X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=doc%2FTODO;h=ddbef0f56af88ff1e47ded187048c794e1b55c97;hb=1552688a6dc706b8d989bd7de48e293a7b951f64;hp=062b57acc5835f14f246e986af07c45444fe7f74;hpb=1b5b232716e27e0a5ec811e8e09607be711444f7;p=mirrors%2FKyberia-bloodline.git diff --git a/doc/TODO b/doc/TODO index 062b57a..ddbef0f 100644 --- a/doc/TODO +++ b/doc/TODO @@ -1,14 +1,13 @@ +- remove hard-coded constants (everywhere): + - Registration process -> Add welcome texts & move them to one file/node - Temporary requests node does not exists. - Nodes are created with bad vector - (during registration we should generate GnuPG keypair + +(during registration we should generate GnuPG keypair to user_gpg_prv and user_gpg_pub fields in table users) (harvie) - - User mail -> can't delete the mails... Anyway move whole mail handling out of nodes.php (?) -- SQL injections (many fixed, but some should be still there) +- SQL injections (many fixed, but some are still there) - remove absolute paths from all source files (!) - convert to some more inteligent path system... eg.: @@ -30,7 +29,7 @@ - Uploading user images works, but resizing? - Suspected security holes: - ( cron/process-img.sh ) + ( ./inc/smarty/node_methodz/function.fetch.php) (read local files?) ( ./inc/eventz/spamuj_ubik.inc ) ( ./inc/eventz/upload_own_template.inc ) (is even needed?) @@ -48,7 +47,7 @@ - keep fixing XSS -- Test & scale logarithmic threading +- Fix defaukt template (big tables) - Remove templates from git (they should be only in sql) @@ -68,3 +67,10 @@ - Fix /(id|k)/*/download (ERROR: Empty file to download.) (I think this should be implemented as template (and smarty method for download). template can be ID down in base36 = 638807 in base10) + +- Cleanup DB + (Make script for deleting nodes in recycle bin) + (Some actions (like loging, etc...) may be implemented using SQL triggers) + (Mark all nodes that should become part of distribution of kyberia software) + (Delete unused tables) + (Replace duplicit tables with VIEWs)