- ( sms_payment.php => yes, sqli but is it really used? )
- ( inc/eventz/upload_data_node.php => Shell injections in .zip hanling, .jpg handling,
- "strange" filenames like .htacess (to allow listing of folder)
+ ( ./inc/eventz/spamuj_ubik.inc )
+ ( ./inc/eventz/upload_own_template.inc ) (is even needed?)
+
+- Remove/fix not working eventz
+ ( ./inc/eventz/addClass.inc )
+ ( ./inc/eventz/addEvent.inc )
+ ( ./inc/eventz/addAjax.inc )
+ ( ./inc/eventz/addPlugin.inc )
+ ( ./inc/eventz/kyberia.inc ) (wtf)
+
+- Refactor directory structure
+
+- Deprecated PHP features
+ ( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )
+
+- keep fixing XSS
+
+- Test & scale logarithmic threading
+
+- Remove templates from git (they should be only in sql)
+
+- Clean code => fix uninitialized variables
+
+- documentation/installation guide (see README)
+
+- Make PATH_INFO not changing contents of $_GET[] (it should affect some other variable instead - requires complex rewrite)
+- Switch completely to Base36 (Templates, Links, don't change $_GET[], queries should convert between base10 in db and base36 in kyberia automatically, etc...)