-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathTODO
111 lines (78 loc) · 3.54 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
###########
@ BUDDY & AUTH:
o Buddylists
o Latest Requests (by Login date)
Network Display:
o Friend/Partner of Friend/Partner
o Friend/Partner of Friend/Partner of Friend/Partner
o Friend of Friend Connection Display
- treat connection type 'ignore' for shouts, messages, connection requests & recent connection requests
###########
@ USER/PROFILE:
- After activation, redirect to /profile/x/edit
- User change Email
- Profile Edit - Monthname Translation
- Profile Edit - Selected Date
- See Profile/Editview for TODO
- Profile Visitors
- Gravatar (PLUGIN!)
- http://bakery.cakephp.org/articles/view/gravatar-helper
http://github.com/ionas/CakePHP-Goodies/tree/master/views/helpers/
- Add User/Profile/Messages DELETION/PURGING (Personal Data only) var $purgeFields => array('name' => array('type' => 'type', 'value' => 'value'), look at cakes schema to determine type maybe)
##############
On Profile Create, Create Welcome shout from sna profile (see Last.fm)
##############
Allow multiple pagination (not at the same time)
See Ticket + Blog
###########
@ MULTIPLE_PAGINATION (profile paginating shouts, activities, buddies whatever)
http://cakephp.lighthouseapp.com/projects/42648/tickets/102-support-for-multiple-pagination
- TODO, wrap request params, see bakery
Also of interest:
str_replace / => |
str_replace : => ,
echo 'paginate:shouts(' . str_replace('/', '|', '/page:1/sort:Shout.created/direction:asc') . ')'
. '/paginate:activities(' . rawurlencode('/page:1/sort:Activities.created/direction:asc') . ')';
###########
SCREENDESIGN!!!
###########
@ ACTIVITIES (PLUGIN!)
- data sources to last.fm, twitter, flickr, wordpress/rss
###########
@ DISCUSSION_GROUPS (PLUGIN!)
###########
@ TRANSLATION:
- Add Language autodetection (browser, geo location/ip) + save in Cookies
- /users/register;lang=eng
- LANG Urls / LANG Router
- http://bakery.cakephp.org/articles/view/p28n-the-top-to-bottom-persistent-internationalization-tutorial
- http://teknoid.wordpress.com/2008/11/28/cakephp-url-based-language-switching-for-i18n-and-l10n-internationalization-and-localization/
###########
@ SECURITY:
- Check Security Concept @ Auth (All forbidden, allow excplicit)
- CSFR: Form instead of Link for "Modifing" things:
http://groups.google.com/group/cake-php/browse_thread/thread/8d82f0b09d1057c5#msg_3f7316111ff013ec
http://www.ad7six.com/read/67-Generic-capability-based-security-%28CSRF-prevention%29
http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/controllers/components/swiss_army.php#ln302
- CSFR (Security, /foo/delete/id123 should not work (POST instead of GET?))
- ACL (if required)
- Security Features and Double Salts, See also: http://devedge.jonas-hartmann.com/documents/Securing_authentication_and_data_manipulation_via_HTTP.html
- Research Akismet: http://sethcardoza.com/posts/view/8/title/integrating-akismet-with-cakephp http://akismet.com/ http://cakeforge.org/snippet/detail.php?type=snippet&id=95
- Sanitize: <?php App::import('Sanitize')?> / Sanitize::html()
- Password Generator (JS Based or Ajax based)
###########
Method and Class DOCUMENTATION
TESTS
###########
Validate User Registration Token Expiry
Remove unvalidated users after 72h (3days)
###########
Invalidate session if logged in from another place (DB Sessions?)
User logs in at a second place/browser, first session should be invalidated.
=> SessionComponent extends CakeSession, CakeSession::__write() -> add optional field user_id
Try
MySessionComponent implements SessionComponent extends MyCakeSession
and
MyCakeSession extends CakeSession
###########
TextMate Invisible MORE TRANS