From 78cc85116accdd5bf70ab6b195e7a0d420c74e37 Mon Sep 17 00:00:00 2001
From: niekt0 <niekt0@kyberia.cz>
Date: Thu, 4 Nov 2010 20:40:59 +0100
Subject: [PATCH] Fixed TODO

---
 doc/BUGS |  7 +++++++
 doc/TODO | 16 ++++------------
 2 files changed, 11 insertions(+), 12 deletions(-)
 create mode 100644 doc/BUGS

diff --git a/doc/BUGS b/doc/BUGS
new file mode 100644
index 0000000..62ac46d
--- /dev/null
+++ b/doc/BUGS
@@ -0,0 +1,7 @@
+- User mail is not working
+
+- There may be some SQL injections
+
+- If debuging is enabled, something (http links) can break
+
+
diff --git a/doc/TODO b/doc/TODO
index 9ad9663..c179516 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -3,22 +3,14 @@
 - Registration process is not working
   (rewrite sending of reg. mails)
 
-- FIX function.get_image_link.php: 
-  ("GET /id/select%20user_id%20from%20users%20where%20user_id%20=%20332%3CBR%3E0.19035/images/nodes///.gif ) wtf?
-
 - SQL injections (many fixed, but some should be still there)
 
 - remove absolute paths from all source files (!) (over 50)
 
-- remove hard-coded kyberia.sk from:
-  ( ./inc/eventz/configure_email.inc )
-  ( ./inc/eventz/delete.inc )
-  ( ./inc/smarty/node_methodz/modifier.replaceLocalURLs.php )
-  ( ./inc/replaceLocalURLs.inc )
-  ( ./nodes.php )
-  ( ./cron/rssparse.php )
-  ( ./scripts/contentregexp.php ) (obsolete?)
-  Fix https vs http problem (url)
+- remove hard-coded hostname from:
+  ( registration mails )
+  ( scripts in "scripts" directory (system paths))
+- Fix https vs http problem (url) 
 
 - Suspected security holes:
   ( cron/process-img.sh )
-- 
2.30.2