Difference between revisions of "User:Ryan52/old todo"
Jump to navigation
Jump to search
(some of the db stuff is required, or close enough to required) |
(clean a bit) |
||
(337 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | + | * some changes to the gizmo_events (using a hash, edit buttons, add on submit, etc) should be ported to the contact methods (and other line item types, if not already), if they aren't already | |
− | + | ** add the onsubmit thing for contact_methods as well | |
− | + | ** add the line items edit link for payments and contact methods as well, | |
− | + | ** check the new line item type(s) I've added since then (it was just gizmoes, payments, and contact_methods) | |
− | + | * get tests sane again | |
− | + | ** continuous integration is set up and working, but disabled until the tests work | |
− | + | * add onblur for the automatic line item completion thing (in addition to <TAB>, but only on the last element, I think) | |
− | + | * skedjulnator | |
− | * | + | ** merging the customizations and defaults |
− | * | + | * cleanup with the prefix in the line item js |
− | * | + | * fix our plugins stuff |
− | + | ** move them to their own git repos | |
− | + | *** submodule them in | |
− | * | + | ** upgrade to the latest versions |
− | * | + | ** forward patches upstream, and hope that they apply the changes |
− | * | + | ** monkey patch wherever possible |
− | * | + | * reports over time: |
− | * | + | ** conditions |
− | + | *** add OR support to conditions ... this will be invasive, probably | |
− | + | * make it work with rails 2.2.2 | |
− | + | * interface for adding contracts | |
− | * | + | * a way to disable contracts |
− | * | + | * validation is done on the submit button's onclick...why not the forms onsubmit? |
− | * | + | ** important if they submit with the enter button, I think |
− | * | + | * covered condition (extra) |
− | * | + | ** so we can see either. we don't need side by side numbers at this point, but who knows??? |
+ | ** maybe a graphing report | ||
* security fixing | * security fixing | ||
− | |||
** CSRF (use rails' protect_from_forgery and verify methods) | ** CSRF (use rails' protect_from_forgery and verify methods) | ||
+ | *** Look at this: [http://github.com/emk/mephisto/commit/c500bf8e05c250d02672c30d079a0bdeb66f0569] looks really kewl! | ||
** check for SQL injection, we won't have to worry about this in most places since we use active record, but the reports where we use SQL directly should be checked. | ** check for SQL injection, we won't have to worry about this in most places since we use active record, but the reports where we use SQL directly should be checked. | ||
− | + | ** [http://guides.rubyonrails.org/security.html Rails Security Guide] | |
− | * | + | ** look closer at the XSS stuff (safe erb) -- I got a lot of em |
− | + | *** the on_display stuff for contact searches is an XSS bug, sort of. regardless, it should be cleaned up. | |
− | + | * remove cruft from that ajax helper thing | |
− | * | + | ** lots of stuff in app/helpers/application.rb that's probably not used. if it is, it shouldn't be. |
− | * | ||
− | * | ||
− | |||
− | |||
− | |||
− | * | ||
− | ** | ||
− | |||
− | |||
− | |||
− | * | ||
− | * | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | [[Category: Coders]][[Category: FGdb]] | |
− |
Latest revision as of 02:01, 27 March 2010
- some changes to the gizmo_events (using a hash, edit buttons, add on submit, etc) should be ported to the contact methods (and other line item types, if not already), if they aren't already
- add the onsubmit thing for contact_methods as well
- add the line items edit link for payments and contact methods as well,
- check the new line item type(s) I've added since then (it was just gizmoes, payments, and contact_methods)
- get tests sane again
- continuous integration is set up and working, but disabled until the tests work
- add onblur for the automatic line item completion thing (in addition to <TAB>, but only on the last element, I think)
- skedjulnator
- merging the customizations and defaults
- cleanup with the prefix in the line item js
- fix our plugins stuff
- move them to their own git repos
- submodule them in
- upgrade to the latest versions
- forward patches upstream, and hope that they apply the changes
- monkey patch wherever possible
- move them to their own git repos
- reports over time:
- conditions
- add OR support to conditions ... this will be invasive, probably
- conditions
- make it work with rails 2.2.2
- interface for adding contracts
- a way to disable contracts
- validation is done on the submit button's onclick...why not the forms onsubmit?
- important if they submit with the enter button, I think
- covered condition (extra)
- so we can see either. we don't need side by side numbers at this point, but who knows???
- maybe a graphing report
- security fixing
- CSRF (use rails' protect_from_forgery and verify methods)
- Look at this: [1] looks really kewl!
- check for SQL injection, we won't have to worry about this in most places since we use active record, but the reports where we use SQL directly should be checked.
- Rails Security Guide
- look closer at the XSS stuff (safe erb) -- I got a lot of em
- the on_display stuff for contact searches is an XSS bug, sort of. regardless, it should be cleaned up.
- CSRF (use rails' protect_from_forgery and verify methods)
- remove cruft from that ajax helper thing
- lots of stuff in app/helpers/application.rb that's probably not used. if it is, it shouldn't be.