- ( cron/process-img.sh )
- ( sms_payment.php => yes, sqli but is it really used? )
- ( inc/eventz/upload_data_node.php => Shell injections in .zip hanling, .jpg handling,
- "strange" filenames like .htacess (to allow listing of folder)
+ ( ./inc/smarty/node_methodz/function.fetch.php) (read local files?)
+ ( ./inc/eventz/spamuj_ubik.inc )
+ ( ./inc/eventz/upload_own_template.inc ) (is even needed?)
+
+- Remove/fix not working eventz
+ ( ./inc/eventz/addClass.inc )
+ ( ./inc/eventz/addEvent.inc )
+ ( ./inc/eventz/addAjax.inc )
+ ( ./inc/eventz/addPlugin.inc )
+ ( ./inc/eventz/kyberia.inc ) (wtf)
+
+- Refactor directory structure
+
+- Deprecated PHP features
+ ( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )
+
+- keep fixing XSS
+
+- Fix defaukt template (big tables)
+
+- Remove templates from git (they should be only in sql)
+
+- Clean code => fix uninitialized variables
+
+- documentation/installation guide (see README)
+
+- Make PATH_INFO not changing contents of $_GET[] (it should affect some other variable instead - requires complex rewrite)
+- Switch completely to Base36 (Templates, Links, don't change $_GET[], queries should convert between base10 in db and base36 in kyberia automatically, etc...)
+
+- Rename all files&directories that should not be rewritten to PATH_INFO to start with "_" (and if they should be also ignored by git they should start with "-")
+ (Rename images to _images - and fix hardcoded stuff...)
+
+- Fix /(id|k)/*/download
+ (ERROR: Empty file to download.)
+ (I think this should be implemented as template
+ (and smarty method for download).
+ template can be ID down in base36 = 638807 in base10)
+
+- Cleanup DB
+ (Make script for deleting nodes in recycle bin)
+ (Some actions (like loging, etc...) may be implemented using SQL triggers)
+ (Mark all nodes that should become part of distribution of kyberia software)
+ (Delete unused tables)
+ (Replace duplicit tables with VIEWs)
+
+- put "setParent" everywhere