- User mail is not working
 (mail seems to be stored in db,
  error is probably somewhere in template
  1549888.tpl, 1549887.tpl or 25.tpl )
  Anyway move whole mail handling out of nodes.php (?)

- Registration process is not working
  (rewrite sending of reg. mails) (TEST)

- SQL injections (many fixed, but some should be still there)

- remove absolute paths from all source files (!)

- User images (icons) seems to be broken somehow

- remove hard-coded hostname from:
  ( registration mails )
  ( scripts in "scripts" directory (system paths))

- Fix https vs http problem (url) 

- Suspected security holes:
  ( cron/process-img.sh )
  ( ./inc/eventz/spamuj_ubik.inc )
  ( ./inc/eventz/upload_own_template.inc ) (is even needed?)

- Remove/fix not working eventz
  ( ./inc/eventz/addClass.inc  )
  ( ./inc/eventz/addEvent.inc )
  ( ./inc/eventz/addAjax.inc )
  ( ./inc/eventz/addPlugin.inc )
  ( ./inc/eventz/kyberia.inc ) (wtf)
 
- Refactor directory structure

- Deprecated PHP features
  ( Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 163 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 184 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 196 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 208 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 220 Deprecated: Assigning the return value of new by reference is deprecated in /srv/kyberia/wwwroot/nodes.php on line 242 )

- keep fixing XSS

- Test & scale logarithmic threading

- some templates are fixed only in .tpl, not in sql database
  => synchronize .tpl vs SQL templates (permanently)

- Clean code => fix uninitialized variables

- documentation/installation guide (see README)

- Implement URL handling using PATH_INFO instead of mod_rewrite

- (IMHO we should use SHA1 or stronger algorithm instead of MD5 for storing passwords)
  (We can use multiple hash algorithms (so we'll have backward DB compatibility):
		{SHA256}0654209dbde29a5c17e4f04ab63a91d303d2e7c791c7b5777581a7fa6550054e
		{SHA1}f67c52c4a27cf05c99e4f3f946d6500f045a4735
		5b077a0ab90992d9763c5b120b22c9d7
  ) Harvie