note);
$childItem->save();
}
break;
}
}
}
if ($transactionStarted) {
Zotero_DB::commit();
}
return $changed;
}
public static function purge($libraryID)
{
$sql = "SELECT subject FROM relations " . "WHERE libraryID=? AND predicate!=? " . "UNION " . "SELECT object FROM relations " . "WHERE libraryID=? AND predicate!=?";
$uris = Zotero . DB . columnQuery($sql, array($libraryID, self::$deletedItemPredicate, $libraryID, self::$deletedItemPredicate), Zotero_Shards::getByLibraryID($libraryID));
if ($uris) {
$prefix = Zotero_URI::getBaseURI();
Zotero_DB::beginTransaction();
foreach ($uris as $uri) {
// Skip URIs that don't begin with the default prefix,
// since they don't correspond to local items
if (strpos($uri, $prefix) === false) {
continue;
}
if (preg_match('/\\/items\\//', $uri) && !Zotero_URI::getURIItem($uri)) {
self::eraseByURI($uri);
}
if (preg_match('/\\/collections\\//', $uri) && !Zotero_URI::getURICollection($uri)) {
self::eraseByURI($uri);
}
}
Zotero_DB::commit();
}
}
