[sos-develop] Son of Service update
Brought to you by:
andrewziem
From: Andrew Z. <ah...@ma...> - 2003-12-01 14:58:24
|
This is a short update. Welcome Roger W. and Jeff K. Roger knows PHP, HTML, MySQL, and Linux (among other things) and expressed interest helping wherever needed. Soon he will be migrating SOS to AdoDB. Jeff comes from a Windows background, so I hope he'll test SOS against Windows, IIS, and MSSQL. Recent changes include: * New and improved error handling functions * Progress on redirecting users to non-POST pages after form processing * Basic functionality of add/edit/delete rather complete Short-term goals include: * Switch to AdoDB * Move phone numbers into separate table * Finish custom data fields by adding multiple choice types: radio, checkbox * Otherwise finalize database structures * Test e-mail further * Prepare first (alpha) release for early January Discussion item of the day: To prevent XSS strings should be sanitized by stripping HTML tags or using htmlentities(). Should sanitation occur before storing the string in the database or when retrieving? Currently it is done before. However, looking down the road, SOS may include a non-HTML front-end, so storing HTML entities would be not make sense. On the other hand, by stripping HTML beforehand, it's easy to get certain users the privilege to include HTML in strings. What do you think? Son of Service Tentative Development Road map This is for the next few months. Version 0.50 is about early January. Some latter items here can be done earlier. Version 0.50, first release * db: Switch to AdoDB * db: Implement new types into custom data strings: radio, checkbox, boolean * db: Move phone numbers into separate table (update related, inc. search) * db: Finalize database structures (as much as possible) * Redirect after processing POST form [finish] * Implement e-mail to individual volunteer * For e-mail interface web mail clients: SquirrelMail, IMP, Hotmail, Yahoo * Finish mass e-mail (at least through href=mailto) * Search for volunteer by availability * Implement error logging Version 0.51 * Careful look at efficient use of include/require * Failed form posting filled out without back button * Advanced searching: add to found set, navigate within found set * Quick search from any menu using name, e.g. Joh Smi for John Smith * Update and enhance system check * Automated upgrading * Add duplicate volunteer checking and record consolidation * Add to export mailing list: export only found set * Fix SQL in strings.php: minimum found quantity is one, should be zero * Easily navigate recently opened volunteers (suggest dropdown menu) * Implement plugin support * Plugin: map * Plugin: phone book * Plugin: message of the day (welcome.php) Version 0.52 * Implement help system * Write user help * Write installation guide * Easy installation/configuration via script * Finish gettext support * Write (at least) one translation * Focus on first form field * Use JavaScript/DOM to hide parts of summary by clicking * Test HTML output samples with HTML Validator * Test compatibility with PHP cache systems * Test compatibility with IIS * Test compatibility with Oracle, MS, DB2 * Test compatibility with PostgreSQL, Firebird * Works with SSL? * What is required (e.g., security) to use with Internet hosting? * Data sharing via XML? * Code comments (PHPDoc) * Performance tuning Andrew |