[mirrors/Kyberia-bloodline.git] / doc / TODO

- User mail is not working

- Registration process is not working
  (rewrite sending of reg. mails)

- Cron scripts are not executed (most of them should be OK now)
  (no automatic logouts, no K generation, ...) 

- fix ALL sql injections

- remove absolute paths from all source files (!) (over 50)

- remove hard-coded kyberia.sk from:
  ( ./inc/eventz/configure_email.inc )
  ( ./inc/eventz/delete.inc )
  ( ./inc/smarty/node_methodz/modifier.replaceLocalURLs.php )
  ( ./inc/replaceLocalURLs.inc )
  ( ./nodes.php )
  ( ./cron/rssparse.php )
  ( ./scripts/contentregexp.php ) (obsolete?)
  Fix https vs http problem (url)

- Suspected security holes:
  ( cron/process-img.sh )
  ( ./inc/eventz/spamuj_ubik.inc )
  ( ./inc/eventz/upload_own_template.inc ) (is even needed?)

- Remove eventz (and files) that are not used (verify this before removing)
  ( ./inc/eventz/login_lockout_test.inc )
  ( ./inc/eventz/add_test.inc )
  ( ./inc/eventz/add_ubik_friend.inc )
  ( ./inc/eventz/cron_test.inc )
  ( ./inc/eventz/login_lockout_test.inc )
  ( ./inc/eventz/login_test.inc )
  ( ./inc/eventz/mail_test.inc )
  ( ./inc/eventz/test_button.inc )
  ( ./inc/eventz/testing_cron.inc )
  ( ./inc/eventz/testm.inc )
  ( ./inc/eventz/send-old.inc )
  ( ./inc/eventz/destroy_synapse2.inc )
  ( ./inc/eventz/login2.inc )
  ( ./inc/eventz/send2.inc )
  ( ./inc/eventz/set_parent2.inc )

- Remove/fix not working eventz
  ( ./inc/eventz/addClass.inc  )
  ( ./inc/eventz/addEvent.inc )
  ( ./inc/eventz/addAjax.inc )
  ( ./inc/eventz/addPlugin.inc )
  ( ./inc/eventz/kyberia.inc ) (wtf)
 

- Refactor directory structure

- Deprecated PHP features
  ( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )

- keep fixing XSS

- documentation/installation guide (see README)

- Clean code => fix uninitialized variables

- Implement URL handling using PATH_INFO instead of mod_rewrite

- (IMHO we should use SHA1 or stronger algorithm instead of MD5 for storing passwords)
  (We can use multiple hash algorithms (so we'll have backward DB compatibility):
		{SHA256}0654209dbde29a5c17e4f04ab63a91d303d2e7c791c7b5777581a7fa6550054e
		{SHA1}f67c52c4a27cf05c99e4f3f946d6500f045a4735
		5b077a0ab90992d9763c5b120b22c9d7
  ) Harvie
Commit	Line	Data
	1	- User mail is not working
	2
	3	- Registration process is not working
	4	(rewrite sending of reg. mails)
	5
	6	- Cron scripts are not executed (most of them should be OK now)
	7	(no automatic logouts, no K generation, ...)
	8
	9	- fix ALL sql injections
	10
	11	- remove absolute paths from all source files (!) (over 50)
	12
	13	- remove hard-coded kyberia.sk from:
	14	( ./inc/eventz/configure_email.inc )
	15	( ./inc/eventz/delete.inc )
	16	( ./inc/smarty/node_methodz/modifier.replaceLocalURLs.php )
	17	( ./inc/replaceLocalURLs.inc )
	18	( ./nodes.php )
	19	( ./cron/rssparse.php )
	20	( ./scripts/contentregexp.php ) (obsolete?)
	21	Fix https vs http problem (url)
	22
	23	- Suspected security holes:
	24	( cron/process-img.sh )
	25	( ./inc/eventz/spamuj_ubik.inc )
	26	( ./inc/eventz/upload_own_template.inc ) (is even needed?)
	27
	28	- Remove eventz (and files) that are not used (verify this before removing)
	29	( ./inc/eventz/login_lockout_test.inc )
	30	( ./inc/eventz/add_test.inc )
	31	( ./inc/eventz/add_ubik_friend.inc )
	32	( ./inc/eventz/cron_test.inc )
	33	( ./inc/eventz/login_lockout_test.inc )
	34	( ./inc/eventz/login_test.inc )
	35	( ./inc/eventz/mail_test.inc )
	36	( ./inc/eventz/test_button.inc )
	37	( ./inc/eventz/testing_cron.inc )
	38	( ./inc/eventz/testm.inc )
	39	( ./inc/eventz/send-old.inc )
	40	( ./inc/eventz/destroy_synapse2.inc )
	41	( ./inc/eventz/login2.inc )
	42	( ./inc/eventz/send2.inc )
	43	( ./inc/eventz/set_parent2.inc )
	44
	45	- Remove/fix not working eventz
	46	( ./inc/eventz/addClass.inc )
	47	( ./inc/eventz/addEvent.inc )
	48	( ./inc/eventz/addAjax.inc )
	49	( ./inc/eventz/addPlugin.inc )
	50	( ./inc/eventz/kyberia.inc ) (wtf)
	51
	52
	53	- Refactor directory structure
	54
	55	- Deprecated PHP features
	56	( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )
	57
	58	- keep fixing XSS
	59
	60	- documentation/installation guide (see README)
	61
	62	- Clean code => fix uninitialized variables
	63
	64	- Implement URL handling using PATH_INFO instead of mod_rewrite
	65
	66	- (IMHO we should use SHA1 or stronger algorithm instead of MD5 for storing passwords)
	67	(We can use multiple hash algorithms (so we'll have backward DB compatibility):
	68	{SHA256}0654209dbde29a5c17e4f04ab63a91d303d2e7c791c7b5777581a7fa6550054e
	69	{SHA1}f67c52c4a27cf05c99e4f3f946d6500f045a4735
	70	5b077a0ab90992d9763c5b120b22c9d7
	71	) Harvie
	72