/program/TODO.txt $Id: TODO.txt,v 1.4 2014/11/07 13:22:19 peter Exp $ 2008-01-29 -- convert /program/*.txt to DOS-text -- decide on exact license conditions 2008-02-01 -- add an explanation to the manual about $CFG->datadir within the document root and a 'difficult' name that cannot be guessed. 2008-02-07 OK should we document $CFG->debug? this is a feature that is handy during development, but it should be 'off' on a production server Answer: this is now documented. -- how can we discriminate between a call from the command line and a call via a web interface? Is it a mere check of $_SERVER['REMOTE_ADDR']? (You _never_ have a remote address when working from the command line, do you?). Would be handy in case of cron.php. 2008-02-14 -- make a separate subtree for testing purposes. I don't think that that test environment should be published for end users (but it should be for developers). Maybe a subdirectory /devel/test/ and a corresponding /devel/test/test.php? 2008-02-19 -- can it be possible to have a page visible in navigation and not available to serve? I'm inclined to say yes: if a node only has a href, no actual data is available in the database. However, should we treat this as a call nevertheless and count the page view just before we redirect via header()? Mmm.... 2008-03-22 OK Protect password fields with AUTOCOMPLETE="off" (see http://www.owasp.org/index.php/Guide_to_Authentication) OK Count the number of failed login-attempts within a certain period of time OK On-time password reset should time out in a short time, e.g. 15 minutes (ok, make it 30 minutes) OK Should there be password requirements (min 1 digit, min 1 capital, minimum length?): YES one of each. OK Add delay in user validation (3 seconds per attempt) OK Should login-forms have short-lived unique identifiers? (prevents brute force attacks?) Methinks that our blacklist facility (8 minutes after more than 10 failed attempts) is enough. 2008-04-25 -- Add to cronjobs: cleanup of expired sessions + logging of the fact OK Should we add the number of calls + length of session in seconds to the logout message? What then if the session expires without a proper logoff? A: added this for reqular logouts -- Add to cron: removal of obsolete login_failures? It should be auto-cleaning but if a user fails once and never returns, the failure will be there forever. OK Get rid of the 'trigger_error()' calls now that we have logger(), maybe except errors in the database routines.. -- Logrotate for log_messages table? How? Send a summary to the webmaster before deletion? 2008-04-27 -- we should be able to optimise with relative links (sometimes) if the hostname part of $CFG->www and $CFG->progwww are the same. Example: when pointing to the source of an image the src would be {$CFG->progwww}/graphics/foo.png, i.e. including the 'http://www.exemplum.websiteatschool.org' part. If $CFG->www also starts with that string, we can leave it out in the src property: src="/program/graphics/foo.png". Here is a generic example fromt RFC3986: foo://example.com:8042/over/there?name=ferret#nose \_/ \______________/\_________/ \_________/ \__/ | | | | | scheme authority path query fragment If $CFG->www and $CFG->progwww have the same scheme and authority, links could be made relative, e.g. <a href="/over/there/?name=ferret#nose"> and <img src="/over/there/program/graphics/ferret.jpg"> instead of prefixing with an explicit "foo://example.com:8042/". What if the scheme and authority are NOT the same? 2008-05-01 -- About the installer: if the installer is not able to write 'config.php' to the target directory, it should be possible to 'download' a .ZIP-file with this config.php, and perhaps also with index.php, cron.php, admin.php? Unzip that in the appropriate place and you are in business. 2008-08-01 -- How about storing ETags and be friendly to caches/proxies? -- How about using index.php/aaa/nnn/friendly-title-of-page-for-bookmark instead of index.php?area=aaa&node=nnn That too is cache/proxy-friendly... 2008-09-29 OK How about adding an extra parameter to manual.php in order to 'deep link' to the manual? Example: if the user has selected the pagemanager in admin.php, should the help button be calling 'manual.php?language=en&job=pagemanager' or something? Done: additional parameter 'topic' is added, at least from page manager. Could be employed from start centre too if necessary. 2008-10-01 -- Should there be an attribute 'is_root' or 'is_guru' in the users table? E.g. if a node is owned by some user, only that user is allowed to remove the read-only bit. Shouldn't there be a way to override that other than by using phpMyAdmin to manipulate the database directly? 2008-10-10 -- Edit permissions not only depend on the user's permission bits but also on the read-only attribute of a node. -- We should isolate the check-permission routines becaust they are used when creating icons and also when executing the corresponding function. 2008-10-20 -- get some decent graphics for button_save and button_cancel and other buttons... 2008-10-28 OK How about changing all where clauses with "(value = 'NULL')" into "(value IS NULL)" to be more SQL-standard compliant? Done, in databaselib.php and function db_where_clause(). -- So how about recovering from a crashed browser with an inaccessible session? It is very annoying to be locked out in the cold if the browser crashed and I immediately login again using the same credentials and still not be able to carry on... Should we add the time of the lock, too? That would give the other user an educated guess about the odds that the other session is still active. Mmmmm... 2008-11-12 -- the output object AdminOutput should have something like a 'funnel mode'. This mode should disable all navigation links and other links that could distract and/or seduce the user to leave the page. Main use: prevent locked records hanging around without the user actively editing that record. 2008-11-20 -- the Theme should have a property 'date/time last modified' so a module can update it via module_view(). -- how to create an alert based on edit content (or not)? How can we tell that the content actually changed? Is there a 'dirty' bit somewhere? Should we return a status insted of simply true/false? 2008-12-10 -- How about the visibility of nodes when in preview mode????? 2009-02-25 -- do we actually _USE_ the field muser_id in the page manager? we do in the area manager. 2009-02-26 -- How about adding transactions (rollback, commit) See function that deletes areas. Q: How well is MySQL suited for transactions? A: Mmmmm.... Which version? Which storage engine? 2009-05-31 -- Why not use the 'name' field in the dialogdef[] arrays? $dialogdef = array('fullname' => array('name' => 'fullname', 'type' => F_STRING, ...)); Much more convenient when saving data. -- Doublecheck for htmlspecialchars() when displaying information from the database in a dialog: a username like say '<u>ser</u>name' should be converted to '<u>ser</u>name' before being sent to the browser. 2009-06-04 -- we should re-analyse the repercussions of the option to delete user accounts. If only the user_id is logged, it is difficult to figure out whodunnit if the account has already disappeared, not to mention breaking the constraint of the foreign key. This is also a problem for tables with cuser_id and muser_id... 2009-09-22 -- We should have a graphics designer restyle all icons etc. I'm no good at that. 2009-12-04 -- Should we make the permissions 0700 configurable, eg in areamanager? 2010-09-27 -- There is a potential security issue with relative paths: the check on '/../' is inconclusive if the $path is encoded in UTF-8: the overlong sequence 2F C0 AE 2E 2F eventually yields 2F 2E 2E 2F or '/../'. Reference: RFC3629 section 10. Applies to main_file.php and also filemanager.class.php. 2010-12-08 -- Should we add a configuratble favicon to themes as a config option (defaulting to /program/graphics/favicon.ico)? 2011-05-02 -- Can we think of a smart way to assign hotkeys to HTML-labels where the hotkey is a multi-byte UTF-8 sequence? And more important: does it make sense to do so or is a hotkey like [Alt-R] always connected to the keyboard-key 'R' in combination with 'Alt'? Does it even work to have something like "~\xC2\xAEegister" where \xC2\xAE is the (R) symbol and the tilde would indicate hotkey [Alt-(R)] or what? And, how does one generate such a character (R)? If you generate it with say [AltGr] + [R] then the hotkey-combination becomes [Alt-AltGr-R]. Mmmmm, sounds counter-intuitive to me. -- Is it better to assign quasi-random ASCII-characters to translated labels, something like "~<A>\xC2\xAEegister" which might yield hotkey [Alt-A] for the label that would display as "\xC2\xAEegister" ie without the '~' '<' 'A' and '>'. Mmmm.... confusing... 2011-09-09 -- How about normalising all calls to _SERVER['REMOTE_ADDR'] making sure we can compare 'canonical' IP-addresses (see RFC 5952).
Documentation generated on Tue, 28 Jun 2016 19:07:35 +0200 by phpDocumentor 1.4.0