id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc
352,Make sure data layer doesn't allow bad data via the API,dstillman,dstillman,"Given that people can write ""utilities"" to extend Zotero via the API, the data layer needs to be a lot more suspicious of data passed to it via the API. It already does a lot of checking, but the methods should be reviewed to make sure they do enough -- it should be pretty much impossible to insert bad data.

(Technically it could also do more integrity checking of data in the DB, but frankly I don't really care about Zotero breaking if people insert bad data via SQL directly--I'd really rather not program something that lacks a trusted data store.)",enhancement,closed,major,,data layer,,fixed,helpwanted,