From: niekt0 Date: Thu, 4 Nov 2010 19:40:59 +0000 (+0100) Subject: Fixed TODO X-Git-Url: https://git.harvie.cz/?a=commitdiff_plain;h=78cc85116accdd5bf70ab6b195e7a0d420c74e37;p=mirrors%2FKyberia-bloodline.git Fixed TODO --- diff --git a/doc/BUGS b/doc/BUGS new file mode 100644 index 0000000..62ac46d --- /dev/null +++ b/doc/BUGS @@ -0,0 +1,7 @@ +- User mail is not working + +- There may be some SQL injections + +- If debuging is enabled, something (http links) can break + + diff --git a/doc/TODO b/doc/TODO index 9ad9663..c179516 100644 --- a/doc/TODO +++ b/doc/TODO @@ -3,22 +3,14 @@ - Registration process is not working (rewrite sending of reg. mails) -- FIX function.get_image_link.php: - ("GET /id/select%20user_id%20from%20users%20where%20user_id%20=%20332%3CBR%3E0.19035/images/nodes///.gif ) wtf? - - SQL injections (many fixed, but some should be still there) - remove absolute paths from all source files (!) (over 50) -- remove hard-coded kyberia.sk from: - ( ./inc/eventz/configure_email.inc ) - ( ./inc/eventz/delete.inc ) - ( ./inc/smarty/node_methodz/modifier.replaceLocalURLs.php ) - ( ./inc/replaceLocalURLs.inc ) - ( ./nodes.php ) - ( ./cron/rssparse.php ) - ( ./scripts/contentregexp.php ) (obsolete?) - Fix https vs http problem (url) +- remove hard-coded hostname from: + ( registration mails ) + ( scripts in "scripts" directory (system paths)) +- Fix https vs http problem (url) - Suspected security holes: ( cron/process-img.sh )