// escape any meta characters
// replace any whitespace characters with "|":
$citeKey = preg_replace("/\\s+/", "|", $citeKey);
// strip "|" from beginning/end of string (if any):
$citeKey = preg_replace("/^\\|?(.+?)\\|?\$/", "\\1", $citeKey);
$query .= " cite_key RLIKE " . quote_smart("^(" . $citeKey . ")\$");
} else {
// $recordConditionalSelector == "contains"
$query .= " cite_key RLIKE " . quote_smart($citeKey);
}
}
// call_number:
if (!empty($callNumber)) {
$query .= connectConditionals();
// since 'show.php' will only allow a user to query his own call numbers we need to build a complete call number prefix (e.g. 'IPÖ @ msteffens') that's appropriate for this user:
$callNumberPrefix = getCallNumberPrefix();
// function 'getCallNumberPrefix()' is defined in 'include.inc.php'
if ($recordConditionalSelector == "is equal to") {
$query .= " call_number RLIKE " . quote_smart("(^|.*;) *" . $callNumberPrefix . " @ " . $callNumber . " *(;.*|\$)");
} elseif ($recordConditionalSelector == "is within list") {
$callNumber = preg_quote($callNumber, "");
// escape any meta characters
// replace any whitespace characters with "|":
$callNumber = preg_replace("/\\s+/", "|", $callNumber);
// strip "|" from beginning/end of string (if any):
$callNumber = preg_replace("/^\\|?(.+?)\\|?\$/", "\\1", $callNumber);
$query .= " call_number RLIKE " . quote_smart("(^|.*;) *" . $callNumberPrefix . " @ (" . $callNumber . ") *(;.*|\$)");
} else {
// $recordConditionalSelector == "contains"
$query .= " call_number RLIKE " . quote_smart($callNumberPrefix . " @ [^@;]*" . $callNumber . "[^@;]*");
}
function addRecords($importDataArray)
{
global $loginUserID;
global $tableRefs, $tableUserData;
// defined in 'db.inc.php'
global $connection;
connectToMySQLDatabase();
$recognizedArrayFormatsAndVersions = array('refbase' => array("1.0"));
// for each recognized format, this array lists its format identifier as element key and an array of known versions as element value
$serialNumbersArray = array();
// initialize array variable which will hold the serial numbers of all imported records
// Verify the structure of the '$importDataArray':
if (!empty($importDataArray['type']) and !empty($importDataArray['version']) and !empty($importDataArray['records'])) {
// Currently, we only support the default "refbase" array structure in its initial version ("1.0") (support for other more generalized array formats may come later)
if ($importDataArray['type'] == "refbase" and in_array($importDataArray['version'], $recognizedArrayFormatsAndVersions['refbase'])) {
$recordsArray = $importDataArray['records'];
// get the array of records that shall be imported
// First, setup some required variables:
// Get the current date (e.g. '2003-12-31'), time (e.g. '23:59:49') and user name & email address (e.g. 'Matthias Steffens (refbase@extracts.de)'):
// note that we use the same time stamp for ALL imported records (so that users can easily identify all records belonging to one import action)
list($currentDate, $currentTime, $currentUser) = getCurrentDateTimeUser();
// LOOP OVER EACH RECORD:
foreach ($recordsArray as $recordData) {
// Initialize some variables (in order to avoid "undefined index" messages when the particular array elements are not available):
if (isset($recordData['author'])) {
$author = $recordData['author'];
} else {
$author = "";
}
if (isset($recordData['pages'])) {
$pages = $recordData['pages'];
} else {
$pages = "";
}
if (isset($recordData['volume'])) {
$volume = $recordData['volume'];
} else {
$volume = "";
}
if (isset($recordData['series_volume'])) {
$seriesVolume = $recordData['series_volume'];
} else {
$seriesVolume = "";
}
// Assign correct values to the calculation fields 'first_author', 'author_count', 'first_page', 'volume_numeric' and 'series_volume_numeric':
list($firstAuthor, $authorCount, $firstPage, $volumeNumeric, $seriesVolumeNumeric) = generateCalculationFieldContent($author, $pages, $volume, $seriesVolume);
// CONSTRUCT SQL QUERY:
// INSERT - construct a query to add data as new record
$queryRefs = "";
// note: we'll prefix "INSERT INTO $tableRefs SET " *after* we've parsed all array elements to trap the case that none of the array elements did contain any data
if (!empty($recordData['author'])) {
$queryRefs .= "author = " . quote_smart($recordData['author']) . ", ";
}
if (!empty($firstAuthor)) {
$queryRefs .= "first_author = " . quote_smart($firstAuthor) . ", ";
}
if (!empty($authorCount)) {
$queryRefs .= "author_count = " . quote_smart($authorCount) . ", ";
}
if (!empty($recordData['title'])) {
$queryRefs .= "title = " . quote_smart($recordData['title']) . ", ";
}
if (!empty($recordData['year'])) {
$queryRefs .= "year = " . quote_smart($recordData['year']) . ", ";
}
if (!empty($recordData['publication'])) {
$queryRefs .= "publication = " . quote_smart($recordData['publication']) . ", ";
}
if (!empty($recordData['abbrev_journal'])) {
$queryRefs .= "abbrev_journal = " . quote_smart($recordData['abbrev_journal']) . ", ";
}
if (!empty($recordData['volume'])) {
$queryRefs .= "volume = " . quote_smart($recordData['volume']) . ", ";
}
if (!empty($volumeNumeric)) {
$queryRefs .= "volume_numeric = " . quote_smart($volumeNumeric) . ", ";
}
if (!empty($recordData['issue'])) {
$queryRefs .= "issue = " . quote_smart($recordData['issue']) . ", ";
}
if (!empty($recordData['pages'])) {
$queryRefs .= "pages = " . quote_smart($recordData['pages']) . ", ";
}
if (!empty($firstPage)) {
$queryRefs .= "first_page = " . quote_smart($firstPage) . ", ";
}
if (!empty($recordData['address'])) {
$queryRefs .= "address = " . quote_smart($recordData['address']) . ", ";
}
if (!empty($recordData['corporate_author'])) {
$queryRefs .= "corporate_author = " . quote_smart($recordData['corporate_author']) . ", ";
}
if (!empty($recordData['keywords'])) {
$queryRefs .= "keywords = " . quote_smart($recordData['keywords']) . ", ";
}
if (!empty($recordData['abstract'])) {
$queryRefs .= "abstract = " . quote_smart($recordData['abstract']) . ", ";
}
if (!empty($recordData['publisher'])) {
$queryRefs .= "publisher = " . quote_smart($recordData['publisher']) . ", ";
}
if (!empty($recordData['place'])) {
$queryRefs .= "place = " . quote_smart($recordData['place']) . ", ";
}
if (!empty($recordData['editor'])) {
$queryRefs .= "editor = " . quote_smart($recordData['editor']) . ", ";
}
if (!empty($recordData['language'])) {
$queryRefs .= "language = " . quote_smart($recordData['language']) . ", ";
}
if (!empty($recordData['summary_language'])) {
$queryRefs .= "summary_language = " . quote_smart($recordData['summary_language']) . ", ";
}
if (!empty($recordData['orig_title'])) {
$queryRefs .= "orig_title = " . quote_smart($recordData['orig_title']) . ", ";
}
if (!empty($recordData['series_editor'])) {
$queryRefs .= "series_editor = " . quote_smart($recordData['series_editor']) . ", ";
}
if (!empty($recordData['series_title'])) {
$queryRefs .= "series_title = " . quote_smart($recordData['series_title']) . ", ";
}
if (!empty($recordData['abbrev_series_title'])) {
$queryRefs .= "abbrev_series_title = " . quote_smart($recordData['abbrev_series_title']) . ", ";
}
if (!empty($recordData['series_volume'])) {
$queryRefs .= "series_volume = " . quote_smart($recordData['series_volume']) . ", ";
}
if (!empty($seriesVolumeNumeric)) {
$queryRefs .= "series_volume_numeric = " . quote_smart($seriesVolumeNumeric) . ", ";
}
if (!empty($recordData['series_issue'])) {
$queryRefs .= "series_issue = " . quote_smart($recordData['series_issue']) . ", ";
}
if (!empty($recordData['edition'])) {
$queryRefs .= "edition = " . quote_smart($recordData['edition']) . ", ";
}
if (!empty($recordData['issn'])) {
$queryRefs .= "issn = " . quote_smart($recordData['issn']) . ", ";
}
if (!empty($recordData['isbn'])) {
$queryRefs .= "isbn = " . quote_smart($recordData['isbn']) . ", ";
}
if (!empty($recordData['medium'])) {
$queryRefs .= "medium = " . quote_smart($recordData['medium']) . ", ";
}
if (!empty($recordData['area'])) {
$queryRefs .= "area = " . quote_smart($recordData['area']) . ", ";
}
if (!empty($recordData['expedition'])) {
$queryRefs .= "expedition = " . quote_smart($recordData['expedition']) . ", ";
}
if (!empty($recordData['conference'])) {
$queryRefs .= "conference = " . quote_smart($recordData['conference']) . ", ";
}
// the 'location' and 'call_number' fields are handled below
if (!empty($recordData['approved'])) {
$queryRefs .= "approved = " . quote_smart($recordData['approved']) . ", ";
}
if (!empty($recordData['file'])) {
$queryRefs .= "file = " . quote_smart($recordData['file']) . ", ";
}
// the 'serial' field is handled below
if (!empty($recordData['orig_record'])) {
$queryRefs .= "orig_record = " . quote_smart($recordData['orig_record']) . ", ";
}
if (!empty($recordData['type'])) {
$queryRefs .= "type = " . quote_smart($recordData['type']) . ", ";
}
if (!empty($recordData['thesis'])) {
$queryRefs .= "thesis = " . quote_smart(strlen($recordData['thesis']) > 0 ? 'yes' : 'no') . ", ";
}
if (!empty($recordData['notes'])) {
$queryRefs .= "notes = " . quote_smart($recordData['notes']) . ", ";
}
if (!empty($recordData['url'])) {
$queryRefs .= "url = " . quote_smart($recordData['url']) . ", ";
}
if (!empty($recordData['doi'])) {
$queryRefs .= "doi = " . quote_smart($recordData['doi']) . ", ";
}
if (!empty($recordData['contribution_id'])) {
$queryRefs .= "contribution_id = " . quote_smart($recordData['contribution_id']) . ", ";
}
if (!empty($recordData['online_publication'])) {
$queryRefs .= "online_publication = " . quote_smart($recordData['online_publication']) . ", ";
}
if (!empty($recordData['online_citation'])) {
$queryRefs .= "online_citation = " . quote_smart($recordData['online_citation']) . ", ";
}
if (!empty($queryRefs)) {
// we only honour the 'call_number' string if some other record data were passed as well:
//
// if the 'prefix_call_number' option is set to "true", any 'call_number' string will be prefixed with
// the correct call number prefix of the currently logged-in user (e.g. 'IP� @ msteffens @ '):
if (isset($_SESSION['loginEmail']) and isset($importDataArray['options']['prefix_call_number']) and $importDataArray['options']['prefix_call_number'] == "true") {
$callNumberPrefix = getCallNumberPrefix();
// build a correct call number prefix for the currently logged-in user (e.g. 'IP� @ msteffens')
if (!empty($recordData['call_number'])) {
$queryRefs .= "call_number = " . quote_smart($callNumberPrefix . " @ " . $recordData['call_number']) . ", ";
} else {
$queryRefs .= "call_number = " . quote_smart($callNumberPrefix . " @ ") . ", ";
}
// similar to the GUI behaviour, we'll also add a call number prefix if the 'call_number' string is empty
} else {
if (!empty($recordData['call_number'])) {
$queryRefs .= "call_number = " . quote_smart($recordData['call_number']) . ", ";
}
}
// if no specific cite key exists in '$recordData', any existing 'call_number' string gets also copied to the
// user-specific 'cite_key' field (which will ensure that this original call number/cite key is retained as
// cite key upon export); however, note that (depending on the user's settings) the cite key may get modified
// or regenerated by function 'generateCiteKey()' below
if (isset($_SESSION['loginEmail']) and !empty($recordData['call_number']) and empty($recordData['cite_key'])) {
$recordData['cite_key'] = $recordData['call_number'];
}
// for the 'location' field, we accept input from the '$recordData',
// but if no data were given, we'll add the currently logged-in user to the 'location' field:
if (!empty($recordData['location'])) {
$queryRefs .= "location = " . quote_smart($recordData['location']) . ", ";
} elseif (isset($_SESSION['loginEmail'])) {
$queryRefs .= "location = " . quote_smart($currentUser) . ", ";
}
$queryRefs .= "serial = NULL, ";
// inserting 'NULL' into an auto_increment PRIMARY KEY attribute allocates the next available key value
// we accept custom values for the *date/*time/*by fields if they are in correct format (*date: 'YYYY-MM-DD'; *time: 'HH:MM:SS'; *by: 'string'),
// otherwise we'll use the current date & time as well as the currently logged-in user name & email address:
if (!empty($recordData['created_by'])) {
$queryRefs .= "created_by = " . quote_smart($recordData['created_by']) . ", ";
} elseif (isset($_SESSION['loginEmail'])) {
$queryRefs .= "created_by = " . quote_smart($currentUser) . ", ";
}
if (!empty($recordData['created_date']) and preg_match("/^\\d{4}-\\d{2}-\\d{2}\$/", $recordData['created_date'])) {
$queryRefs .= "created_date = " . quote_smart($recordData['created_date']) . ", ";
} else {
$queryRefs .= "created_date = " . quote_smart($currentDate) . ", ";
}
if (!empty($recordData['created_time']) and preg_match("/^\\d{2}:\\d{2}:\\d{2}\$/", $recordData['created_time'])) {
$queryRefs .= "created_time = " . quote_smart($recordData['created_time']) . ", ";
} else {
$queryRefs .= "created_time = " . quote_smart($currentTime) . ", ";
}
if (!empty($recordData['modified_by'])) {
$queryRefs .= "modified_by = " . quote_smart($recordData['modified_by']) . ", ";
} elseif (isset($_SESSION['loginEmail'])) {
$queryRefs .= "modified_by = " . quote_smart($currentUser) . ", ";
}
if (!empty($recordData['modified_date']) and preg_match("/^\\d{4}-\\d{2}-\\d{2}\$/", $recordData['modified_date'])) {
$queryRefs .= "modified_date = " . quote_smart($recordData['modified_date']) . ", ";
} else {
$queryRefs .= "modified_date = " . quote_smart($currentDate) . ", ";
}
if (!empty($recordData['modified_time']) and preg_match("/^\\d{2}:\\d{2}:\\d{2}\$/", $recordData['modified_time'])) {
$queryRefs .= "modified_time = " . quote_smart($recordData['modified_time']) . "";
} else {
$queryRefs .= "modified_time = " . quote_smart($currentTime);
}
$queryRefs = "INSERT INTO {$tableRefs} SET " . $queryRefs;
// finalize the query by prefixing it with the actual MySQL command
// ADD RECORD:
// RUN the query on the database through the connection:
$result = queryMySQLDatabase($queryRefs);
// Get the record id that was created:
$serialNo = @mysql_insert_id($connection);
// find out the unique ID number of the newly created record (Note: this function should be called immediately after the
// SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!)
// ADD USER DATA:
if (isset($_SESSION['loginEmail'])) {
// Note: At the moment, the record in table 'user_data' will be always created for the currently logged-in user,
// i.e. we don't try to match any custom data given in the 'location' field with users from table 'users'
// in order to set the 'user_id' in table 'user_data' accordingly
// This is a stupid hack that maps the names of the '$recordData' array keys to those used
// by the '$formVars' array (which is required by function 'generateCiteKey()')
// (eventually, the '$formVars' array should use the MySQL field names as names for its array keys)
$formVars = buildFormVarsArray($recordData);
// Generate or extract the cite key for this record:
$citeKey = generateCiteKey($formVars);
// Construct SQL query:
$queryUserData = "INSERT INTO {$tableUserData} SET ";
if (!empty($recordData['marked']) and preg_match("/^(no|yes)\$/", $recordData['marked'])) {
$queryUserData .= "marked = " . quote_smart($recordData['marked']) . ", ";
}
if (!empty($recordData['copy']) and preg_match("/^(false|true|ordered|fetch)\$/", $recordData['copy'])) {
$queryUserData .= "copy = " . quote_smart($recordData['copy']) . ", ";
} else {
$queryUserData .= "copy = 'true', ";
}
// by default, 'false' would get inserted if omitted; we insert 'true' here in order to be consistent with manual record additions
if (!empty($recordData['selected']) and preg_match("/^(no|yes)\$/", $recordData['selected'])) {
$queryUserData .= "selected = " . quote_smart($recordData['selected']) . ", ";
}
if (!empty($recordData['user_keys'])) {
$queryUserData .= "user_keys = " . quote_smart($recordData['user_keys']) . ", ";
}
if (!empty($recordData['user_notes'])) {
$queryUserData .= "user_notes = " . quote_smart($recordData['user_notes']) . ", ";
}
if (!empty($recordData['user_file'])) {
$queryUserData .= "user_file = " . quote_smart($recordData['user_file']) . ", ";
}
if (!empty($recordData['user_groups'])) {
$queryUserData .= "user_groups = " . quote_smart($recordData['user_groups']) . ", ";
}
$queryUserData .= "cite_key = " . quote_smart($citeKey) . ", ";
if (!empty($recordData['related'])) {
$queryUserData .= "related = " . quote_smart($recordData['related']) . ", ";
}
$queryUserData .= "record_id = " . quote_smart($serialNo) . ", " . "user_id = " . quote_smart($loginUserID) . ", " . "data_id = NULL";
// inserting 'NULL' into an auto_increment PRIMARY KEY attribute allocates the next available key value
// RUN the query on the database through the connection:
$result = queryMySQLDatabase($queryUserData);
}
// Append this record's serial number to the array of imported record serials:
$serialNumbersArray[] = $serialNo;
}
// else: '$recordData' did not contain any data, so we skip this record
}
// (END LOOP OVER EACH RECORD)
}
// else: unknown array structure, return an empty '$serialNumbersArray'
}
// else: couldn't verify structure of '$importDataArray', return an empty '$serialNumbersArray'
return $serialNumbersArray;
// return list of serial numbers of all imported records
}