(Don't try to make much sense of this list. It's mainly for the core developers to keep track of things.) DOCUMENTATION: (JPROULX) -- how to modify site-local text (like: en_LJ from en) (done?) -- document all the db roles, and how to set 'em up in %LJ::DBINFO. (done?) ANYBODY: -- Windows syncitem client. Use Perl+Win::Forms+ActiveState compiler ... make local GDBM/etc file. Export to HTML/XML/etc from that file. -- user journal stats (have most of plan) -- ESN system (Event/Subscription/Notification) (have plan/API) * need a 'replyanywhere' priv that lets site admins reply in journals that are friends only, when the site admins aren't part of the community. * fix LJ::get_itemid_{before|after} to respect security of $remote NOTE: not easy to do fast. maybe best not to do it. not a big deal. +----------+ | bradfitz | +----------+ * version checking in login protocol mode: -- each client string: versionid|version|security|noteline -- new protocol login req opt: "checklevel" = { all | none | securityonly } -- priv for client authors to update db misc: developers/doc link wrong topics / named entries (url space control) logaccess bypass talkleft_xfp investigation * clustering: -- console -- after user's moved, update their memories: (0,global)->(userid,ditemid) that way, filtering on "my own" will work. * rate limiting MISC: * new authentication/login system... -- SSL logins & login tokens -- for non-SSL clients: challenge/response (with challenge being request body, plus GMT yyyymmddhh) * ljcom: automate username changes (payments and renaming) * BML::500_on_die option: make BML send a 500 server error on any _CODE block failure * BML: let VarInitScript define a hook to run on server error to get error message, look at it, and decide new error message. * Syndicating channels: http://www.livejournal.com/talkread.bml?itemid=14311193 * /fz/ joins on logtext (requires master) * talk* joins on logtext (requires master) * cvsreport: * -c doesn't need to scan maind.. perf. * -s with args doesn't need to scan everything, just args. * support: dakus wants to be able to mark requests as "still needs help" * LJ::delete_user() * require POST for all do actions (use LJ::did_post to check) * perf: don't preload friends in ljprotocol.pl:editfriends, check $sth->rows * comprehensive fix for adding communities as friends: befriending vs. watching: provide a way for users to turn bit 0 off in allowmask, essentially. +-------------+ | Cleanliness | +-------------+ * should never need to login as community! -- e.g. uploadpic/editinfo/etc needs to let community admins select their community to modify while logged in as themselves -- start using auth_info_2 everywhere like editpics/uploadpic * use LJ::send_mail everywhere, not sendmail pipe by hand * XHTML compliant everywhere * remove *_do.bml pages, merge into one page instead. +--------+ | Future | +--------+ * HTML email we send out with images should be the images in the MIME body and then HTML part reference those, not the ones on the site * attach files to posts (good for groupware) -- new cap limits: canattachfile, filemaxsize (0 for no limit) * support system tweaks: - ugly green to blue - allow touching by helpers - allow 5 minute locks - allow full email address to be shown to helpers * use