예제 #1
0
파일: show.php 프로젝트: Olari0/Finugriling
         // escape any meta characters
         // replace any whitespace characters with "|":
         $citeKey = preg_replace("/\\s+/", "|", $citeKey);
         // strip "|" from beginning/end of string (if any):
         $citeKey = preg_replace("/^\\|?(.+?)\\|?\$/", "\\1", $citeKey);
         $query .= " cite_key RLIKE " . quote_smart("^(" . $citeKey . ")\$");
     } else {
         // $recordConditionalSelector == "contains"
         $query .= " cite_key RLIKE " . quote_smart($citeKey);
     }
 }
 // call_number:
 if (!empty($callNumber)) {
     $query .= connectConditionals();
     // since 'show.php' will only allow a user to query his own call numbers we need to build a complete call number prefix (e.g. 'IPÖ @ msteffens') that's appropriate for this user:
     $callNumberPrefix = getCallNumberPrefix();
     // function 'getCallNumberPrefix()' is defined in 'include.inc.php'
     if ($recordConditionalSelector == "is equal to") {
         $query .= " call_number RLIKE " . quote_smart("(^|.*;) *" . $callNumberPrefix . " @ " . $callNumber . " *(;.*|\$)");
     } elseif ($recordConditionalSelector == "is within list") {
         $callNumber = preg_quote($callNumber, "");
         // escape any meta characters
         // replace any whitespace characters with "|":
         $callNumber = preg_replace("/\\s+/", "|", $callNumber);
         // strip "|" from beginning/end of string (if any):
         $callNumber = preg_replace("/^\\|?(.+?)\\|?\$/", "\\1", $callNumber);
         $query .= " call_number RLIKE " . quote_smart("(^|.*;) *" . $callNumberPrefix . " @ (" . $callNumber . ") *(;.*|\$)");
     } else {
         // $recordConditionalSelector == "contains"
         $query .= " call_number RLIKE " . quote_smart($callNumberPrefix . " @ [^@;]*" . $callNumber . "[^@;]*");
     }
예제 #2
0
function addRecords($importDataArray)
{
    global $loginUserID;
    global $tableRefs, $tableUserData;
    // defined in 'db.inc.php'
    global $connection;
    connectToMySQLDatabase();
    $recognizedArrayFormatsAndVersions = array('refbase' => array("1.0"));
    // for each recognized format, this array lists its format identifier as element key and an array of known versions as element value
    $serialNumbersArray = array();
    // initialize array variable which will hold the serial numbers of all imported records
    // Verify the structure of the '$importDataArray':
    if (!empty($importDataArray['type']) and !empty($importDataArray['version']) and !empty($importDataArray['records'])) {
        // Currently, we only support the default "refbase" array structure in its initial version ("1.0") (support for other more generalized array formats may come later)
        if ($importDataArray['type'] == "refbase" and in_array($importDataArray['version'], $recognizedArrayFormatsAndVersions['refbase'])) {
            $recordsArray = $importDataArray['records'];
            // get the array of records that shall be imported
            // First, setup some required variables:
            // Get the current date (e.g. '2003-12-31'), time (e.g. '23:59:49') and user name & email address (e.g. 'Matthias Steffens (refbase@extracts.de)'):
            // note that we use the same time stamp for ALL imported records (so that users can easily identify all records belonging to one import action)
            list($currentDate, $currentTime, $currentUser) = getCurrentDateTimeUser();
            // LOOP OVER EACH RECORD:
            foreach ($recordsArray as $recordData) {
                // Initialize some variables (in order to avoid "undefined index" messages when the particular array elements are not available):
                if (isset($recordData['author'])) {
                    $author = $recordData['author'];
                } else {
                    $author = "";
                }
                if (isset($recordData['pages'])) {
                    $pages = $recordData['pages'];
                } else {
                    $pages = "";
                }
                if (isset($recordData['volume'])) {
                    $volume = $recordData['volume'];
                } else {
                    $volume = "";
                }
                if (isset($recordData['series_volume'])) {
                    $seriesVolume = $recordData['series_volume'];
                } else {
                    $seriesVolume = "";
                }
                // Assign correct values to the calculation fields 'first_author', 'author_count', 'first_page', 'volume_numeric' and 'series_volume_numeric':
                list($firstAuthor, $authorCount, $firstPage, $volumeNumeric, $seriesVolumeNumeric) = generateCalculationFieldContent($author, $pages, $volume, $seriesVolume);
                // CONSTRUCT SQL QUERY:
                // INSERT - construct a query to add data as new record
                $queryRefs = "";
                // note: we'll prefix "INSERT INTO $tableRefs SET " *after* we've parsed all array elements to trap the case that none of the array elements did contain any data
                if (!empty($recordData['author'])) {
                    $queryRefs .= "author = " . quote_smart($recordData['author']) . ", ";
                }
                if (!empty($firstAuthor)) {
                    $queryRefs .= "first_author = " . quote_smart($firstAuthor) . ", ";
                }
                if (!empty($authorCount)) {
                    $queryRefs .= "author_count = " . quote_smart($authorCount) . ", ";
                }
                if (!empty($recordData['title'])) {
                    $queryRefs .= "title = " . quote_smart($recordData['title']) . ", ";
                }
                if (!empty($recordData['year'])) {
                    $queryRefs .= "year = " . quote_smart($recordData['year']) . ", ";
                }
                if (!empty($recordData['publication'])) {
                    $queryRefs .= "publication = " . quote_smart($recordData['publication']) . ", ";
                }
                if (!empty($recordData['abbrev_journal'])) {
                    $queryRefs .= "abbrev_journal = " . quote_smart($recordData['abbrev_journal']) . ", ";
                }
                if (!empty($recordData['volume'])) {
                    $queryRefs .= "volume = " . quote_smart($recordData['volume']) . ", ";
                }
                if (!empty($volumeNumeric)) {
                    $queryRefs .= "volume_numeric = " . quote_smart($volumeNumeric) . ", ";
                }
                if (!empty($recordData['issue'])) {
                    $queryRefs .= "issue = " . quote_smart($recordData['issue']) . ", ";
                }
                if (!empty($recordData['pages'])) {
                    $queryRefs .= "pages = " . quote_smart($recordData['pages']) . ", ";
                }
                if (!empty($firstPage)) {
                    $queryRefs .= "first_page = " . quote_smart($firstPage) . ", ";
                }
                if (!empty($recordData['address'])) {
                    $queryRefs .= "address = " . quote_smart($recordData['address']) . ", ";
                }
                if (!empty($recordData['corporate_author'])) {
                    $queryRefs .= "corporate_author = " . quote_smart($recordData['corporate_author']) . ", ";
                }
                if (!empty($recordData['keywords'])) {
                    $queryRefs .= "keywords = " . quote_smart($recordData['keywords']) . ", ";
                }
                if (!empty($recordData['abstract'])) {
                    $queryRefs .= "abstract = " . quote_smart($recordData['abstract']) . ", ";
                }
                if (!empty($recordData['publisher'])) {
                    $queryRefs .= "publisher = " . quote_smart($recordData['publisher']) . ", ";
                }
                if (!empty($recordData['place'])) {
                    $queryRefs .= "place = " . quote_smart($recordData['place']) . ", ";
                }
                if (!empty($recordData['editor'])) {
                    $queryRefs .= "editor = " . quote_smart($recordData['editor']) . ", ";
                }
                if (!empty($recordData['language'])) {
                    $queryRefs .= "language = " . quote_smart($recordData['language']) . ", ";
                }
                if (!empty($recordData['summary_language'])) {
                    $queryRefs .= "summary_language = " . quote_smart($recordData['summary_language']) . ", ";
                }
                if (!empty($recordData['orig_title'])) {
                    $queryRefs .= "orig_title = " . quote_smart($recordData['orig_title']) . ", ";
                }
                if (!empty($recordData['series_editor'])) {
                    $queryRefs .= "series_editor = " . quote_smart($recordData['series_editor']) . ", ";
                }
                if (!empty($recordData['series_title'])) {
                    $queryRefs .= "series_title = " . quote_smart($recordData['series_title']) . ", ";
                }
                if (!empty($recordData['abbrev_series_title'])) {
                    $queryRefs .= "abbrev_series_title = " . quote_smart($recordData['abbrev_series_title']) . ", ";
                }
                if (!empty($recordData['series_volume'])) {
                    $queryRefs .= "series_volume = " . quote_smart($recordData['series_volume']) . ", ";
                }
                if (!empty($seriesVolumeNumeric)) {
                    $queryRefs .= "series_volume_numeric = " . quote_smart($seriesVolumeNumeric) . ", ";
                }
                if (!empty($recordData['series_issue'])) {
                    $queryRefs .= "series_issue = " . quote_smart($recordData['series_issue']) . ", ";
                }
                if (!empty($recordData['edition'])) {
                    $queryRefs .= "edition = " . quote_smart($recordData['edition']) . ", ";
                }
                if (!empty($recordData['issn'])) {
                    $queryRefs .= "issn = " . quote_smart($recordData['issn']) . ", ";
                }
                if (!empty($recordData['isbn'])) {
                    $queryRefs .= "isbn = " . quote_smart($recordData['isbn']) . ", ";
                }
                if (!empty($recordData['medium'])) {
                    $queryRefs .= "medium = " . quote_smart($recordData['medium']) . ", ";
                }
                if (!empty($recordData['area'])) {
                    $queryRefs .= "area = " . quote_smart($recordData['area']) . ", ";
                }
                if (!empty($recordData['expedition'])) {
                    $queryRefs .= "expedition = " . quote_smart($recordData['expedition']) . ", ";
                }
                if (!empty($recordData['conference'])) {
                    $queryRefs .= "conference = " . quote_smart($recordData['conference']) . ", ";
                }
                // the 'location' and 'call_number' fields are handled below
                if (!empty($recordData['approved'])) {
                    $queryRefs .= "approved = " . quote_smart($recordData['approved']) . ", ";
                }
                if (!empty($recordData['file'])) {
                    $queryRefs .= "file = " . quote_smart($recordData['file']) . ", ";
                }
                // the 'serial' field is handled below
                if (!empty($recordData['orig_record'])) {
                    $queryRefs .= "orig_record = " . quote_smart($recordData['orig_record']) . ", ";
                }
                if (!empty($recordData['type'])) {
                    $queryRefs .= "type = " . quote_smart($recordData['type']) . ", ";
                }
                if (!empty($recordData['thesis'])) {
                    $queryRefs .= "thesis = " . quote_smart(strlen($recordData['thesis']) > 0 ? 'yes' : 'no') . ", ";
                }
                if (!empty($recordData['notes'])) {
                    $queryRefs .= "notes = " . quote_smart($recordData['notes']) . ", ";
                }
                if (!empty($recordData['url'])) {
                    $queryRefs .= "url = " . quote_smart($recordData['url']) . ", ";
                }
                if (!empty($recordData['doi'])) {
                    $queryRefs .= "doi = " . quote_smart($recordData['doi']) . ", ";
                }
                if (!empty($recordData['contribution_id'])) {
                    $queryRefs .= "contribution_id = " . quote_smart($recordData['contribution_id']) . ", ";
                }
                if (!empty($recordData['online_publication'])) {
                    $queryRefs .= "online_publication = " . quote_smart($recordData['online_publication']) . ", ";
                }
                if (!empty($recordData['online_citation'])) {
                    $queryRefs .= "online_citation = " . quote_smart($recordData['online_citation']) . ", ";
                }
                if (!empty($queryRefs)) {
                    // we only honour the 'call_number' string if some other record data were passed as well:
                    //
                    // if the 'prefix_call_number' option is set to "true", any 'call_number' string will be prefixed with
                    // the correct call number prefix of the currently logged-in user (e.g. 'IP� @ msteffens @ '):
                    if (isset($_SESSION['loginEmail']) and isset($importDataArray['options']['prefix_call_number']) and $importDataArray['options']['prefix_call_number'] == "true") {
                        $callNumberPrefix = getCallNumberPrefix();
                        // build a correct call number prefix for the currently logged-in user (e.g. 'IP� @ msteffens')
                        if (!empty($recordData['call_number'])) {
                            $queryRefs .= "call_number = " . quote_smart($callNumberPrefix . " @ " . $recordData['call_number']) . ", ";
                        } else {
                            $queryRefs .= "call_number = " . quote_smart($callNumberPrefix . " @ ") . ", ";
                        }
                        // similar to the GUI behaviour, we'll also add a call number prefix if the 'call_number' string is empty
                    } else {
                        if (!empty($recordData['call_number'])) {
                            $queryRefs .= "call_number = " . quote_smart($recordData['call_number']) . ", ";
                        }
                    }
                    // if no specific cite key exists in '$recordData', any existing 'call_number' string gets also copied to the
                    // user-specific 'cite_key' field (which will ensure that this original call number/cite key is retained as
                    // cite key upon export); however, note that (depending on the user's settings) the cite key may get modified
                    // or regenerated by function 'generateCiteKey()' below
                    if (isset($_SESSION['loginEmail']) and !empty($recordData['call_number']) and empty($recordData['cite_key'])) {
                        $recordData['cite_key'] = $recordData['call_number'];
                    }
                    // for the 'location' field, we accept input from the '$recordData',
                    // but if no data were given, we'll add the currently logged-in user to the 'location' field:
                    if (!empty($recordData['location'])) {
                        $queryRefs .= "location = " . quote_smart($recordData['location']) . ", ";
                    } elseif (isset($_SESSION['loginEmail'])) {
                        $queryRefs .= "location = " . quote_smart($currentUser) . ", ";
                    }
                    $queryRefs .= "serial = NULL, ";
                    // inserting 'NULL' into an auto_increment PRIMARY KEY attribute allocates the next available key value
                    // we accept custom values for the *date/*time/*by fields if they are in correct format (*date: 'YYYY-MM-DD'; *time: 'HH:MM:SS'; *by: 'string'),
                    // otherwise we'll use the current date & time as well as the currently logged-in user name & email address:
                    if (!empty($recordData['created_by'])) {
                        $queryRefs .= "created_by = " . quote_smart($recordData['created_by']) . ", ";
                    } elseif (isset($_SESSION['loginEmail'])) {
                        $queryRefs .= "created_by = " . quote_smart($currentUser) . ", ";
                    }
                    if (!empty($recordData['created_date']) and preg_match("/^\\d{4}-\\d{2}-\\d{2}\$/", $recordData['created_date'])) {
                        $queryRefs .= "created_date = " . quote_smart($recordData['created_date']) . ", ";
                    } else {
                        $queryRefs .= "created_date = " . quote_smart($currentDate) . ", ";
                    }
                    if (!empty($recordData['created_time']) and preg_match("/^\\d{2}:\\d{2}:\\d{2}\$/", $recordData['created_time'])) {
                        $queryRefs .= "created_time = " . quote_smart($recordData['created_time']) . ", ";
                    } else {
                        $queryRefs .= "created_time = " . quote_smart($currentTime) . ", ";
                    }
                    if (!empty($recordData['modified_by'])) {
                        $queryRefs .= "modified_by = " . quote_smart($recordData['modified_by']) . ", ";
                    } elseif (isset($_SESSION['loginEmail'])) {
                        $queryRefs .= "modified_by = " . quote_smart($currentUser) . ", ";
                    }
                    if (!empty($recordData['modified_date']) and preg_match("/^\\d{4}-\\d{2}-\\d{2}\$/", $recordData['modified_date'])) {
                        $queryRefs .= "modified_date = " . quote_smart($recordData['modified_date']) . ", ";
                    } else {
                        $queryRefs .= "modified_date = " . quote_smart($currentDate) . ", ";
                    }
                    if (!empty($recordData['modified_time']) and preg_match("/^\\d{2}:\\d{2}:\\d{2}\$/", $recordData['modified_time'])) {
                        $queryRefs .= "modified_time = " . quote_smart($recordData['modified_time']) . "";
                    } else {
                        $queryRefs .= "modified_time = " . quote_smart($currentTime);
                    }
                    $queryRefs = "INSERT INTO {$tableRefs} SET " . $queryRefs;
                    // finalize the query by prefixing it with the actual MySQL command
                    // ADD RECORD:
                    // RUN the query on the database through the connection:
                    $result = queryMySQLDatabase($queryRefs);
                    // Get the record id that was created:
                    $serialNo = @mysql_insert_id($connection);
                    // find out the unique ID number of the newly created record (Note: this function should be called immediately after the
                    // SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!)
                    // ADD USER DATA:
                    if (isset($_SESSION['loginEmail'])) {
                        // Note: At the moment, the record in table 'user_data' will be always created for the currently logged-in user,
                        //       i.e. we don't try to match any custom data given in the 'location' field with users from table 'users'
                        //       in order to set the 'user_id' in table 'user_data' accordingly
                        // This is a stupid hack that maps the names of the '$recordData' array keys to those used
                        // by the '$formVars' array (which is required by function 'generateCiteKey()')
                        // (eventually, the '$formVars' array should use the MySQL field names as names for its array keys)
                        $formVars = buildFormVarsArray($recordData);
                        // Generate or extract the cite key for this record:
                        $citeKey = generateCiteKey($formVars);
                        // Construct SQL query:
                        $queryUserData = "INSERT INTO {$tableUserData} SET ";
                        if (!empty($recordData['marked']) and preg_match("/^(no|yes)\$/", $recordData['marked'])) {
                            $queryUserData .= "marked = " . quote_smart($recordData['marked']) . ", ";
                        }
                        if (!empty($recordData['copy']) and preg_match("/^(false|true|ordered|fetch)\$/", $recordData['copy'])) {
                            $queryUserData .= "copy = " . quote_smart($recordData['copy']) . ", ";
                        } else {
                            $queryUserData .= "copy = 'true', ";
                        }
                        // by default, 'false' would get inserted if omitted; we insert 'true' here in order to be consistent with manual record additions
                        if (!empty($recordData['selected']) and preg_match("/^(no|yes)\$/", $recordData['selected'])) {
                            $queryUserData .= "selected = " . quote_smart($recordData['selected']) . ", ";
                        }
                        if (!empty($recordData['user_keys'])) {
                            $queryUserData .= "user_keys = " . quote_smart($recordData['user_keys']) . ", ";
                        }
                        if (!empty($recordData['user_notes'])) {
                            $queryUserData .= "user_notes = " . quote_smart($recordData['user_notes']) . ", ";
                        }
                        if (!empty($recordData['user_file'])) {
                            $queryUserData .= "user_file = " . quote_smart($recordData['user_file']) . ", ";
                        }
                        if (!empty($recordData['user_groups'])) {
                            $queryUserData .= "user_groups = " . quote_smart($recordData['user_groups']) . ", ";
                        }
                        $queryUserData .= "cite_key = " . quote_smart($citeKey) . ", ";
                        if (!empty($recordData['related'])) {
                            $queryUserData .= "related = " . quote_smart($recordData['related']) . ", ";
                        }
                        $queryUserData .= "record_id = " . quote_smart($serialNo) . ", " . "user_id = " . quote_smart($loginUserID) . ", " . "data_id = NULL";
                        // inserting 'NULL' into an auto_increment PRIMARY KEY attribute allocates the next available key value
                        // RUN the query on the database through the connection:
                        $result = queryMySQLDatabase($queryUserData);
                    }
                    // Append this record's serial number to the array of imported record serials:
                    $serialNumbersArray[] = $serialNo;
                }
                // else: '$recordData' did not contain any data, so we skip this record
            }
            // (END LOOP OVER EACH RECORD)
        }
        // else: unknown array structure, return an empty '$serialNumbersArray'
    }
    // else: couldn't verify structure of '$importDataArray', return an empty '$serialNumbersArray'
    return $serialNumbersArray;
    // return list of serial numbers of all imported records
}