User:Ryan52/old todo
Jump to navigation
Jump to search
- some changes to the gizmo_events (using a hash, edit buttons, add on submit, etc) should be ported to the contact methods (and other line item types, if not already), if they aren't already
- add the onsubmit thing for contact_methods as well
- add the line items edit link for payments and contact methods as well,
- check the new line item type(s) I've added since then (it was just gizmoes, payments, and contact_methods)
- get tests sane again
- continuous integration is set up and working, but disabled until the tests work
- add onblur for the automatic line item completion thing (in addition to <TAB>, but only on the last element, I think)
- skedjulnator
- merging the customizations and defaults
- cleanup with the prefix in the line item js
- fix our plugins stuff
- move them to their own git repos
- submodule them in
- upgrade to the latest versions
- forward patches upstream, and hope that they apply the changes
- monkey patch wherever possible
- move them to their own git repos
- reports over time:
- conditions
- add OR support to conditions ... this will be invasive, probably
- conditions
- make it work with rails 2.2.2
- interface for adding contracts
- a way to disable contracts
- validation is done on the submit button's onclick...why not the forms onsubmit?
- important if they submit with the enter button, I think
- covered condition (extra)
- so we can see either. we don't need side by side numbers at this point, but who knows???
- maybe a graphing report
- security fixing
- CSRF (use rails' protect_from_forgery and verify methods)
- Look at this: [1] looks really kewl!
- check for SQL injection, we won't have to worry about this in most places since we use active record, but the reports where we use SQL directly should be checked.
- Rails Security Guide
- look closer at the XSS stuff (safe erb) -- I got a lot of em
- the on_display stuff for contact searches is an XSS bug, sort of. regardless, it should be cleaned up.
- CSRF (use rails' protect_from_forgery and verify methods)
- remove cruft from that ajax helper thing
- lots of stuff in app/helpers/application.rb that's probably not used. if it is, it shouldn't be.