doc/TODO

   1 - fix uploading of files
   2 - fix ALL sql injections
   3 - keep fixing XSS
   4 - documentantion/instalation guide (see README)
   5 - remove absolute paths from all source files (!) (over 50)
   6 - remove hard-coded kyberia.sk from:
   7   ( ./inc/eventz/configure_email.inc )
   8   ( ./inc/eventz/delete.inc )
   9   ( ./inc/smarty/node_methodz/modifier.replaceLocalURLs.php )
  10   ( ./inc/replaceLocalURLs.inc )
  11   ( ./nodes.php )
  12   ( ./cron/rssparse.php )
  13   ( ./scripts/contentregexp.php ) (obsolete?)
  14
  15 - Suspected security holes:
  16   ( cron/process-img.sh )
  17   ( sms_payment.php  => yes, sqli but is it really used? )
  18   ( inc/eventz/upload_data_node.php => Shell injections in .zip hanling, .jpg handling,
  19     "strange" filenames like .htacess (to allow listing of folder)
  20