fixing broken vectors
[mirrors/Kyberia-bloodline.git] / doc / TODO
CommitLineData
f2e47e33 1- remove hard-coded constants (everywhere):
2
3ec55fdc 3- Registration process -> Add welcome texts & move them to one file/node
f2e47e33 4 +(during registration we should generate GnuPG keypair
3ec55fdc 5 to user_gpg_prv and user_gpg_pub fields in table users) (harvie)
fe69da5f 6
98a4cc6e 7- User mail -> can't delete the mails...
8 Anyway move whole mail handling out of nodes.php (?)
9
1241a428 10- SQL injections (many fixed, but some are still there)
fe69da5f 11
5b9c0808 12- remove absolute paths from all source files (!)
9297729b
H
13- convert to some more inteligent path system... eg.:
14 define('SYSTEM_ROOT', '/srv/kyberia/');
15 define('SYSTEM_WWWROOT', SYSTEM_ROOT.'/wwwroot/');
16 define('SYSTEM_URL', '/'); //or https://dev.kyberia.cz/
17 define('SYSTEM_DATA', '_data/');
18 define('SYSTEM_IMAGES', '_images/');
19 because right now we can't determine both: filesystem path and URL of the same directory. this SUX!
20- when we will be doing this we should make kyberia compatible with "./" PHP open base dir.
21 i think that it's really nice philosophy when PHP script is never accessing files that are not in the same directory (or it's subdirectory) as the script itself (especialy when it cannot do this - it can be good security improvement).
5b9c0808 22
78cc8511 23- remove hard-coded hostname from:
24 ( registration mails )
25 ( scripts in "scripts" directory (system paths))
5b9c0808 26
78cc8511 27- Fix https vs http problem (url)
dcee7633 28
1b5b2327 29- Uploading user images works, but resizing?
30
dcee7633 31- Suspected security holes:
1675d71f 32 ( ./inc/smarty/node_methodz/function.fetch.php) (read local files?)
f657368b 33 ( ./inc/eventz/spamuj_ubik.inc )
34 ( ./inc/eventz/upload_own_template.inc ) (is even needed?)
dcee7633 35
f657368b 36- Remove/fix not working eventz
37 ( ./inc/eventz/addClass.inc )
38 ( ./inc/eventz/addEvent.inc )
39 ( ./inc/eventz/addAjax.inc )
40 ( ./inc/eventz/addPlugin.inc )
41 ( ./inc/eventz/kyberia.inc ) (wtf)
42
d48685b8 43- Refactor directory structure
2f9b4885
H
44
45- Deprecated PHP features
46 ( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )
fe69da5f 47
48- keep fixing XSS
49
f2e47e33 50- Fix defaukt template (big tables)
5b9c0808 51
3ec55fdc 52- Remove templates from git (they should be only in sql)
fe69da5f 53
54- Clean code => fix uninitialized variables
f657368b 55
5b9c0808 56- documentation/installation guide (see README)
f657368b 57
bb6232c5
H
58- Make PATH_INFO not changing contents of $_GET[] (it should affect some other variable instead - requires complex rewrite)
59- Switch completely to Base36 (Templates, Links, don't change $_GET[], queries should convert between base10 in db and base36 in kyberia automatically, etc...)
45a1b870 60
38d469f5
H
61- Rename all files&directories that should not be rewrited to PATH_INFO to start with "_" (and if they should be also ignored by git they should start with "-")
62 (Rename images to _images - and fix hardcoded stuff...)
b5e8cd37
H
63
64- Fix /(id|k)/*/download
65 (ERROR: Empty file to download.)
66 (I think this should be implemented as template (and smarty method for download). template can be ID down in base36 = 638807 in base10)
445972a1
H
67
68- Cleanup DB
69 (Make script for deleting nodes in recycle bin)
70 (Some actions (like loging, etc...) may be implemented using SQL triggers)
71 (Mark all nodes that should become part of distribution of kyberia software)
72 (Delete unused tables)
73 (Replace duplicit tables with VIEWs)
4c113a6b 74
75- Image uploading not working (?)
76
77- put "setParent" everywhere
This page took 0.292653 seconds and 4 git commands to generate.