Commit | Line | Data |
---|---|---|
fe69da5f | 1 | - User mail is not working |
2 | ||
3 | - Registration process is not working | |
f657368b | 4 | (rewrite sending of reg. mails) |
fe69da5f | 5 | |
02a5a589 | 6 | - FIX function.get_image_link.php: |
7 | ("GET /id/select%20user_id%20from%20users%20where%20user_id%20=%20332%3CBR%3E0.19035/images/nodes///.gif ) wtf? | |
8 | ||
46c0767c | 9 | - SQL injections (many fixed, but some should be still there) |
fe69da5f | 10 | |
dcee7633 | 11 | - remove absolute paths from all source files (!) (over 50) |
fe69da5f | 12 | |
dcee7633 | 13 | - remove hard-coded kyberia.sk from: |
14 | ( ./inc/eventz/configure_email.inc ) | |
15 | ( ./inc/eventz/delete.inc ) | |
16 | ( ./inc/smarty/node_methodz/modifier.replaceLocalURLs.php ) | |
17 | ( ./inc/replaceLocalURLs.inc ) | |
18 | ( ./nodes.php ) | |
19 | ( ./cron/rssparse.php ) | |
20 | ( ./scripts/contentregexp.php ) (obsolete?) | |
fe69da5f | 21 | Fix https vs http problem (url) |
dcee7633 | 22 | |
23 | - Suspected security holes: | |
24 | ( cron/process-img.sh ) | |
f657368b | 25 | ( ./inc/eventz/spamuj_ubik.inc ) |
26 | ( ./inc/eventz/upload_own_template.inc ) (is even needed?) | |
dcee7633 | 27 | |
f657368b | 28 | - Remove eventz (and files) that are not used (verify this before removing) |
29 | ( ./inc/eventz/login_lockout_test.inc ) | |
30 | ( ./inc/eventz/add_test.inc ) | |
31 | ( ./inc/eventz/add_ubik_friend.inc ) | |
32 | ( ./inc/eventz/cron_test.inc ) | |
33 | ( ./inc/eventz/login_lockout_test.inc ) | |
34 | ( ./inc/eventz/login_test.inc ) | |
35 | ( ./inc/eventz/mail_test.inc ) | |
36 | ( ./inc/eventz/test_button.inc ) | |
37 | ( ./inc/eventz/testing_cron.inc ) | |
38 | ( ./inc/eventz/testm.inc ) | |
39 | ( ./inc/eventz/send-old.inc ) | |
40 | ( ./inc/eventz/destroy_synapse2.inc ) | |
41 | ( ./inc/eventz/login2.inc ) | |
42 | ( ./inc/eventz/send2.inc ) | |
43 | ( ./inc/eventz/set_parent2.inc ) | |
44 | ||
45 | - Remove/fix not working eventz | |
46 | ( ./inc/eventz/addClass.inc ) | |
47 | ( ./inc/eventz/addEvent.inc ) | |
48 | ( ./inc/eventz/addAjax.inc ) | |
49 | ( ./inc/eventz/addPlugin.inc ) | |
50 | ( ./inc/eventz/kyberia.inc ) (wtf) | |
51 | ||
d48685b8 | 52 | - Refactor directory structure |
2f9b4885 H |
53 | |
54 | - Deprecated PHP features | |
55 | ( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 ) | |
fe69da5f | 56 | |
57 | - keep fixing XSS | |
58 | ||
59 | - documentation/installation guide (see README) | |
60 | ||
61 | - Clean code => fix uninitialized variables | |
f657368b | 62 | |
63 | - Implement URL handling using PATH_INFO instead of mod_rewrite | |
64 | ||
45a1b870 | 65 | - some templates are fixed only in .tpl, not in sql database |
66 | ||
f657368b | 67 | - (IMHO we should use SHA1 or stronger algorithm instead of MD5 for storing passwords) |
68 | (We can use multiple hash algorithms (so we'll have backward DB compatibility): | |
69 | {SHA256}0654209dbde29a5c17e4f04ab63a91d303d2e7c791c7b5777581a7fa6550054e | |
70 | {SHA1}f67c52c4a27cf05c99e4f3f946d6500f045a4735 | |
71 | 5b077a0ab90992d9763c5b120b22c9d7 | |
72 | ) Harvie | |
73 |