+- User mail is not working
+
+- Registration process is not working
+
+- Cron scripts are not executed
+ (no automatic logouts, no K generation, ...)
+
- fix uploading of files
+
- fix ALL sql injections
-- keep fixing XSS
-- documentantion/instalation guide (see README)
+
- remove absolute paths from all source files (!) (over 50)
+
- remove hard-coded kyberia.sk from:
( ./inc/eventz/configure_email.inc )
( ./inc/eventz/delete.inc )
( ./nodes.php )
( ./cron/rssparse.php )
( ./scripts/contentregexp.php ) (obsolete?)
+ Fix https vs http problem (url)
- Suspected security holes:
( cron/process-img.sh )
( sms_payment.php => yes, sqli but is it really used? )
- ( inc/eventz/upload_data_node.php => Shell injections in .zip hanling, .jpg handling,
+ ( inc/eventz/upload_data_node.php => Shell injections in .zip handling, .jpg handling,
"strange" filenames like .htacess (to allow listing of folder)
- Refactor directory structure
- ( Whole <Directory "/var/www/kyberia-wwwroot> section from apache should go to .htaccess )
- Deprecated PHP features
( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )
+
+- keep fixing XSS
+
+- documentation/installation guide (see README)
+
+- Clean code => fix uninitialized variables