Difference between revisions of "User:Ryan52/old todo"
Jump to navigation
Jump to search
(add some stuff) |
(clean a bit) |
||
(368 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | + | * some changes to the gizmo_events (using a hash, edit buttons, add on submit, etc) should be ported to the contact methods (and other line item types, if not already), if they aren't already | |
− | + | ** add the onsubmit thing for contact_methods as well | |
+ | ** add the line items edit link for payments and contact methods as well, | ||
+ | ** check the new line item type(s) I've added since then (it was just gizmoes, payments, and contact_methods) | ||
+ | * get tests sane again | ||
+ | ** continuous integration is set up and working, but disabled until the tests work | ||
+ | * add onblur for the automatic line item completion thing (in addition to <TAB>, but only on the last element, I think) | ||
+ | * skedjulnator | ||
+ | ** merging the customizations and defaults | ||
+ | * cleanup with the prefix in the line item js | ||
+ | * fix our plugins stuff | ||
+ | ** move them to their own git repos | ||
+ | *** submodule them in | ||
+ | ** upgrade to the latest versions | ||
+ | ** forward patches upstream, and hope that they apply the changes | ||
+ | ** monkey patch wherever possible | ||
+ | * reports over time: | ||
+ | ** conditions | ||
+ | *** add OR support to conditions ... this will be invasive, probably | ||
+ | * make it work with rails 2.2.2 | ||
+ | * interface for adding contracts | ||
+ | * a way to disable contracts | ||
+ | * validation is done on the submit button's onclick...why not the forms onsubmit? | ||
+ | ** important if they submit with the enter button, I think | ||
+ | * covered condition (extra) | ||
+ | ** so we can see either. we don't need side by side numbers at this point, but who knows??? | ||
+ | ** maybe a graphing report | ||
+ | * security fixing | ||
+ | ** CSRF (use rails' protect_from_forgery and verify methods) | ||
+ | *** Look at this: [http://github.com/emk/mephisto/commit/c500bf8e05c250d02672c30d079a0bdeb66f0569] looks really kewl! | ||
+ | ** check for SQL injection, we won't have to worry about this in most places since we use active record, but the reports where we use SQL directly should be checked. | ||
+ | ** [http://guides.rubyonrails.org/security.html Rails Security Guide] | ||
+ | ** look closer at the XSS stuff (safe erb) -- I got a lot of em | ||
+ | *** the on_display stuff for contact searches is an XSS bug, sort of. regardless, it should be cleaned up. | ||
+ | * remove cruft from that ajax helper thing | ||
+ | ** lots of stuff in app/helpers/application.rb that's probably not used. if it is, it shouldn't be. | ||
− | + | [[Category: Coders]][[Category: FGdb]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |
Latest revision as of 02:01, 27 March 2010
- some changes to the gizmo_events (using a hash, edit buttons, add on submit, etc) should be ported to the contact methods (and other line item types, if not already), if they aren't already
- add the onsubmit thing for contact_methods as well
- add the line items edit link for payments and contact methods as well,
- check the new line item type(s) I've added since then (it was just gizmoes, payments, and contact_methods)
- get tests sane again
- continuous integration is set up and working, but disabled until the tests work
- add onblur for the automatic line item completion thing (in addition to <TAB>, but only on the last element, I think)
- skedjulnator
- merging the customizations and defaults
- cleanup with the prefix in the line item js
- fix our plugins stuff
- move them to their own git repos
- submodule them in
- upgrade to the latest versions
- forward patches upstream, and hope that they apply the changes
- monkey patch wherever possible
- move them to their own git repos
- reports over time:
- conditions
- add OR support to conditions ... this will be invasive, probably
- conditions
- make it work with rails 2.2.2
- interface for adding contracts
- a way to disable contracts
- validation is done on the submit button's onclick...why not the forms onsubmit?
- important if they submit with the enter button, I think
- covered condition (extra)
- so we can see either. we don't need side by side numbers at this point, but who knows???
- maybe a graphing report
- security fixing
- CSRF (use rails' protect_from_forgery and verify methods)
- Look at this: [1] looks really kewl!
- check for SQL injection, we won't have to worry about this in most places since we use active record, but the reports where we use SQL directly should be checked.
- Rails Security Guide
- look closer at the XSS stuff (safe erb) -- I got a lot of em
- the on_display stuff for contact searches is an XSS bug, sort of. regardless, it should be cleaned up.
- CSRF (use rails' protect_from_forgery and verify methods)
- remove cruft from that ajax helper thing
- lots of stuff in app/helpers/application.rb that's probably not used. if it is, it shouldn't be.