TODO
author Dan
Sat, 23 Jun 2007 09:55:58 -0400
changeset 15 ad5986a53197
parent 14 ce6053bb48d8
child 21 663fcf528726
permissions -rwxr-xr-x
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
Enano Banshee - TODO
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     2
------------------------------------------
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     3
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     4
[ ] COPPA compliance
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     5
[x] Add in Moderators group
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     6
    [x] Create default ACL rule for mods
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     7
[x] Fix invalid HTML in SF.net logo
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     8
[ ] Clean up the wikitext parser - a lot. It needs some serious work.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     9
    We need a way to detect whether the text is mostly HTML, and if
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    10
    so, then leave stuff like automatic adding of <p> and <br /> out
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    11
    of the picture. Continue to parse wikilinks.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
[x] Add a system_group column and if it's set to 1, give (at least) a
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
    stern warning before deleting the group. Maybe disable the delete
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
    button altogether?
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    15
[x] SQL exporter: fix structure exporting when an auto column is defined
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
    and it's a named key (see pun_search_words)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    17
[x] Possibly add these fields: AIM, Yahoo, MSN, XMPP messenger icons, then homepage, location, occupation, hobbies, allow public e-mail display
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    18
    [ ] Put it in a user_extra table and have an option to enable or disable these fields in the admin panel
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    19
    [Y] Delay until RC3 or Banshee?
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    20
    [ ] When added, put a box on the user page that shows the information
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    21
[x] Fix "this page" bug in ACL editor
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    22
    [x] The problem itself got fixed BUT there seem to be deeper problems related to scope selection
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    23
        This needs to be FIXED and WORKING PERFECTLY in Banshee!
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    24
[x] Change the string shown on a successful re-auth into elevated privileges
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    25
    [x] ...and write a function that converts a numeric userlevel to a string
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    26
[x] Make Special:Login remember parameters (target level, target page) even on auth fail
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 14
diff changeset
    27
[x] Register users_extra table in system tables list (already done?)
14
ce6053bb48d8 Security: NUL characters are now stripped from GPC; several code readability standards changes
Dan
parents: 0
diff changeset
    28
[x] Trigger form submit on press of enter in Dynano login form
ce6053bb48d8 Security: NUL characters are now stripped from GPC; several code readability standards changes
Dan
parents: 0
diff changeset
    29
[ ] Rewrite the change theme dialog - it's archaic code that hasn't changed since beta 1!
ce6053bb48d8 Security: NUL characters are now stripped from GPC; several code readability standards changes
Dan
parents: 0
diff changeset
    30
    [ ] This should be the next-to-last step in phasing out the JWS code, which should be removed in the first 1.1 alpha
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    31
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    32
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    33
Enano Clurichaun - TODO
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    34
------------------------------------------
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    35
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    36
[x] Finish rewriting userprefs panel
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    37
    Remaining components:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    38
    [x] Signature
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    39
    [x] Real name
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    40
[x] When a user's level is set to Moderator or Administrator, automatically add them to the respective group
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    41
[x] Fix de-authentication button in admin panel
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    42
[x] Merge newer artwork into installer; make trademark notices
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    43
[x] Case-insensitive usernames for login
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    44
[x] Mass e-mail function in admin panel
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    45
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    46
Enano Leprechaun - TODO
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    47
------------------------------------------
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    48
[x] Make a frontend for creating/managing usergroups in the admin panel
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    49
[x] Make a frontend for group mods to add/remove group members in a new special page
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    50
[x] Create ACL editing frontends - preferably a "Manage access" button on every page and in the user admin panel
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    51
    [x] Need no-Javascript version of ACL editor
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    52
[x] Make absolutely everything check for the proper access - do a complete audit of index.php and pageutils.php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    53
    [x] Also need to check RenderMan::getPage, and require view_source privileges to get pages without wiki
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    54
        formatting or without PHP/HTML code
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    55
    [x] Check permissions for uploaded files and category editing - if the category is protected and the user doesn't have
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    56
        even_when_protected rights, lock down the category from adding/removing articles
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    57
        [x] For this to work, need SessionManager's ability to calculate effective permissions for a page implemented
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    58
[x] Update installation schema to create the default Everyone, Administrators, and Moderators groups and insert the
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    59
    admin user into Moderators and Administrators
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    60
[x] Update the upgrade schema - last point plus add in table creation for e_groups, e_group_members, and e_acl
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    61
[x] AJAX: Access control list editor
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    62
    [x] Write a template parsing class in Javascript
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    63
    [x] Use JSON to transport template data, permission types, etc. to the javascript client
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    64
    [x] Use JSON to send the updated permissions back to the server
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
[x] File uploads: Rewrite Special:UploadFile to work with new storage system
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    66
[x] Implement password reset
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    67
[x] Fix empty group bug in javascripted ACL editor
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    69
Delayed:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    70
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    71
[x] REWRITE Special:Preferences - settle for nothing less than perfect on this one! (DELAYED until RC2 - put password reset issues in known bugs)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    72
[ ] Implement ACL presets (DELAYED until RC2)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    73
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    74
Website-related:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    75
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    76
[ ] Enano website: add versioning rules page (like linux: x.y.z: x is major release, y is minor, and z is revision; if y is odd then its a beta)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    77
[ ] Enano website: create codename tracker page (PARTIALLY DONE)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    78