-- User mail is not working
- (mail seems to be stored in db,
- error is probably somewhere in template
- 1549888.tpl, 1549887.tpl or 25.tpl )
- Anyway move whole mail handling out of nodes.php (?)
+- When adding node, content is escaped twice(?)
+
+- Registration process -> Add welcome texts & move them to one file/node
+ Temporary requests node does not exists.
+ Nodes are created with bad vector
+ (during registration we should generate GnuPG keypair
+ to user_gpg_prv and user_gpg_pub fields in table users) (harvie)
+
+- User images (icons) seems to be broken
-- Registration process is not working
- (rewrite sending of reg. mails) (TEST)
+- User mail -> can't delete the mails...
+ Anyway move whole mail handling out of nodes.php (?)
- SQL injections (many fixed, but some should be still there)
- remove absolute paths from all source files (!)
-- User images (icons) seems to be broken somehow
-
- remove hard-coded hostname from:
( registration mails )
( scripts in "scripts" directory (system paths))
- Test & scale logarithmic threading
-- some templates are fixed only in .tpl, not in sql database
- => synchronize .tpl vs SQL templates (permanently)
+- Remove templates from git (they should be only in sql)
- Clean code => fix uninitialized variables
- documentation/installation guide (see README)
-- Implement URL handling using PATH_INFO instead of mod_rewrite
+- Make PATH_INFO not changing contents of $_GET[] (it should affect some other variable instead - requires complex rewrite)
+- Switch completely to Base36 (Templates, Links, don't change $_GET[], queries should convert between base10 in db and base36 in kyberia automatically, etc...)
- (IMHO we should use SHA1 or stronger algorithm instead of MD5 for storing passwords)
- (We can use multiple hash algorithms (so we'll have backward DB compatibility):
- {SHA256}0654209dbde29a5c17e4f04ab63a91d303d2e7c791c7b5777581a7fa6550054e
- {SHA1}f67c52c4a27cf05c99e4f3f946d6500f045a4735
- 5b077a0ab90992d9763c5b120b22c9d7
- ) Harvie
-
+ (I've implemented this partially. We can now login using various hash algorithms, it's backward compatible, but we still need to edit registration/password changing to use SHA1 when updating passwords in DB)