/** * @param $observer Class Class with method notify($event, $type, $ids, $extraData) * @param $types [array] Types to receive notications for * @param $label [string] Name of the observer */ public static function registerObserver($observer, $types = [], $name = '') { if (is_scalar($types)) { $types = array($types); } foreach ($types as $type) { if (!in_array($type, self::$types)) { throw new Exception("Invalid type '{$type}'"); } } if (empty($name) || isset(self::$observers[$name])) { $len = 2; $tries = 10; do { // Increase the hash length if we can't find a unique key if (!$tries) { $len++; $tries = 5; } $key = strlen($name) ? "{$name}-" : ''; $key .= Zotero_Utilities::randomString($len, 'mixed'); $tries--; } while (isset(self::$observers[$key])); } else { $key = $name; } Z_Core::debug('Registering observer for ' . ($types ? '[' . implode(",", $types) . ']' : 'all types') . ' in notifier ' . $key . "'", 4); self::$observers[$key] = array("observer" => $observer, "types" => $types); return $key; }
public static function getUserURI($userID, $skipNames = false) { if ($skipNames) { return self::getBaseURI() . "users/{$userID}"; } $username = Zotero_Users::getUsername($userID); return self::getBaseURI() . Zotero_Utilities::slugify($username); }
public static function setUpBeforeClass() { parent::setUpBeforeClass(); API::userClear(self::$config['userID']); // Create test data $key = API::createItem("book", array("title" => "Title", "creators" => array(array("creatorType" => "author", "firstName" => "First", "lastName" => "Last"))), null, 'key'); self::$items[$key] = '<content xmlns:zapi="http://zotero.org/ns/api" type="application/xml"><zapi:subcontent zapi:type="bib"><div xmlns="http://www.w3.org/1999/xhtml" class="csl-bib-body" style="line-height: 1.35; padding-left: 2em; text-indent:-2em;"><div class="csl-entry">Last, First. <i>Title</i>, n.d.</div></div></zapi:subcontent><zapi:subcontent zapi:type="json">' . \Zotero_Utilities::formatJSON(json_decode('{"itemKey":"","itemVersion":0,"itemType":"book","title":"Title","creators":[{"creatorType":"author","firstName":"First","lastName":"Last"}],"abstractNote":"","series":"","seriesNumber":"","volume":"","numberOfVolumes":"","edition":"","place":"","publisher":"","date":"","numPages":"","language":"","ISBN":"","shortTitle":"","url":"","accessDate":"","archive":"","archiveLocation":"","libraryCatalog":"","callNumber":"","rights":"","extra":"","tags":[],"collections":[],"relations":{}}')) . '</zapi:subcontent></content>'; $key = API::createItem("book", array("title" => "Title 2", "creators" => array(array("creatorType" => "author", "firstName" => "First", "lastName" => "Last"), array("creatorType" => "editor", "firstName" => "Ed", "lastName" => "McEditor"))), null, 'key'); self::$items[$key] = '<content xmlns:zapi="http://zotero.org/ns/api" type="application/xml"><zapi:subcontent zapi:type="bib"><div xmlns="http://www.w3.org/1999/xhtml" class="csl-bib-body" style="line-height: 1.35; padding-left: 2em; text-indent:-2em;"><div class="csl-entry">Last, First. <i>Title 2</i>. Edited by Ed McEditor, n.d.</div></div></zapi:subcontent><zapi:subcontent zapi:type="json">' . \Zotero_Utilities::formatJSON(json_decode('{"itemKey":"","itemVersion":0,"itemType":"book","title":"Title 2","creators":[{"creatorType":"author","firstName":"First","lastName":"Last"},{"creatorType":"editor","firstName":"Ed","lastName":"McEditor"}],"abstractNote":"","series":"","seriesNumber":"","volume":"","numberOfVolumes":"","edition":"","place":"","publisher":"","date":"","numPages":"","language":"","ISBN":"","shortTitle":"","url":"","accessDate":"","archive":"","archiveLocation":"","libraryCatalog":"","callNumber":"","rights":"","extra":"","tags":[],"collections":[],"relations":{}}')) . '</zapi:subcontent></content>'; }
public static function getUserURI($userID, $www = false, $useSlug = false) { if ($www) { $username = Zotero_Users::getUsername($userID); return self::getBaseWWWURI() . Zotero_Utilities::slugify($username); } if ($useSlug) { $username = Zotero_Users::getUsername($userID); return self::getBaseURI() . Zotero_Utilities::slugify($username); } return self::getBaseURI() . "users/{$userID}"; }
public static function generate() { $tries = 5; while ($tries > 0) { $str = Zotero_Utilities::randomString(24, 'mixed'); $sql = "SELECT COUNT(*) FROM `keys` WHERE `key`=?"; if (Zotero_DB::valueQuery($sql, $str)) { $tries--; continue; } return $str; } throw new Exception("Unique key could not be generated"); }
public function deleted() { if ($this->apiVersion < 2) { $this->e404(); } $this->allowMethods(array('GET')); if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); // TEMP: sync transition if ($this->queryParams['sincetime'] !== null) { $deleted = array("collections" => Zotero_Collections::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['sincetime'], true), "items" => Zotero_Items::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['sincetime'], true), "searches" => Zotero_Searches::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['sincetime'], true), "tags" => Zotero_Tags::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['sincetime'], true), "settings" => Zotero_Settings::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['sincetime'], true)); echo Zotero_Utilities::formatJSON($deleted); $this->end(); } if ($this->queryParams['since'] === null) { $this->e400("'since' parameter must be provided"); } $deleted = array("collections" => Zotero_Collections::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['since']), "items" => Zotero_Items::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['since']), "searches" => Zotero_Searches::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['since']), "tags" => Zotero_Tags::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['since']), "settings" => Zotero_Settings::getDeleteLogKeys($this->objectLibraryID, $this->queryParams['since'])); echo Zotero_Utilities::formatJSON($deleted); $this->end(); }
public static function publicNameExists($name) { $slug = Zotero_Utilities::slugify($name); $sql = "SELECT groupID FROM groups WHERE (name=? OR slug=?) AND\n\t\t\t\t\ttype IN ('PublicOpen', 'PublicClosed')"; $groupID = Zotero_DB::valueQuery($sql, array($name, $slug)); return $groupID ? $groupID : false; }
public function newItem() { if (empty($_GET['itemType'])) { $this->e400("'itemType' not provided"); } $itemType = $_GET['itemType']; if ($itemType == 'attachment') { if (empty($_GET['linkMode'])) { $this->e400("linkMode required for itemType=attachment"); } $linkModeName = $_GET['linkMode']; try { $linkMode = Zotero_Attachments::linkModeNameToNumber(strtoupper($linkModeName)); } catch (Exception $e) { $this->e400("Invalid linkMode '{$linkModeName}'"); } } $itemTypeID = Zotero_ItemTypes::getID($itemType); if (!$itemTypeID) { $this->e400("Invalid item type '{$itemType}'"); } // TODO: check If-Modified-Since and return 304 if not changed $cacheKey = "newItemJSON_" . $itemTypeID; if ($itemType == 'attachment') { $cacheKey .= "_" . $linkMode; } $ttl = 60; if ($this->queryParams['pprint']) { $cacheKey .= "_pprint"; } $json = Z_Core::$MC->get($cacheKey); if ($json) { header("Content-Type: application/json"); echo $json; exit; } // Generate template $json = array('itemType' => $itemType); if ($itemType == 'attachment') { $json['linkMode'] = $linkModeName; } $fieldIDs = Zotero_ItemFields::getItemTypeFields($itemTypeID); $first = true; foreach ($fieldIDs as $fieldID) { $fieldName = Zotero_ItemFields::getName($fieldID); if ($itemType == 'attachment' && $fieldName == 'url' && !preg_match('/_url$/', $linkModeName)) { continue; } $json[$fieldName] = ""; if ($first && $itemType != 'note' && $itemType != 'attachment') { $creatorTypeID = Zotero_CreatorTypes::getPrimaryIDForType($itemTypeID); $creatorTypeName = Zotero_CreatorTypes::getName($creatorTypeID); $json['creators'] = array(array('creatorType' => $creatorTypeName, 'firstName' => '', 'lastName' => '')); $first = false; } } if ($itemType == 'note' || $itemType == 'attachment') { $json['note'] = ''; } $json['tags'] = array(); if ($itemType != 'note' && $itemType != 'attachment') { $json['attachments'] = array(); $json['notes'] = array(); } if ($itemType == 'attachment') { $json['contentType'] = ''; $json['charset'] = ''; if (preg_match('/^imported_/', $linkModeName)) { $json['filename'] = ''; $json['md5'] = null; $json['mtime'] = null; //$json['zip'] = false; } } header("Content-Type: application/json"); if ($this->queryParams['pprint']) { $json = Zotero_Utilities::json_encode_pretty($json); Z_Core::$MC->set($cacheKey, $json, $ttl); } else { $json = json_encode($json); Z_Core::$MC->set($cacheKey, $json, $ttl); } echo $json; exit; }
protected function jsonDecode($json) { $obj = json_decode($json); Zotero_Utilities::cleanStringRecursive($obj); $this->checkJSONError(); return $obj; }
public function itemContent() { $this->allowMethods(array('GET', 'PUT')); // Check for general library access if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } if (!$this->singleObject) { $this->e404(); } if ($this->isWriteMethod()) { // Check for library write access if (!$this->permissions->canWrite($this->objectLibraryID)) { $this->e403("Write access denied"); } Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID); } $item = Zotero_Items::getByLibraryAndKey($this->objectLibraryID, $this->objectKey); if (!$item) { $this->e404(); } // If no access to the note, don't show that it exists if ($item->isNote() && !$this->permissions->canAccess($this->objectLibraryID, 'notes')) { $this->e404(); } if (!$item->isAttachment() || Zotero_Attachments::linkModeNumberToName($item->attachmentLinkMode) == 'LINKED_URL') { $this->e404(); } if ($this->isWriteMethod()) { $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); if ($this->method == 'PUT') { $this->requireContentType("application/json"); $json = json_decode($this->body, true); if (!$json) { $this->e400("PUT data is not valid JSON"); } $stats = []; foreach (Zotero_FullText::$metadata as $prop) { if (isset($json[$prop])) { $stats[$prop] = $json[$prop]; } } Zotero_FullText::indexItem($item, $json['content'], $stats); $this->e204(); } else { $this->e405(); } } $data = Zotero_FullText::getItemData($item->libraryID, $item->key); if (!$data) { $this->e404(); } $this->libraryVersion = $data['version']; $json = ["content" => $data['content']]; foreach (Zotero_FullText::$metadata as $prop) { if (!empty($data[$prop])) { $json[$prop] = $data[$prop]; } } echo Zotero_Utilities::formatJSON($json); $this->end(); }
private function checkValue($field, $value) { if (!property_exists($this, $field)) { trigger_error("Invalid property '{$field}'", E_USER_ERROR); } // Data validation switch ($field) { case 'id': case 'libraryID': if (!Zotero_Utilities::isPosInt($value)) { $this->invalidValueError($field, $value); } break; case 'key': if (!preg_match('/^[23456789ABCDEFGHIJKMNPQRSTUVWXTZ]{8}$/', $value)) { $this->invalidValueError($field, $value); } break; case 'dateAdded': case 'dateModified': if (!preg_match("/^[0-9]{4}\\-[0-9]{2}\\-[0-9]{2} ([0-1][0-9]|[2][0-3]):([0-5][0-9]):([0-5][0-9])\$/", $value)) { $this->invalidValueError($field, $value); } break; } }
public function testFullTextNoAccess() { API::groupClear(self::$config['ownedPrivateGroupID2']); // Add item to group as user 2 $user2SessionID = Sync::login(['username' => self::$config['username2'], 'password' => self::$config['password2']]); $xml = Sync::updated($user2SessionID); $updateKey = (string) $xml['updateKey']; $key = Zotero_Utilities::randomString(8, 'key', true); $dateAdded = date('Y-m-d H:i:s', time() - 1); $dateModified = date('Y-m-d H:i:s'); $xmlstr = '<data version="9">' . '<items>' . '<item libraryID="' . self::$config['ownedPrivateGroupLibraryID2'] . '" ' . 'itemType="attachment" ' . 'dateAdded="' . $dateAdded . '" ' . 'dateModified="' . $dateModified . '" ' . 'key="' . $key . '"/>' . '</items>' . '</data>'; $response = Sync::upload($user2SessionID, $updateKey, $xmlstr); Sync::waitForUpload($user2SessionID, $response, $this); // Make sure item exists $xml = Sync::updated($user2SessionID, 1); $this->assertEquals(1, $xml->updated[0]->items->count()); $this->assertEquals(1, $xml->updated[0]->items[0]->item->count()); // Try to add full-text content as user 1 $xml = Sync::updated(self::$sessionID); $updateKey = (string) $xml['updateKey']; $content = "This is some full-text content."; $totalChars = 2500; $xmlstr = '<data version="9">' . '<fulltexts>' . '<fulltext libraryID="' . self::$config['ownedPrivateGroupLibraryID2'] . '" ' . 'key="' . $key . '" ' . 'indexedChars="' . strlen($content) . '" ' . 'totalChars="' . $totalChars . '" ' . 'indexedPages="0" ' . 'totalPages="0">' . htmlspecialchars($content) . '</fulltext>' . '</fulltexts>' . '</data>'; $response = Sync::upload(self::$sessionID, $updateKey, $xmlstr); Sync::waitForUpload(self::$sessionID, $response, $this); // Retrieve it as user 2 $xml = Sync::updated($user2SessionID, 1, false, false, ["ft" => 1]); $this->assertEquals(0, $xml->updated[0]->fulltexts->count()); API::groupClear(self::$config['ownedPrivateGroupID2']); }
private static function processUploadInternal($userID, SimpleXMLElement $xml, $syncQueueID = null, $syncProcessID = null) { $userLibraryID = Zotero_Users::getLibraryIDFromUserID($userID); $affectedLibraries = self::parseAffectedLibraries($xml->asXML()); // Relations-only uploads don't have affected libraries if (!$affectedLibraries) { $affectedLibraries = array(Zotero_Users::getLibraryIDFromUserID($userID)); } $processID = self::addUploadProcess($userID, $affectedLibraries, $syncQueueID, $syncProcessID); set_time_limit(5400); $profile = false; if ($profile) { $shardID = Zotero_Shards::getByUserID($userID); Zotero_DB::profileStart($shardID); } try { Zotero_DB::beginTransaction(); // Mark libraries as updated foreach ($affectedLibraries as $libraryID) { Zotero_Libraries::updateVersion($libraryID); } $timestamp = Zotero_Libraries::updateTimestamps($affectedLibraries); Zotero_DB::registerTransactionTimestamp($timestamp); // Make sure no other upload sessions use this same timestamp // for any of these libraries, since we return >= 1 as the next // last sync time if (!Zotero_Libraries::setTimestampLock($affectedLibraries, $timestamp)) { throw new Exception("Library timestamp already used", Z_ERROR_LIBRARY_TIMESTAMP_ALREADY_USED); } $modifiedItems = array(); // Add/update creators if ($xml->creators) { // DOM $keys = array(); $xmlElements = dom_import_simplexml($xml->creators); $xmlElements = $xmlElements->getElementsByTagName('creator'); Zotero_DB::query("SET foreign_key_checks = 0"); try { $addedLibraryIDs = array(); $addedCreatorDataHashes = array(); foreach ($xmlElements as $xmlElement) { $key = $xmlElement->getAttribute('key'); if (isset($keys[$key])) { throw new Exception("Creator {$key} already processed"); } $keys[$key] = true; $creatorObj = Zotero_Creators::convertXMLToCreator($xmlElement); if (Zotero_Utilities::unicodeTrim($creatorObj->firstName) === '' && Zotero_Utilities::unicodeTrim($creatorObj->lastName) === '') { continue; } $addedLibraryIDs[] = $creatorObj->libraryID; $changed = $creatorObj->save($userID); // If the creator changed, we need to update all linked items if ($changed) { $modifiedItems = array_merge($modifiedItems, $creatorObj->getLinkedItems()); } } } catch (Exception $e) { Zotero_DB::query("SET foreign_key_checks = 1"); throw $e; } Zotero_DB::query("SET foreign_key_checks = 1"); unset($keys); unset($xml->creators); // // Manual foreign key checks // // libraryID foreach (array_unique($addedLibraryIDs) as $addedLibraryID) { $shardID = Zotero_Shards::getByLibraryID($addedLibraryID); $sql = "SELECT COUNT(*) FROM shardLibraries WHERE libraryID=?"; if (!Zotero_DB::valueQuery($sql, $addedLibraryID, $shardID)) { throw new Exception("libraryID inserted into `creators` not found in `shardLibraries` ({$addedLibraryID}, {$shardID})"); } } } // Add/update items $savedItems = array(); if ($xml->items) { $childItems = array(); // DOM $xmlElements = dom_import_simplexml($xml->items); $xmlElements = $xmlElements->getElementsByTagName('item'); foreach ($xmlElements as $xmlElement) { $libraryID = (int) $xmlElement->getAttribute('libraryID'); $key = $xmlElement->getAttribute('key'); if (isset($savedItems[$libraryID . "/" . $key])) { throw new Exception("Item {$libraryID}/{$key} already processed"); } $itemObj = Zotero_Items::convertXMLToItem($xmlElement); if (!$itemObj->getSourceKey()) { try { $modified = $itemObj->save($userID); if ($modified) { $savedItems[$libraryID . "/" . $key] = true; } } catch (Exception $e) { if (strpos($e->getMessage(), 'libraryIDs_do_not_match') !== false) { throw new Exception($e->getMessage() . " ({$key})"); } throw $e; } } else { $childItems[] = $itemObj; } } unset($xml->items); while ($childItem = array_shift($childItems)) { $libraryID = $childItem->libraryID; $key = $childItem->key; if (isset($savedItems[$libraryID . "/" . $key])) { throw new Exception("Item {$libraryID}/{$key} already processed"); } $modified = $childItem->save($userID); if ($modified) { $savedItems[$libraryID . "/" . $key] = true; } } } // Add/update collections if ($xml->collections) { $collections = array(); $collectionSets = array(); // DOM // Build an array of unsaved collection objects and the keys of child items $keys = array(); $xmlElements = dom_import_simplexml($xml->collections); $xmlElements = $xmlElements->getElementsByTagName('collection'); foreach ($xmlElements as $xmlElement) { $key = $xmlElement->getAttribute('key'); if (isset($keys[$key])) { throw new Exception("Collection {$key} already processed"); } $keys[$key] = true; $collectionObj = Zotero_Collections::convertXMLToCollection($xmlElement); $xmlItems = $xmlElement->getElementsByTagName('items')->item(0); // Fix an error if there's leading or trailing whitespace, // which was possible in 2.0.3 if ($xmlItems) { $xmlItems = trim($xmlItems->nodeValue); } $arr = array('obj' => $collectionObj, 'items' => $xmlItems ? explode(' ', $xmlItems) : array()); $collections[] = $collectionObj; $collectionSets[] = $arr; } unset($keys); unset($xml->collections); self::saveCollections($collections, $userID); unset($collections); // Set child items foreach ($collectionSets as $collection) { // Child items if (isset($collection['items'])) { $ids = array(); foreach ($collection['items'] as $key) { $item = Zotero_Items::getByLibraryAndKey($collection['obj']->libraryID, $key); if (!$item) { throw new Exception("Child item '{$key}' of collection {$collection['obj']->id} not found", Z_ERROR_ITEM_NOT_FOUND); } $ids[] = $item->id; } $collection['obj']->setItems($ids); } } unset($collectionSets); } // Add/update saved searches if ($xml->searches) { $searches = array(); $keys = array(); foreach ($xml->searches->search as $xmlElement) { $key = (string) $xmlElement['key']; if (isset($keys[$key])) { throw new Exception("Search {$key} already processed"); } $keys[$key] = true; $searchObj = Zotero_Searches::convertXMLToSearch($xmlElement); $searchObj->save($userID); } unset($xml->searches); } // Add/update tags if ($xml->tags) { $keys = array(); // DOM $xmlElements = dom_import_simplexml($xml->tags); $xmlElements = $xmlElements->getElementsByTagName('tag'); foreach ($xmlElements as $xmlElement) { // TEMP $tagItems = $xmlElement->getElementsByTagName('items'); if ($tagItems->length && $tagItems->item(0)->nodeValue == "") { error_log("Skipping tag with no linked items"); continue; } $libraryID = (int) $xmlElement->getAttribute('libraryID'); $key = $xmlElement->getAttribute('key'); $lk = $libraryID . "/" . $key; if (isset($keys[$lk])) { throw new Exception("Tag {$lk} already processed"); } $keys[$lk] = true; $itemKeysToUpdate = array(); $tagObj = Zotero_Tags::convertXMLToTag($xmlElement, $itemKeysToUpdate); // We need to update removed items, added items, and, // if the tag itself has changed, existing items $modifiedItems = array_merge($modifiedItems, array_map(function ($key) use($libraryID) { return $libraryID . "/" . $key; }, $itemKeysToUpdate)); $tagObj->save($userID, true); } unset($keys); unset($xml->tags); } // Add/update relations if ($xml->relations) { // DOM $xmlElements = dom_import_simplexml($xml->relations); $xmlElements = $xmlElements->getElementsByTagName('relation'); foreach ($xmlElements as $xmlElement) { $relationObj = Zotero_Relations::convertXMLToRelation($xmlElement, $userLibraryID); if ($relationObj->exists()) { continue; } $relationObj->save($userID); } unset($keys); unset($xml->relations); } // Add/update settings if ($xml->settings) { // DOM $xmlElements = dom_import_simplexml($xml->settings); $xmlElements = $xmlElements->getElementsByTagName('setting'); foreach ($xmlElements as $xmlElement) { $settingObj = Zotero_Settings::convertXMLToSetting($xmlElement); $settingObj->save($userID); } unset($xml->settings); } if ($xml->fulltexts) { // DOM $xmlElements = dom_import_simplexml($xml->fulltexts); $xmlElements = $xmlElements->getElementsByTagName('fulltext'); foreach ($xmlElements as $xmlElement) { Zotero_FullText::indexFromXML($xmlElement, $userID); } unset($xml->fulltexts); } // TODO: loop if ($xml->deleted) { // Delete collections if ($xml->deleted->collections) { Zotero_Collections::deleteFromXML($xml->deleted->collections, $userID); } // Delete items if ($xml->deleted->items) { Zotero_Items::deleteFromXML($xml->deleted->items, $userID); } // Delete creators if ($xml->deleted->creators) { Zotero_Creators::deleteFromXML($xml->deleted->creators, $userID); } // Delete saved searches if ($xml->deleted->searches) { Zotero_Searches::deleteFromXML($xml->deleted->searches, $userID); } // Delete tags if ($xml->deleted->tags) { $xmlElements = dom_import_simplexml($xml->deleted->tags); $xmlElements = $xmlElements->getElementsByTagName('tag'); foreach ($xmlElements as $xmlElement) { $libraryID = (int) $xmlElement->getAttribute('libraryID'); $key = $xmlElement->getAttribute('key'); $tagObj = Zotero_Tags::getByLibraryAndKey($libraryID, $key); if (!$tagObj) { continue; } // We need to update all items on the deleted tag $modifiedItems = array_merge($modifiedItems, array_map(function ($key) use($libraryID) { return $libraryID . "/" . $key; }, $tagObj->getLinkedItems(true))); } Zotero_Tags::deleteFromXML($xml->deleted->tags, $userID); } // Delete relations if ($xml->deleted->relations) { Zotero_Relations::deleteFromXML($xml->deleted->relations, $userID); } // Delete relations if ($xml->deleted->settings) { Zotero_Settings::deleteFromXML($xml->deleted->settings, $userID); } } $toUpdate = array(); foreach ($modifiedItems as $item) { // libraryID/key string if (is_string($item)) { if (isset($savedItems[$item])) { continue; } $savedItems[$item] = true; list($libraryID, $key) = explode("/", $item); $item = Zotero_Items::getByLibraryAndKey($libraryID, $key); if (!$item) { // Item was deleted continue; } } else { $lk = $item->libraryID . "/" . $item->key; if (isset($savedItems[$lk])) { continue; } $savedItems[$lk] = true; } $toUpdate[] = $item; } Zotero_Items::updateVersions($toUpdate, $userID); unset($savedItems); unset($modifiedItems); try { self::removeUploadProcess($processID); } catch (Exception $e) { if (strpos($e->getMessage(), 'MySQL server has gone away') !== false) { // Reconnect error_log("Reconnecting to MySQL master"); Zotero_DB::close(); self::removeUploadProcess($processID); } else { throw $e; } } // Send notifications for changed libraries foreach ($affectedLibraries as $libraryID) { Zotero_Notifier::trigger('modify', 'library', $libraryID); } Zotero_DB::commit(); if ($profile) { $shardID = Zotero_Shards::getByUserID($userID); Zotero_DB::profileEnd($shardID); } // Return timestamp + 1, to keep the next /updated call // (using >= timestamp) from returning this data return $timestamp + 1; } catch (Exception $e) { Zotero_DB::rollback(true); self::removeUploadProcess($processID); throw $e; } }
public function toJSON($asArray = false, $prettyPrint = false, $includeEmpty = false, $unformattedFields = false) { if ($this->id || $this->key) { if (!$this->loaded['primaryData']) { $this->loadPrimaryData(true); } if (!$this->loaded['itemData']) { $this->loadItemData(); } } $regularItem = $this->isRegularItem(); $arr = array(); $arr['itemType'] = Zotero_ItemTypes::getName($this->itemTypeID); if ($this->isAttachment()) { $val = $this->attachmentLinkMode; $arr['linkMode'] = strtolower(Zotero_Attachments::linkModeNumberToName($val)); } // For regular items, show title and creators first if ($regularItem) { // Get 'title' or the equivalent base-mapped field $titleFieldID = Zotero_ItemFields::getFieldIDFromTypeAndBase($this->itemTypeID, 'title'); $titleFieldName = Zotero_ItemFields::getName($titleFieldID); if ($includeEmpty || $this->itemData[$titleFieldID] !== false) { $arr[$titleFieldName] = $this->itemData[$titleFieldID] !== false ? $this->itemData[$titleFieldID] : ""; } // Creators $arr['creators'] = array(); $creators = $this->getCreators(); foreach ($creators as $creator) { $c = array(); $c['creatorType'] = Zotero_CreatorTypes::getName($creator['creatorTypeID']); // Single-field mode if ($creator['ref']->fieldMode == 1) { $c['name'] = $creator['ref']->lastName; } else { $c['firstName'] = $creator['ref']->firstName; $c['lastName'] = $creator['ref']->lastName; } $arr['creators'][] = $c; } if (!$arr['creators'] && !$includeEmpty) { unset($arr['creators']); } } else { $titleFieldID = false; } // Item metadata $fields = array_keys($this->itemData); foreach ($fields as $field) { if ($field == $titleFieldID) { continue; } if ($unformattedFields) { $value = $this->itemData[$field]; } else { $value = $this->getField($field); } if (!$includeEmpty && ($value === false || $value === "")) { continue; } $arr[Zotero_ItemFields::getName($field)] = $value ? $value : ""; } // Embedded note for notes and attachments if (!$regularItem) { // Use sanitized version $arr['note'] = $this->getNote(true); } if ($this->isAttachment()) { $val = $this->attachmentLinkMode; $arr['linkMode'] = strtolower(Zotero_Attachments::linkModeNumberToName($val)); $val = $this->attachmentMIMEType; if ($includeEmpty || $val !== false && $val !== "") { $arr['contentType'] = $val; } $val = $this->attachmentCharset; if ($includeEmpty || $val !== false && $val !== "") { $arr['charset'] = $val; } if ($this->isImportedAttachment()) { $arr['filename'] = $this->attachmentFilename; $val = $this->attachmentStorageHash; if ($includeEmpty || $val) { $arr['md5'] = $val; } $val = $this->attachmentStorageModTime; if ($includeEmpty || $val) { $arr['mtime'] = $val; } } } if ($this->getDeleted()) { $arr['deleted'] = 1; } // Tags $arr['tags'] = array(); $tags = $this->getTags(); if ($tags) { foreach ($tags as $tag) { $t = array('tag' => $tag->name); if ($tag->type != 0) { $t['type'] = $tag->type; } $arr['tags'][] = $t; } } if ($asArray) { return $arr; } $mask = JSON_HEX_TAG | JSON_HEX_AMP; if ($prettyPrint) { $json = Zotero_Utilities::json_encode_pretty($arr, $mask); } else { $json = json_encode($arr, $mask); } // Until JSON_UNESCAPED_SLASHES is available $json = str_replace('\\/', '/', $json); return $json; }
public function toJSON($asArray=false, $requestParams=array(), $includeEmpty=false, $unformattedFields=false) { if ($this->id || $this->key) { if (!$this->loaded['primaryData']) { $this->loadPrimaryData(); } if (!$this->loaded['itemData']) { $this->loadItemData(); } } if (!isset($requestParams['v'])) { $requestParams['v'] = 3; } $regularItem = $this->isRegularItem(); $arr = array(); if ($requestParams['v'] >= 2) { if ($requestParams['v'] >= 3) { $arr['key'] = $this->key; $arr['version'] = $this->version; } else { $arr['itemKey'] = $this->key; $arr['itemVersion'] = $this->version; } $key = $this->getSourceKey(); if ($key) { $arr['parentItem'] = $key; } } $arr['itemType'] = Zotero_ItemTypes::getName($this->itemTypeID); if ($this->isAttachment()) { $val = $this->attachmentLinkMode; $arr['linkMode'] = strtolower(Zotero_Attachments::linkModeNumberToName($val)); } // For regular items, show title and creators first if ($regularItem) { // Get 'title' or the equivalent base-mapped field $titleFieldID = Zotero_ItemFields::getFieldIDFromTypeAndBase($this->itemTypeID, 'title'); $titleFieldName = Zotero_ItemFields::getName($titleFieldID); if ($includeEmpty || $this->itemData[$titleFieldID] !== false) { $arr[$titleFieldName] = $this->itemData[$titleFieldID] !== false ? $this->itemData[$titleFieldID] : ""; } // Creators $arr['creators'] = array(); $creators = $this->getCreators(); foreach ($creators as $creator) { $c = array(); $c['creatorType'] = Zotero_CreatorTypes::getName($creator['creatorTypeID']); // Single-field mode if ($creator['ref']->fieldMode == 1) { $c['name'] = $creator['ref']->lastName; } // Two-field mode else { $c['firstName'] = $creator['ref']->firstName; $c['lastName'] = $creator['ref']->lastName; } $arr['creators'][] = $c; } if (!$arr['creators'] && !$includeEmpty) { unset($arr['creators']); } } else { $titleFieldID = false; } // Item metadata $fields = array_keys($this->itemData); foreach ($fields as $field) { if ($field == $titleFieldID) { continue; } if ($unformattedFields) { $value = $this->itemData[$field]; } else { $value = $this->getField($field); } if (!$includeEmpty && ($value === false || $value === "")) { continue; } $fieldName = Zotero_ItemFields::getName($field); // TEMP if ($fieldName == 'versionNumber') { if ($requestParams['v'] < 3) { $fieldName = 'version'; } } else if ($fieldName == 'accessDate') { if ($requestParams['v'] >= 3 && $value !== false && $value !== "") { $value = Zotero_Date::sqlToISO8601($value); } } $arr[$fieldName] = ($value !== false && $value !== "") ? $value : ""; } if ($requestParams['v'] >= 3) { $arr['dateAdded'] = Zotero_Date::sqlToISO8601($this->dateAdded); $arr['dateModified'] = Zotero_Date::sqlToISO8601($this->dateModified); } // Embedded note for notes and attachments if (!$regularItem) { // Use sanitized version $arr['note'] = $this->getNote(true); } if ($this->isAttachment()) { $val = $this->attachmentLinkMode; $arr['linkMode'] = strtolower(Zotero_Attachments::linkModeNumberToName($val)); $val = $this->attachmentMIMEType; if ($includeEmpty || ($val !== false && $val !== "")) { $arr['contentType'] = $val; } $val = $this->attachmentCharset; if ($includeEmpty || ($val !== false && $val !== "")) { $arr['charset'] = $val; } if ($this->isImportedAttachment()) { $arr['filename'] = $this->attachmentFilename; $val = $this->attachmentStorageHash; if ($includeEmpty || $val) { $arr['md5'] = $val; } $val = $this->attachmentStorageModTime; if ($includeEmpty || $val) { $arr['mtime'] = $val; } } } if ($this->getDeleted()) { $arr['deleted'] = 1; } // Tags $arr['tags'] = array(); $tags = $this->getTags(); if ($tags) { foreach ($tags as $tag) { $t = array( 'tag' => $tag->name ); if ($tag->type != 0) { $t['type'] = $tag->type; } $arr['tags'][] = $t; } } if ($requestParams['v'] >= 2) { if ($this->isTopLevelItem()) { $collections = $this->getCollections(true); $arr['collections'] = $collections; } $arr['relations'] = $this->getRelations(); } if ($asArray) { return $arr; } // Before v3, additional characters were escaped in the JSON, for unclear reasons $escapeAll = $requestParams['v'] <= 2; return Zotero_Utilities::formatJSON($arr, $escapeAll); }
public function toAtom($queryParams) { if (!empty($queryParams['content'])) { $content = $queryParams['content']; } else { $content = array('none'); } // TEMP: multi-format support $content = $content[0]; if (!$this->loaded) { $this->load(); } $xml = new SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?>' . '<entry xmlns="' . Zotero_Atom::$nsAtom . '" ' . 'xmlns:zapi="' . Zotero_Atom::$nsZoteroAPI . '" ' . 'xmlns:zxfer="' . Zotero_Atom::$nsZoteroTransfer . '"/>'); $title = $this->name ? $this->name : '[Untitled]'; $xml->title = $title; $author = $xml->addChild('author'); $ownerLibraryID = Zotero_Users::getLibraryIDFromUserID($this->ownerUserID); $author->name = Zotero_Users::getUsername($this->ownerUserID); $author->uri = Zotero_URI::getLibraryURI($ownerLibraryID); $xml->id = Zotero_URI::getGroupURI($this); $xml->published = Zotero_Date::sqlToISO8601($this->dateAdded); $xml->updated = Zotero_Date::sqlToISO8601($this->dateModified); $link = $xml->addChild("link"); $link['rel'] = "self"; $link['type'] = "application/atom+xml"; $link['href'] = Zotero_API::getGroupURI($this); $link = $xml->addChild('link'); $link['rel'] = 'alternate'; $link['type'] = 'text/html'; $link['href'] = Zotero_URI::getGroupURI($this); $xml->addChild('zapi:groupID', $this->id, Zotero_Atom::$nsZoteroAPI); $xml->addChild('zapi:numItems', $this->numItems(), Zotero_Atom::$nsZoteroAPI); if ($content == 'html') { $xml->content['type'] = 'html'; $htmlXML = $this->toHTML(); $xml->content->div = ''; $xml->content->div['xmlns'] = Zotero_Atom::$nsXHTML; $fNode = dom_import_simplexml($xml->content->div); $subNode = dom_import_simplexml($htmlXML); $importedNode = $fNode->ownerDocument->importNode($subNode, true); $fNode->appendChild($importedNode); } else { if ($content == 'json') { $xml->content['type'] = 'application/json'; $xml->content['etag'] = $this->etag; // Deprecated if ($queryParams['v'] < 2) { $xml->content->addAttribute("zapi:etag", $this->etag, Zotero_Atom::$nsZoteroAPI); } $xml->content = Zotero_Utilities::formatJSON($this->toJSON($queryParams, true)); } else { if ($content == 'full') { $xml->content['type'] = 'application/xml'; $fullXML = $this->toXML(); $fNode = dom_import_simplexml($xml->content); $subNode = dom_import_simplexml($fullXML); $importedNode = $fNode->ownerDocument->importNode($subNode, true); $fNode->appendChild($importedNode); } } } return $xml; }
public function keys() { $userID = $this->objectUserID; $key = $this->objectName; $this->allowMethods(['GET', 'POST', 'PUT', 'DELETE']); if ($this->method == 'GET') { // Single key if ($key) { $keyObj = Zotero_Keys::getByKey($key); if (!$keyObj) { $this->e404("Key not found"); } // /users/<userID>/keys/<keyID> (deprecated) if ($userID) { // If we have a userID, make sure it matches if ($keyObj->userID != $userID) { $this->e404("Key not found"); } } else { if ($this->apiVersion < 3) { $this->e404(); } } if ($this->apiVersion >= 3) { $json = $keyObj->toJSON(); // If not super-user, don't include name or recent IP addresses if (!$this->permissions->isSuper()) { unset($json['dateAdded']); unset($json['lastUsed']); unset($json['name']); unset($json['recentIPs']); } header('application/json'); echo Zotero_Utilities::formatJSON($json); } else { $this->responseXML = $keyObj->toXML(); // If not super-user, don't include name or recent IP addresses if (!$this->permissions->isSuper()) { unset($this->responseXML['dateAdded']); unset($this->responseXML['lastUsed']); unset($this->responseXML->name); unset($this->responseXML->recentIPs); } } } else { if (!$this->permissions->isSuper()) { $this->e403(); } $keyObjs = Zotero_Keys::getUserKeys($userID); if ($keyObjs) { if ($this->apiVersion >= 3) { $json = []; foreach ($keyObjs as $keyObj) { $json[] = $keyObj->toJSON(); } echo Zotero_Utilities::formatJSON($json); } else { $xml = new SimpleXMLElement('<keys/>'); $domXML = dom_import_simplexml($xml); foreach ($keyObjs as $keyObj) { $keyXML = $keyObj->toXML(); $domKeyXML = dom_import_simplexml($keyXML); $node = $domXML->ownerDocument->importNode($domKeyXML, true); $domXML->appendChild($node); } $this->responseXML = $xml; } } } } else { if ($this->method == 'DELETE') { if (!$key) { $this->e400("DELETE requests must end with a key"); } Zotero_DB::beginTransaction(); $keyObj = Zotero_Keys::getByKey($key); if (!$keyObj) { $this->e404("Key '{$key}' does not exist"); } $keyObj->erase(); Zotero_DB::commit(); header("HTTP/1.1 204 No Content"); exit; } else { // Require super-user for modifications if (!$this->permissions->isSuper()) { $this->e403(); } if ($this->method == 'POST') { if ($key) { $this->e400("POST requests cannot end with a key (did you mean PUT?)"); } if ($this->apiVersion >= 3) { $json = json_decode($this->body, true); if (!$json) { $this->e400("{$this->method} data is not valid JSON"); } if (!empty($json['key'])) { $this->e400("POST requests cannot contain a key in '" . $this->body . "'"); } $fields = $this->getFieldsFromJSON($json); } else { try { $keyXML = @new SimpleXMLElement($this->body); } catch (Exception $e) { $this->e400("{$this->method} data is not valid XML"); } if (!empty($key['key'])) { $this->e400("POST requests cannot contain a key in '" . $this->body . "'"); } $fields = $this->getFieldsFromKeyXML($keyXML); } Zotero_DB::beginTransaction(); try { $keyObj = new Zotero_Key(); $keyObj->userID = $userID; foreach ($fields as $field => $val) { if ($field == 'access') { foreach ($val as $access) { $this->setKeyPermissions($keyObj, $access); } } else { $keyObj->{$field} = $val; } } $keyObj->save(); } catch (Exception $e) { if ($e->getCode() == Z_ERROR_KEY_NAME_TOO_LONG) { $this->e400($e->getMessage()); } $this->handleException($e); } if ($this->apiVersion >= 3) { header('application/json'); echo Zotero_Utilities::formatJSON($keyObj->toJSON()); } else { $this->responseXML = $keyObj->toXML(); } Zotero_DB::commit(); $url = Zotero_API::getKeyURI($keyObj); $this->responseCode = 201; header("Location: " . $url, false, 201); } else { if ($this->method == 'PUT') { if (!$key) { $this->e400("PUT requests must end with a key (did you mean POST?)"); } if ($this->apiVersion >= 3) { $json = json_decode($this->body, true); if (!$json) { $this->e400("{$this->method} data is not valid JSON"); } $fields = $this->getFieldsFromJSON($json); } else { try { $keyXML = @new SimpleXMLElement($this->body); } catch (Exception $e) { $this->e400("{$this->method} data is not valid XML"); } $fields = $this->getFieldsFromKeyXML($keyXML); } // Key attribute is optional, but, if it's there, make sure it matches if (isset($fields['key']) && $fields['key'] != $key) { $this->e400("Key '{$fields['key']}' does not match key '{$key}' from URI"); } Zotero_DB::beginTransaction(); try { $keyObj = Zotero_Keys::getByKey($key); if (!$keyObj) { $this->e404("Key '{$key}' does not exist"); } foreach ($fields as $field => $val) { if ($field == 'access') { foreach ($val as $access) { $this->setKeyPermissions($keyObj, $access); } } else { $keyObj->{$field} = $val; } } $keyObj->save(); } catch (Exception $e) { if ($e->getCode() == Z_ERROR_KEY_NAME_TOO_LONG) { $this->e400($e->getMessage()); } $this->handleException($e); } if ($this->apiVersion >= 3) { echo Zotero_Utilities::formatJSON($keyObj->toJSON()); } else { $this->responseXML = $keyObj->toXML(); } Zotero_DB::commit(); } } } } if ($this->apiVersion >= 3) { $this->end(); } else { header('Content-Type: application/xml'); $xmlstr = $this->responseXML->asXML(); $doc = new DOMDocument('1.0'); $doc->loadXML($xmlstr); $doc->formatOutput = true; echo $doc->saveXML(); exit; } }
public function searches() { if ($this->apiVersion < 2) { $this->e404(); } // Check for general library access if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } if ($this->isWriteMethod()) { // Check for library write access if (!$this->permissions->canWrite($this->objectLibraryID)) { $this->e403("Write access denied"); } // Make sure library hasn't been modified if (!$this->singleObject) { $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion(); } Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID); } $results = array(); // Single search if ($this->singleObject) { $this->allowMethods(['HEAD', 'GET', 'PUT', 'PATCH', 'DELETE']); $search = Zotero_Searches::getByLibraryAndKey($this->objectLibraryID, $this->objectKey); if ($this->isWriteMethod()) { $search = $this->handleObjectWrite('search', $search ? $search : null); $this->e204(); } if (!$search) { $this->e404("Search not found"); } $this->libraryVersion = $search->version; if ($this->method == 'HEAD') { $this->end(); } // Display search switch ($this->queryParams['format']) { case 'atom': $this->responseXML = $search->toAtom($this->queryParams); break; case 'json': $json = $search->toResponseJSON($this->queryParams, $this->permissions); echo Zotero_Utilities::formatJSON($json); break; default: throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'"); } } else { $this->allowMethods(['HEAD', 'GET', 'POST', 'DELETE']); $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); // Create a search if ($this->method == 'POST') { $this->queryParams['format'] = 'writereport'; $obj = $this->jsonDecode($this->body); $results = Zotero_Searches::updateMultipleFromJSON($obj, $this->objectLibraryID, $this->queryParams, $this->userID, $libraryTimestampChecked ? 0 : 1, null); if ($cacheKey = $this->getWriteTokenCacheKey()) { Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime); } } else { if ($this->method == 'DELETE') { Zotero_DB::beginTransaction(); foreach ($this->queryParams['searchKey'] as $searchKey) { Zotero_Searches::delete($this->objectLibraryID, $searchKey); } Zotero_DB::commit(); $this->e204(); } else { $title = "Searches"; $results = Zotero_Searches::search($this->objectLibraryID, $this->queryParams); } } $options = ['action' => $this->action, 'uri' => $this->uri, 'results' => $results, 'requestParams' => $this->queryParams, 'permissions' => $this->permissions, 'head' => $this->method == 'HEAD']; switch ($this->queryParams['format']) { case 'atom': $this->responseXML = Zotero_API::multiResponse(array_merge($options, ['title' => $this->getFeedNamePrefix($this->objectLibraryID) . $title])); break; case 'json': case 'keys': case 'versions': case 'writereport': Zotero_API::multiResponse($options); break; default: throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'"); } } $this->end(); }
public function items() { // Check for general library access if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } if ($this->isWriteMethod()) { // Check for library write access if (!$this->permissions->canWrite($this->objectLibraryID)) { $this->e403("Write access denied"); } // Make sure library hasn't been modified if (!$this->singleObject) { $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion(); } // We don't update the library version in file mode, because currently // to avoid conflicts in the client the timestamp can't change // when the client updates file metadata if (!$this->fileMode) { Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID); } } $itemIDs = array(); $itemKeys = array(); $results = array(); $title = ""; // // Single item // if ($this->singleObject) { if ($this->fileMode) { if ($this->fileView) { $this->allowMethods(array('HEAD', 'GET', 'POST')); } else { $this->allowMethods(array('HEAD', 'GET', 'PUT', 'POST', 'PATCH')); } } else { $this->allowMethods(array('HEAD', 'GET', 'PUT', 'PATCH', 'DELETE')); } if (!$this->objectLibraryID || !Zotero_ID::isValidKey($this->objectKey)) { $this->e404(); } $item = Zotero_Items::getByLibraryAndKey($this->objectLibraryID, $this->objectKey); if ($item) { // If no access to the note, don't show that it exists if ($item->isNote() && !$this->permissions->canAccess($this->objectLibraryID, 'notes')) { $this->e404(); } // Make sure URL libraryID matches item libraryID if ($this->objectLibraryID != $item->libraryID) { $this->e404("Item does not exist"); } // File access mode if ($this->fileMode) { $this->_handleFileRequest($item); } if ($this->scopeObject) { switch ($this->scopeObject) { // Remove item from collection case 'collections': $this->allowMethods(array('DELETE')); $collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->scopeObjectKey); if (!$collection) { $this->e404("Collection not found"); } if (!$collection->hasItem($item->id)) { $this->e404("Item not found in collection"); } $collection->removeItem($item->id); $this->e204(); default: $this->e400(); } } } else { // Possibly temporary workaround to block unnecessary full syncs if ($this->fileMode && $this->httpAuth && $this->method == 'POST') { // If > 2 requests for missing file, trigger a full sync via 404 $cacheKey = "apiMissingFile_" . $this->objectLibraryID . "_" . $this->objectKey; $set = Z_Core::$MC->get($cacheKey); if (!$set) { Z_Core::$MC->set($cacheKey, 1, 86400); } else { if ($set < 2) { Z_Core::$MC->increment($cacheKey); } else { Z_Core::$MC->delete($cacheKey); $this->e404("A file sync error occurred. Please sync again."); } } $this->e500("A file sync error occurred. Please sync again."); } } if ($this->isWriteMethod()) { $item = $this->handleObjectWrite('item', $item ? $item : null); if ($this->apiVersion < 2 && ($this->method == 'PUT' || $this->method == 'PATCH')) { $this->queryParams['format'] = 'atom'; $this->queryParams['content'] = ['json']; } } if (!$item) { $this->e404("Item does not exist"); } $this->libraryVersion = $item->version; if ($this->method == 'HEAD') { $this->end(); } // Display item switch ($this->queryParams['format']) { case 'atom': $this->responseXML = Zotero_Items::convertItemToAtom($item, $this->queryParams, $this->permissions); break; case 'bib': echo Zotero_Cite::getBibliographyFromCitationServer(array($item), $this->queryParams); break; case 'csljson': $json = Zotero_Cite::getJSONFromItems(array($item), true); echo Zotero_Utilities::formatJSON($json); break; case 'json': $json = $item->toResponseJSON($this->queryParams, $this->permissions); echo Zotero_Utilities::formatJSON($json); break; default: $export = Zotero_Translate::doExport(array($item), $this->queryParams['format']); $this->queryParams['format'] = null; header("Content-Type: " . $export['mimeType']); echo $export['body']; break; } } else { $this->allowMethods(array('HEAD', 'GET', 'POST', 'DELETE')); $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); $includeTrashed = $this->queryParams['includeTrashed']; if ($this->scopeObject) { $this->allowMethods(array('GET', 'POST')); switch ($this->scopeObject) { case 'collections': // TEMP if (Zotero_ID::isValidKey($this->scopeObjectKey)) { $collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->scopeObjectKey); } else { $collection = false; } if (!$collection) { // If old collectionID, redirect if ($this->method == 'GET' && Zotero_Utilities::isPosInt($this->scopeObjectKey)) { $collection = Zotero_Collections::get($this->objectLibraryID, $this->scopeObjectKey); if ($collection) { $qs = !empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : ''; $base = Zotero_API::getCollectionURI($collection); $this->redirect($base . "/items" . $qs, 301); } } $this->e404("Collection not found"); } // Add items to collection if ($this->method == 'POST') { $itemKeys = explode(' ', $this->body); $itemIDs = array(); foreach ($itemKeys as $key) { try { $item = Zotero_Items::getByLibraryAndKey($this->objectLibraryID, $key); } catch (Exception $e) { if ($e->getCode() == Z_ERROR_OBJECT_LIBRARY_MISMATCH) { $item = false; } else { throw $e; } } if (!$item) { throw new Exception("Item '{$key}' not found in library", Z_ERROR_INVALID_INPUT); } if ($item->getSource()) { throw new Exception("Child items cannot be added to collections directly", Z_ERROR_INVALID_INPUT); } $itemIDs[] = $item->id; } $collection->addItems($itemIDs); $this->e204(); } if ($this->subset == 'top' || $this->apiVersion < 2) { $title = "Top-Level Items in Collection ‘" . $collection->name . "’"; $itemIDs = $collection->getItems(); } else { $title = "Items in Collection ‘" . $collection->name . "’"; $itemIDs = $collection->getItems(true); } break; case 'tags': if ($this->apiVersion >= 2) { $this->e404(); } $this->allowMethods(array('GET')); $tagIDs = Zotero_Tags::getIDs($this->objectLibraryID, $this->scopeObjectName); if (!$tagIDs) { $this->e404("Tag not found"); } foreach ($tagIDs as $tagID) { $tag = new Zotero_Tag(); $tag->libraryID = $this->objectLibraryID; $tag->id = $tagID; // Use a real tag name, in case case differs if (!$title) { $title = "Items of Tag ‘" . $tag->name . "’"; } $itemKeys = array_merge($itemKeys, $tag->getLinkedItems(true)); } $itemKeys = array_unique($itemKeys); break; default: $this->e404(); } } else { // Top-level items if ($this->subset == 'top') { $this->allowMethods(array('GET')); $title = "Top-Level Items"; $results = Zotero_Items::search($this->objectLibraryID, true, $this->queryParams, $includeTrashed, $this->permissions); } else { if ($this->subset == 'trash') { $this->allowMethods(array('GET')); $title = "Deleted Items"; $this->queryParams['trashedItemsOnly'] = true; $includeTrashed = true; $results = Zotero_Items::search($this->objectLibraryID, false, $this->queryParams, $includeTrashed, $this->permissions); } else { if ($this->subset == 'children') { $item = Zotero_Items::getByLibraryAndKey($this->objectLibraryID, $this->objectKey); if (!$item) { $this->e404("Item not found"); } if ($item->isAttachment()) { $this->e400("/children cannot be called on attachment items"); } if ($item->isNote()) { $this->e400("/children cannot be called on note items"); } if ($item->getSource()) { $this->e400("/children cannot be called on child items"); } // Create new child items if ($this->method == 'POST') { if ($this->apiVersion >= 2) { $this->allowMethods(array('GET')); } Zotero_DB::beginTransaction(); $obj = $this->jsonDecode($this->body); $results = Zotero_Items::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, $item); Zotero_DB::commit(); if ($cacheKey = $this->getWriteTokenCacheKey()) { Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime); } $uri = Zotero_API::getItemsURI($this->objectLibraryID); $keys = array_merge(get_object_vars($results['success']), get_object_vars($results['unchanged'])); $queryString = "itemKey=" . urlencode(implode(",", $keys)) . "&format=atom&content=json&order=itemKeyList&sort=asc"; if ($this->apiKey) { $queryString .= "&key=" . $this->apiKey; } $uri .= "?" . $queryString; $this->queryParams = Zotero_API::parseQueryParams($queryString, $this->action, false); $this->responseCode = 201; $title = "Items"; $results = Zotero_Items::search($this->objectLibraryID, false, $this->queryParams, $includeTrashed, $this->permissions); } else { $title = "Child Items of ‘" . $item->getDisplayTitle() . "’"; $notes = $item->getNotes(); $attachments = $item->getAttachments(); $itemIDs = array_merge($notes, $attachments); } } else { // Create new items if ($this->method == 'POST') { $this->queryParams['format'] = 'writereport'; $obj = $this->jsonDecode($this->body); // Server-side translation if (isset($obj->url)) { if ($this->apiVersion == 1) { Zotero_DB::beginTransaction(); } $token = $this->getTranslationToken($obj); $results = Zotero_Items::addFromURL($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $token); if ($this->apiVersion == 1) { Zotero_DB::commit(); } // Multiple choices if ($results instanceof stdClass) { $this->queryParams['format'] = null; header("Content-Type: application/json"); if ($this->queryParams['v'] >= 2) { echo Zotero_Utilities::formatJSON(['url' => $obj->url, 'token' => $token, 'items' => $results->select]); } else { echo Zotero_Utilities::formatJSON($results->select); } $this->e300(); } else { if (is_int($results)) { switch ($results) { case 501: $this->e501("No translators found for URL"); break; default: $this->e500("Error translating URL"); } } else { if ($this->apiVersion == 1) { $uri = Zotero_API::getItemsURI($this->objectLibraryID); $keys = array_merge(get_object_vars($results['success']), get_object_vars($results['unchanged'])); $queryString = "itemKey=" . urlencode(implode(",", $keys)) . "&format=atom&content=json&order=itemKeyList&sort=asc"; if ($this->apiKey) { $queryString .= "&key=" . $this->apiKey; } $uri .= "?" . $queryString; $this->queryParams = Zotero_API::parseQueryParams($queryString, $this->action, false); $this->responseCode = 201; $title = "Items"; $results = Zotero_Items::search($this->objectLibraryID, false, $this->queryParams, $includeTrashed, $this->permissions); } } } // Otherwise return write status report } else { if ($this->apiVersion < 2) { Zotero_DB::beginTransaction(); } $results = Zotero_Items::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null); if ($this->apiVersion < 2) { Zotero_DB::commit(); $uri = Zotero_API::getItemsURI($this->objectLibraryID); $keys = array_merge(get_object_vars($results['success']), get_object_vars($results['unchanged'])); $queryString = "itemKey=" . urlencode(implode(",", $keys)) . "&format=atom&content=json&order=itemKeyList&sort=asc"; if ($this->apiKey) { $queryString .= "&key=" . $this->apiKey; } $uri .= "?" . $queryString; $this->queryParams = Zotero_API::parseQueryParams($queryString, $this->action, false); $this->responseCode = 201; $title = "Items"; $results = Zotero_Items::search($this->objectLibraryID, false, $this->queryParams, $includeTrashed, $this->permissions); } } if ($cacheKey = $this->getWriteTokenCacheKey()) { Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime); } } else { if ($this->method == 'DELETE') { Zotero_DB::beginTransaction(); foreach ($this->queryParams['itemKey'] as $itemKey) { Zotero_Items::delete($this->objectLibraryID, $itemKey); } Zotero_DB::commit(); $this->e204(); } else { $title = "Items"; $results = Zotero_Items::search($this->objectLibraryID, false, $this->queryParams, $includeTrashed, $this->permissions); } } } } } } if ($itemIDs || $itemKeys) { if ($itemIDs) { $this->queryParams['itemIDs'] = $itemIDs; } if ($itemKeys) { $this->queryParams['itemKey'] = $itemKeys; } $results = Zotero_Items::search($this->objectLibraryID, false, $this->queryParams, $includeTrashed, $this->permissions); } if ($this->queryParams['format'] == 'bib') { $maxBibItems = Zotero_API::MAX_BIBLIOGRAPHY_ITEMS; if ($results['total'] > $maxBibItems) { $this->e413("Cannot generate bibliography with more than {$maxBibItems} items"); } } $this->generateMultiResponse($results, $title); } $this->end(); }
/** * Converts a Zotero_Item object to a SimpleXMLElement Atom object * * @param object $item Zotero_Item object * @param string $content * @return SimpleXMLElement Item data as SimpleXML element */ public static function convertItemToAtom(Zotero_Item $item, $queryParams, $apiVersion = null, $permissions = null, $sharedData = null) { $content = $queryParams['content']; $contentIsHTML = sizeOf($content) == 1 && $content[0] == 'html'; $contentParamString = urlencode(implode(',', $content)); $style = $queryParams['style']; $entry = '<entry xmlns="' . Zotero_Atom::$nsAtom . '" xmlns:zapi="' . Zotero_Atom::$nsZoteroAPI . '"/>'; $xml = new SimpleXMLElement($entry); $title = $item->getDisplayTitle(true); $title = $title ? $title : '[Untitled]'; $xml->title = $title; $author = $xml->addChild('author'); $createdByUserID = null; switch (Zotero_Libraries::getType($item->libraryID)) { case 'group': $createdByUserID = $item->createdByUserID; break; } if ($createdByUserID) { $author->name = Zotero_Users::getUsername($createdByUserID); $author->uri = Zotero_URI::getUserURI($createdByUserID); } else { $author->name = Zotero_Libraries::getName($item->libraryID); $author->uri = Zotero_URI::getLibraryURI($item->libraryID); } $id = Zotero_URI::getItemURI($item); /*if (!$contentIsHTML) { $id .= "?content=$content"; }*/ $xml->id = $id; $xml->published = Zotero_Date::sqlToISO8601($item->getField('dateAdded')); $xml->updated = Zotero_Date::sqlToISO8601($item->getField('dateModified')); $link = $xml->addChild("link"); $link['rel'] = "self"; $link['type'] = "application/atom+xml"; $href = Zotero_Atom::getItemURI($item); if (!$contentIsHTML) { $href .= "?content={$contentParamString}"; } $link['href'] = $href; $parent = $item->getSource(); if ($parent) { // TODO: handle group items? $parentItem = Zotero_Items::get($item->libraryID, $parent); $link = $xml->addChild("link"); $link['rel'] = "up"; $link['type'] = "application/atom+xml"; $href = Zotero_Atom::getItemURI($parentItem); if (!$contentIsHTML) { $href .= "?content={$contentParamString}"; } $link['href'] = $href; } $link = $xml->addChild('link'); $link['rel'] = 'alternate'; $link['type'] = 'text/html'; $link['href'] = Zotero_URI::getItemURI($item); // If appropriate permissions and the file is stored in ZFS, get file request link if ($permissions && $permissions->canAccess($item->libraryID, 'files')) { $details = Zotero_S3::getDownloadDetails($item); if ($details) { $link = $xml->addChild('link'); $link['rel'] = 'enclosure'; $type = $item->attachmentMIMEType; if ($type) { $link['type'] = $type; } $link['href'] = $details['url']; if (!empty($details['filename'])) { $link['title'] = $details['filename']; } if (!empty($details['size'])) { $link['length'] = $details['size']; } } } $xml->addChild('zapi:key', $item->key, Zotero_Atom::$nsZoteroAPI); $xml->addChild('zapi:itemType', Zotero_ItemTypes::getName($item->itemTypeID), Zotero_Atom::$nsZoteroAPI); if ($item->isRegularItem()) { $val = $item->creatorSummary; if ($val !== '') { $xml->addChild('zapi:creatorSummary', htmlspecialchars($val), Zotero_Atom::$nsZoteroAPI); } $val = substr($item->getField('date', true, true, true), 0, 4); if ($val !== '' && $val !== '0000') { $xml->addChild('zapi:year', $val, Zotero_Atom::$nsZoteroAPI); } } if (!$parent && $item->isRegularItem()) { if ($permissions && !$permissions->canAccess($item->libraryID, 'notes')) { $numChildren = $item->numAttachments(); } else { $numChildren = $item->numChildren(); } $xml->addChild('zapi:numChildren', $numChildren, Zotero_Atom::$nsZoteroAPI); } $xml->addChild('zapi:numTags', $item->numTags(), Zotero_Atom::$nsZoteroAPI); $xml->content = ''; // // DOM XML from here on out // $contentNode = dom_import_simplexml($xml->content); $domDoc = $contentNode->ownerDocument; $multiFormat = sizeOf($content) > 1; // Create a root XML document for multi-format responses if ($multiFormat) { $contentNode->setAttribute('type', 'application/xml'); /*$multicontent = $domDoc->createElementNS( Zotero_Atom::$nsZoteroAPI, 'multicontent' ); $contentNode->appendChild($multicontent);*/ } foreach ($content as $type) { // Set the target to either the main <content> // or a <multicontent> <content> if (!$multiFormat) { $target = $contentNode; } else { $target = $domDoc->createElementNS(Zotero_Atom::$nsZoteroAPI, 'subcontent'); $contentNode->appendChild($target); } $target->setAttributeNS(Zotero_Atom::$nsZoteroAPI, "zapi:type", $type); if ($type == 'html') { if (!$multiFormat) { $target->setAttribute('type', 'xhtml'); } $div = $domDoc->createElement('div'); $div->setAttribute('xmlns', Zotero_Atom::$nsXHTML); $target->appendChild($div); $html = $item->toHTML(true); $subNode = dom_import_simplexml($html); $importedNode = $domDoc->importNode($subNode, true); $div->appendChild($importedNode); } else { if ($type == 'citation') { if (!$multiFormat) { $target->setAttribute('type', 'xhtml'); } if (isset($sharedData[$type][$item->libraryID . "/" . $item->key])) { $html = $sharedData[$type][$item->libraryID . "/" . $item->key]; } else { if ($sharedData !== null) { error_log("Citation not found in sharedData -- retrieving individually"); } $html = Zotero_Cite::getCitationFromCiteServer($item, $style); } $html = new SimpleXMLElement($html); $html['xmlns'] = Zotero_Atom::$nsXHTML; $subNode = dom_import_simplexml($html); $importedNode = $domDoc->importNode($subNode, true); $target->appendChild($importedNode); } else { if ($type == 'bib') { if (!$multiFormat) { $target->setAttribute('type', 'xhtml'); } if (isset($sharedData[$type][$item->libraryID . "/" . $item->key])) { $html = $sharedData[$type][$item->libraryID . "/" . $item->key]; } else { if ($sharedData !== null) { error_log("Bibliography not found in sharedData -- retrieving individually"); } $html = Zotero_Cite::getBibliographyFromCitationServer(array($item), $style); } $html = new SimpleXMLElement($html); $html['xmlns'] = Zotero_Atom::$nsXHTML; $subNode = dom_import_simplexml($html); $importedNode = $domDoc->importNode($subNode, true); $target->appendChild($importedNode); } else { if ($type == 'json') { $target->setAttributeNS(Zotero_Atom::$nsZoteroAPI, "zapi:etag", $item->etag); $textNode = $domDoc->createTextNode($item->toJSON(false, $queryParams['pprint'], true)); $target->appendChild($textNode); } else { if ($type == 'csljson') { $arr = $item->toCSLItem(); $mask = JSON_HEX_TAG | JSON_HEX_AMP; if ($queryParams['pprint']) { $json = Zotero_Utilities::json_encode_pretty($arr, $mask); } else { $json = json_encode($arr, $mask); } // Until JSON_UNESCAPED_SLASHES is available $json = str_replace('\\/', '/', $json); $textNode = $domDoc->createTextNode($json); $target->appendChild($textNode); } else { if ($type == 'full') { if (!$multiFormat) { $target->setAttribute('type', 'xhtml'); } $fullXML = Zotero_Items::convertItemToXML($item, array(), $apiVersion); $fullXML->addAttribute("xmlns", Zotero_Atom::$nsZoteroTransfer); $subNode = dom_import_simplexml($fullXML); $importedNode = $domDoc->importNode($subNode, true); $target->appendChild($importedNode); } else { if (in_array($type, Zotero_Translate::$exportFormats)) { $export = Zotero_Translate::doExport(array($item), $type); $target->setAttribute('type', $export['mimeType']); // Insert XML into document if (preg_match('/\\+xml$/', $export['mimeType'])) { // Strip prolog $body = preg_replace('/^<\\?xml.+\\n/', "", $export['body']); $subNode = $domDoc->createDocumentFragment(); $subNode->appendXML($body); $target->appendChild($subNode); } else { $textNode = $domDoc->createTextNode($export['body']); $target->appendChild($textNode); } } } } } } } } } return $xml; }
public function settings() { if ($this->apiVersion < 2) { $this->e404(); } // Check for general library access if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } if ($this->isWriteMethod()) { Zotero_DB::beginTransaction(); // Check for library write access if (!$this->permissions->canWrite($this->objectLibraryID)) { $this->e403("Write access denied"); } // Make sure library hasn't been modified if (!$this->singleObject) { $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion(); } Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID); } // Single setting if ($this->singleObject) { $this->allowMethods(array('GET', 'PUT', 'DELETE')); $setting = Zotero_Settings::getByLibraryAndKey($this->objectLibraryID, $this->objectKey); if (!$setting) { if ($this->method == 'PUT') { $setting = new Zotero_Setting(); $setting->libraryID = $this->objectLibraryID; $setting->name = $this->objectKey; } else { $this->e404("Setting not found"); } } if ($this->isWriteMethod()) { if ($this->method == 'PUT') { $json = $this->jsonDecode($this->body); $objectVersionValidated = $this->checkSingleObjectWriteVersion('setting', $setting, $json); } $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); // Update setting if ($this->method == 'PUT') { $changed = Zotero_Settings::updateFromJSON($setting, $json, $this->queryParams, $this->userID, $objectVersionValidated ? 0 : 2); // If not updated, return the original library version if (!$changed) { $this->libraryVersion = Zotero_Libraries::getOriginalVersion($this->objectLibraryID); Zotero_DB::rollback(); $this->e204(); } } else { if ($this->method == 'DELETE') { Zotero_Settings::delete($this->objectLibraryID, $this->objectKey); } else { throw new Exception("Unexpected method {$this->method}"); } } Zotero_DB::commit(); $this->e204(); } else { $this->libraryVersion = $setting->version; $json = $setting->toJSON(true, $this->queryParams); echo Zotero_Utilities::formatJSON($json); } } else { $this->allowMethods(array('GET', 'POST')); $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); // Create a setting if ($this->method == 'POST') { $obj = $this->jsonDecode($this->body); $changed = Zotero_Settings::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null); // If not updated, return the original library version if (!$changed) { $this->libraryVersion = Zotero_Libraries::getOriginalVersion($this->objectLibraryID); } Zotero_DB::commit(); $this->e204(); } else { $settings = Zotero_Settings::search($this->objectLibraryID, $this->queryParams); $json = new stdClass(); foreach ($settings as $setting) { $json->{$setting->name} = $setting->toJSON(true, $this->queryParams); } echo Zotero_Utilities::formatJSON($json); } } $this->end(); }
/** * Converts a Zotero_Collection object to a SimpleXMLElement Atom object * * @param Zotero_Collection $collection Zotero_Collection object * @param array $requestParams * @return SimpleXMLElement Collection data as SimpleXML element */ public static function convertCollectionToAtom(Zotero_Collection $collection, $requestParams) { // TEMP: multi-format support if (!empty($requestParams['content'])) { $content = $requestParams['content']; } else { $content = array('none'); } $content = $content[0]; $xml = new SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?>' . '<entry xmlns="' . Zotero_Atom::$nsAtom . '" xmlns:zapi="' . Zotero_Atom::$nsZoteroAPI . '"/>'); $title = $collection->name ? $collection->name : '[Untitled]'; $xml->title = $title; $author = $xml->addChild('author'); // TODO: group item creator $author->name = Zotero_Libraries::getName($collection->libraryID); $author->uri = Zotero_URI::getLibraryURI($collection->libraryID, true); $xml->id = Zotero_URI::getCollectionURI($collection); $xml->published = Zotero_Date::sqlToISO8601($collection->dateAdded); $xml->updated = Zotero_Date::sqlToISO8601($collection->dateModified); $link = $xml->addChild("link"); $link['rel'] = "self"; $link['type'] = "application/atom+xml"; $link['href'] = Zotero_API::getCollectionURI($collection); $parent = $collection->parent; if ($parent) { $parentCol = self::get($collection->libraryID, $parent); $link = $xml->addChild("link"); $link['rel'] = "up"; $link['type'] = "application/atom+xml"; $link['href'] = Zotero_API::getCollectionURI($parentCol); } $link = $xml->addChild('link'); $link['rel'] = 'alternate'; $link['type'] = 'text/html'; $link['href'] = Zotero_URI::getCollectionURI($collection, true); $xml->addChild('zapi:key', $collection->key, Zotero_Atom::$nsZoteroAPI); $xml->addChild('zapi:version', $collection->version, Zotero_Atom::$nsZoteroAPI); $collections = $collection->getChildCollections(); $xml->addChild('zapi:numCollections', sizeOf($collections), Zotero_Atom::$nsZoteroAPI); $xml->addChild('zapi:numItems', $collection->numItems(), Zotero_Atom::$nsZoteroAPI); if ($content == 'json') { $xml->content['type'] = 'application/json'; // Deprecated if ($requestParams['v'] < 2) { $xml->content->addAttribute('zapi:etag', $collection->etag, Zotero_Atom::$nsZoteroAPI); $xml->content['etag'] = $collection->etag; } $xml->content = Zotero_Utilities::formatJSON($collection->toJSON($requestParams)); } return $xml; }
private function checkValue($field, $value) { if (!property_exists($this, $field)) { trigger_error("Invalid property '{$field}'", E_USER_ERROR); } // Data validation switch ($field) { case 'id': case 'libraryID': if (!Zotero_Utilities::isPosInt($value)) { $this->invalidValueError($field, $value); } break; case 'key': // 'I' used to exist in client if (!preg_match('/^[23456789ABCDEFGHIJKLMNPQRSTUVWXYZ]{8}$/', $value)) { $this->invalidValueError($field, $value); } break; case 'dateAdded': case 'dateModified': if (!preg_match("/^[0-9]{4}\\-[0-9]{2}\\-[0-9]{2} ([0-1][0-9]|[2][0-3]):([0-5][0-9]):([0-5][0-9])\$/", $value)) { $this->invalidValueError($field, $value); } break; case 'name': if (mb_strlen($value) > Zotero_Tags::$maxLength) { throw new Exception("Tag '" . $value . "' too long", Z_ERROR_TAG_TOO_LONG); } break; } }
public function collections() { // Check for general library access if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } if ($this->isWriteMethod()) { // Check for library write access if (!$this->permissions->canWrite($this->objectLibraryID)) { $this->e403("Write access denied"); } // Make sure library hasn't been modified if (!$this->singleObject) { $libraryTimestampChecked = $this->checkLibraryIfUnmodifiedSinceVersion(); } Zotero_Libraries::updateVersionAndTimestamp($this->objectLibraryID); } $collectionIDs = array(); $collectionKeys = array(); $results = array(); // Single collection if ($this->singleObject) { $this->allowMethods(['HEAD', 'GET', 'PUT', 'PATCH', 'DELETE']); if (!Zotero_ID::isValidKey($this->objectKey)) { $this->e404(); } $collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->objectKey); if ($this->isWriteMethod()) { $collection = $this->handleObjectWrite('collection', $collection ? $collection : null); $this->queryParams['content'] = ['json']; } if (!$collection) { $this->e404("Collection not found"); } $this->libraryVersion = $collection->version; if ($this->method == 'HEAD') { $this->end(); } switch ($this->queryParams['format']) { case 'atom': $this->responseXML = Zotero_Collections::convertCollectionToAtom($collection, $this->queryParams); break; case 'json': $json = $collection->toResponseJSON($this->queryParams, $this->permissions); echo Zotero_Utilities::formatJSON($json); break; default: throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'"); } } else { $this->allowMethods(['HEAD', 'GET', 'POST', 'DELETE']); $this->libraryVersion = Zotero_Libraries::getUpdatedVersion($this->objectLibraryID); if ($this->scopeObject) { $this->allowMethods(array('GET')); switch ($this->scopeObject) { case 'collections': $collection = Zotero_Collections::getByLibraryAndKey($this->objectLibraryID, $this->scopeObjectKey); if (!$collection) { $this->e404("Collection not found"); } $title = "Child Collections of ‘{$collection->name}'’"; $collectionIDs = $collection->getChildCollections(); break; default: throw new Exception("Invalid collections scope object '{$this->scopeObject}'"); } } else { // Top-level items if ($this->subset == 'top') { $this->allowMethods(array('GET')); $title = "Top-Level Collections"; $results = Zotero_Collections::search($this->objectLibraryID, true, $this->queryParams); } else { // Create a collection if ($this->method == 'POST') { $this->queryParams['format'] = 'writereport'; $obj = $this->jsonDecode($this->body); $results = Zotero_Collections::updateMultipleFromJSON($obj, $this->queryParams, $this->objectLibraryID, $this->userID, $this->permissions, $libraryTimestampChecked ? 0 : 1, null); if ($cacheKey = $this->getWriteTokenCacheKey()) { Z_Core::$MC->set($cacheKey, true, $this->writeTokenCacheTime); } if ($this->apiVersion < 2) { $uri = Zotero_API::getCollectionsURI($this->objectLibraryID); $keys = array_merge(get_object_vars($results['success']), get_object_vars($results['unchanged'])); $queryString = "collectionKey=" . urlencode(implode(",", $keys)) . "&format=atom&content=json&order=collectionKeyList&sort=asc"; if ($this->apiKey) { $queryString .= "&key=" . $this->apiKey; } $uri .= "?" . $queryString; $this->queryParams = Zotero_API::parseQueryParams($queryString, $this->action, true, $this->apiVersion); $title = "Collections"; $results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams); } } else { if ($this->method == 'DELETE') { Zotero_DB::beginTransaction(); foreach ($this->queryParams['collectionKey'] as $collectionKey) { Zotero_Collections::delete($this->objectLibraryID, $collectionKey); } Zotero_DB::commit(); $this->e204(); } else { $title = "Collections"; $results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams); } } } } if ($collectionIDs) { $this->queryParams['collectionIDs'] = $collectionIDs; $results = Zotero_Collections::search($this->objectLibraryID, false, $this->queryParams); } $options = ['action' => $this->action, 'uri' => $this->uri, 'results' => $results, 'requestParams' => $this->queryParams, 'permissions' => $this->permissions, 'head' => $this->method == 'HEAD']; switch ($this->queryParams['format']) { case 'atom': $this->responseXML = Zotero_API::multiResponse(array_merge($options, ['title' => $this->getFeedNamePrefix($this->objectLibraryID) . $title])); break; case 'json': case 'keys': case 'versions': case 'writereport': Zotero_API::multiResponse($options); break; default: throw new Exception("Unexpected format '" . $this->queryParams['format'] . "'"); } } $this->end(); }
/** * Converts a Zotero_Creator object to a DOMElement * * @param object $item Zotero_Creator object * @return DOMElement Creator data as DOMElement element */ public static function convertCreatorToXML(Zotero_Creator $creator, DOMDocument $doc) { $xmlCreator = $doc->createElement('creator'); $xmlCreator->setAttributeNode(new DOMAttr('libraryID', $creator->libraryID)); $xmlCreator->setAttributeNode(new DOMAttr('key', $creator->key)); $xmlCreator->setAttributeNode(new DOMAttr('dateAdded', $creator->dateAdded)); $xmlCreator->setAttributeNode(new DOMAttr('dateModified', $creator->dateModified)); if ($creator->fieldMode == 1) { $lastName = htmlspecialchars($creator->lastName); if (Zotero_Utilities::unicodeTrim($lastName) === "") { error_log("Empty name for creator " . $creator->libraryID . "/" . $creator->key); $lastName = json_decode('"\\uFFFD"'); } $xmlCreator->appendChild(new DOMElement('name', $lastName)); $xmlCreator->appendChild(new DOMElement('fieldMode', 1)); } else { $firstName = htmlspecialchars($creator->firstName); $lastName = htmlspecialchars($creator->lastName); if (Zotero_Utilities::unicodeTrim($firstName) === "" && Zotero_Utilities::unicodeTrim($lastName) === "") { error_log("Empty first or last name for creator " . $creator->libraryID . "/" . $creator->key); $firstName = json_decode('"\\uFFFD"'); $lastName = json_decode('"\\uFFFD"'); } $xmlCreator->appendChild(new DOMElement('firstName', $firstName)); $xmlCreator->appendChild(new DOMElement('lastName', $lastName)); } if ($creator->birthYear) { $xmlCreator->appendChild(new DOMElement('birthYear', $creator->birthYear)); } return $xmlCreator; }
public static function updateFromJSON(Zotero_Item $item, $json, Zotero_Item $parentItem = null, $requestParams, $userID, $requireVersion = 0, $partialUpdate = false) { $json = Zotero_API::extractEditableJSON($json); $exists = Zotero_API::processJSONObjectKey($item, $json, $requestParams); // computerProgram used 'version' instead of 'versionNumber' before v3 if ($requestParams['v'] < 3 && isset($json->version)) { $json->versionNumber = $json->version; unset($json->version); } Zotero_API::checkJSONObjectVersion($item, $json, $requestParams, $requireVersion); self::validateJSONItem($json, $item->libraryID, $exists ? $item : null, $parentItem || ($exists ? !!$item->getSourceKey() : false), $requestParams, $partialUpdate && $exists); $changed = false; $twoStage = false; if (!Zotero_DB::transactionInProgress()) { Zotero_DB::beginTransaction(); $transactionStarted = true; } else { $transactionStarted = false; } // Set itemType first if (isset($json->itemType)) { $item->setField("itemTypeID", Zotero_ItemTypes::getID($json->itemType)); } $changedDateModified = false; foreach ($json as $key => $val) { switch ($key) { case 'key': case 'version': case 'itemKey': case 'itemVersion': case 'itemType': case 'deleted': continue; case 'parentItem': $item->setSourceKey($val); break; case 'creators': if (!$val && !$item->numCreators()) { continue 2; } $orderIndex = -1; foreach ($val as $newCreatorData) { // JSON uses 'name' and 'firstName'/'lastName', // so switch to just 'firstName'/'lastName' if (isset($newCreatorData->name)) { $newCreatorData->firstName = ''; $newCreatorData->lastName = $newCreatorData->name; unset($newCreatorData->name); $newCreatorData->fieldMode = 1; } else { $newCreatorData->fieldMode = 0; } // Skip empty creators if (Zotero_Utilities::unicodeTrim($newCreatorData->firstName) === "" && Zotero_Utilities::unicodeTrim($newCreatorData->lastName) === "") { break; } $orderIndex++; $newCreatorTypeID = Zotero_CreatorTypes::getID($newCreatorData->creatorType); // Same creator in this position $existingCreator = $item->getCreator($orderIndex); if ($existingCreator && $existingCreator['ref']->equals($newCreatorData)) { // Just change the creatorTypeID if ($existingCreator['creatorTypeID'] != $newCreatorTypeID) { $item->setCreator($orderIndex, $existingCreator['ref'], $newCreatorTypeID); } continue; } // Same creator in a different position, so use that $existingCreators = $item->getCreators(); for ($i = 0, $len = sizeOf($existingCreators); $i < $len; $i++) { if ($existingCreators[$i]['ref']->equals($newCreatorData)) { $item->setCreator($orderIndex, $existingCreators[$i]['ref'], $newCreatorTypeID); continue; } } // Make a fake creator to use for the data lookup $newCreator = new Zotero_Creator(); $newCreator->libraryID = $item->libraryID; foreach ($newCreatorData as $key => $val) { if ($key == 'creatorType') { continue; } $newCreator->{$key} = $val; } // Look for an equivalent creator in this library $candidates = Zotero_Creators::getCreatorsWithData($item->libraryID, $newCreator, true); if ($candidates) { $c = Zotero_Creators::get($item->libraryID, $candidates[0]); $item->setCreator($orderIndex, $c, $newCreatorTypeID); continue; } // None found, so make a new one $creatorID = $newCreator->save(); $newCreator = Zotero_Creators::get($item->libraryID, $creatorID); $item->setCreator($orderIndex, $newCreator, $newCreatorTypeID); } // Remove all existing creators above the current index if ($exists && ($indexes = array_keys($item->getCreators()))) { $i = max($indexes); while ($i > $orderIndex) { $item->removeCreator($i); $i--; } } break; case 'tags': $item->setTags($val); break; case 'collections': $item->setCollections($val); break; case 'relations': $item->setRelations($val); break; case 'attachments': case 'notes': if (!$val) { continue; } $twoStage = true; break; case 'note': $item->setNote($val); break; // Attachment properties // Attachment properties case 'linkMode': $item->attachmentLinkMode = Zotero_Attachments::linkModeNameToNumber($val, true); break; case 'contentType': case 'charset': case 'filename': $k = "attachment" . ucwords($key); $item->{$k} = $val; break; case 'md5': $item->attachmentStorageHash = $val; break; case 'mtime': $item->attachmentStorageModTime = $val; break; case 'dateModified': $changedDateModified = $item->setField($key, $val); break; default: $item->setField($key, $val); break; } } if ($parentItem) { $item->setSource($parentItem->id); } else { if ($requestParams['v'] >= 2 && !$partialUpdate && $item->getSourceKey() && !isset($json->parentItem)) { $item->setSourceKey(false); } } $item->deleted = !empty($json->deleted); // If item has changed, update it with the current timestamp if ($item->hasChanged() && !$changedDateModified) { $item->dateModified = Zotero_DB::getTransactionTimestamp(); } $changed = $item->save($userID) || $changed; // Additional steps that have to be performed on a saved object if ($twoStage) { foreach ($json as $key => $val) { switch ($key) { case 'attachments': if (!$val) { continue; } foreach ($val as $attachmentJSON) { $childItem = new Zotero_Item(); $childItem->libraryID = $item->libraryID; self::updateFromJSON($childItem, $attachmentJSON, $item, $requestParams, $userID); } break; case 'notes': if (!$val) { continue; } $noteItemTypeID = Zotero_ItemTypes::getID("note"); foreach ($val as $note) { $childItem = new Zotero_Item(); $childItem->libraryID = $item->libraryID; $childItem->itemTypeID = $noteItemTypeID; $childItem->setSource($item->id); $childItem->setNote($note->note); $childItem->save(); } break; } } } if ($transactionStarted) { Zotero_DB::commit(); } return $changed; }
private function checkValue($field, $value) { if (!property_exists($this, '_' . $field)) { trigger_error("Invalid property '{$field}'", E_USER_ERROR); } // Data validation switch ($field) { case 'id': case 'libraryID': if (!Zotero_Utilities::isPosInt($value)) { $this->invalidValueError($field, $value); } break; case 'key': if (!Zotero_ID::isValidKey($value)) { $this->invalidValueError($field, $value); } break; case 'dateAdded': case 'dateModified': if (!preg_match("/^[0-9]{4}\\-[0-9]{2}\\-[0-9]{2} ([0-1][0-9]|[2][0-3]):([0-5][0-9]):([0-5][0-9])\$/", $value)) { $this->invalidValueError($field, $value); } break; case 'name': if (mb_strlen($value) > Zotero_Collections::$maxLength) { throw new Exception("Collection '" . $value . "' too long", Z_ERROR_COLLECTION_TOO_LONG); } break; } }
public static function getKey() { return Zotero_Utilities::randomString(8, 'key', true); }
/** * @param object $object Zotero object (Zotero_Item, Zotero_Collection, Zotero_Search, Zotero_Setting) * @param object $json JSON object to check * @param array $requestParams * @param int $requireVersion If 0, don't require; if 1, require if there's * an object key property in the JSON; if 2, * always require */ public static function checkJSONObjectVersion($object, $json, $requestParams, $requireVersion) { $objectType = Zotero_Utilities::getObjectTypeFromObject($object); if (!in_array($objectType, array('item', 'collection', 'search', 'setting'))) { throw new Exception("Invalid object type"); } $oldKeyProp = $objectType . "Key"; $oldVersionProp = $objectType == 'setting' ? 'version' : $objectType . "Version"; $newKeyProp = 'key'; $newVersionProp = 'version'; if ($requestParams['v'] >= 3) { $keyProp = $newKeyProp; $versionProp = $newVersionProp; // Disallow old properties if (isset($json->{$oldKeyProp})) { throw new Exception("'{$oldKeyProp}' property is now '" . $newKeyProp . "'", Z_ERROR_INVALID_INPUT); } else { if (isset($json->{$oldVersionProp}) && $oldVersionProp != $newVersionProp) { throw new Exception("'{$oldVersionProp}' property is now '" . $newVersionProp . "'", Z_ERROR_INVALID_INPUT); } } } else { $keyProp = $oldKeyProp; $versionProp = $oldVersionProp; // Disallow new properties if (isset($json->{$newKeyProp})) { throw new Exception("Invalid property '{$newKeyProp}'", Z_ERROR_INVALID_INPUT); } else { if (isset($json->{$newVersionProp}) && $oldVersionProp != $newVersionProp) { throw new Exception("Invalid property '{$newVersionProp}'", Z_ERROR_INVALID_INPUT); } } } if (isset($json->{$versionProp})) { if ($requestParams['v'] < 2) { throw new Exception("Invalid property '{$versionProp}'", Z_ERROR_INVALID_INPUT); } if (!is_numeric($json->{$versionProp})) { throw new Exception("'{$versionProp}' must be an integer", Z_ERROR_INVALID_INPUT); } if (!isset($json->{$keyProp}) && $objectType != 'setting' && !$object->key) { throw new Exception("'{$versionProp}' is valid only if {$objectType} key is provided", Z_ERROR_INVALID_INPUT); } $originalVersion = Zotero_Libraries::getOriginalVersion($object->libraryID); $updatedVersion = Zotero_Libraries::getUpdatedVersion($object->libraryID); // Make sure the object hasn't been modified since the specified version if ($object->version > $json->{$versionProp}) { // Unless it was modified in this request if ($updatedVersion != $originalVersion && $object->version == $updatedVersion) { return; } throw new HTTPException(ucwords($objectType) . " has been modified since specified version " . "(expected {$json->{$versionProp}}, found {$object->version})", 412); } else { if ($json->{$versionProp} > 0 && !$object->version) { throw new HTTPException(ucwords($objectType) . " doesn't exist (expected version {$json->{$versionProp}}; use 0 instead)", 404); } } } else { if ($requireVersion == 1 && isset($json->{$keyProp})) { if ($objectType == 'setting') { throw new HTTPException("Either If-Unmodified-Since-Version or " . "'{$versionProp}' property must be provided", 428); } else { throw new HTTPException("Either If-Unmodified-Since-Version or " . "'{$versionProp}' property must be provided for " . "'{$keyProp}'-based writes", 428); } } else { if ($requireVersion == 2) { throw new HTTPException("Either If-Unmodified-Since-Version or " . "'{$versionProp}' property must be provided for " . "single-{$objectType} writes", 428); } } } }
private function checkProperty($prop, $val) { if (!property_exists($this, $prop)) { throw new Exception("Invalid property '{$prop}'"); } // Data validation switch ($prop) { case 'libraryID': if (!Zotero_Utilities::isPosInt($val)) { throw new Exception("Invalid '{$prop}' value '{$value}'"); } break; case 'name': switch ($val) { case 'tagColors': break; default: throw new Exception("Invalid setting '{$val}'", Z_ERROR_INVALID_INPUT); } break; case 'value': Zotero_Settings::checkSettingValue($this->name, $val); break; } }