vBulletin v6.0.4

Markers

Table of Contents

vb/api/ad.php	1
vb/api/content/attach.php	1
vb/api/content/channel.php	1
vb/api/content/photo.php	1
vb/api/content/privatemessage.php	4
vb/api/editor.php	2
vb/api/hv.php	1
vb/api/options.php	1
vb/api/page.php	2
vb/api/paidsubscription.php	1
vb/api/profile.php	4
vb/api/reputation.php	1
vb/api/search.php	2
vb/api/socialgroup.php	1
vb/api/styleschedule.php	1
vb/api/template.php	3
vb/api/vb4/album.php	15
vb/api/vb4/cms.php	10
vb/api/vb4/private.php	1
vb/api/vb4/report.php	1
vb/api/widget.php	5
vb/api.php	1
vb/bbcodehelper.php	3
vb/cache/apc.php	1
vb/cache/memcached.php	1
vb/cache.php	1
vb/database.php	1
vb/datamanager/moderator.php	2
vb/datamanager/stylevar.php	1
vb/datamanager/stylevardefn.php	1
vb/datamanager/user.php	1
vb/entity.php	1
vb/exception/404.php	1
vb/exception/critical.php	1
vb/exception/reroute.php	1
vb/exception.php	2
vb/image/gd.php	1
vb/image/imagick.php	2
vb/image.php	1
vb/library/bbcode.php	14
vb/library/content/attach.php	3
vb/library/content/channel.php	1
vb/library/content/event.php	2
vb/library/content/link.php	1
vb/library/content/poll.php	3
vb/library/content/privatemessage.php	1
vb/library/content/report.php	1
vb/library/content/text.php	2
vb/library/content/video.php	1
vb/library/fcmessaging.php	2
vb/library/language.php	1
vb/library/notification.php	4
vb/library/phrase.php	1
vb/library/product.php	1
vb/library/user.php	5
vb/library/usergroup.php	1
vb/notification/content/usermention.php	1
vb/notification/likednode.php	1
vb/notification/pollvote.php	1
vb/notification/visitormessage.php	1
vb/request/web.php	1
vb/usercontext.php	6
vb/utility/date.php	1
vb/wysiwyghtmlparser.php	5
vb/xml/import/channel.php	1
vb/xml/import/theme.php	4
vb/xml/import/widget.php	1

ad.php

Type	Line	Description
TODO	704	Fetch criteria cache by adid

attach.php

Type	Line	Description
TODO	665	fix below. I think this is actually a bug.

channel.php

Type	Line	Description
TODO	498	fix this check?

photo.php

Type	Line	Description
TODO	279	replace this with a validate ACTION_VIEW check?

privatemessage.php

Type	Line	Description
TODO	382	Is there any reason to delete the humanverify record after the validate() call below instead of letting the cron deal with it?
TODO	488	log these errors.
TODO	563	get this from bbcode utility in the future.
TODO	1176	remove this function. Do not simply deprecate since

editor.php

Type	Line	Description
TODO	247	, set default values for this.
TODO	255	AND usergroup limit > 0

hv.php

Type	Line	Description
TODO	91	- We need a better solution. This works for now but is homely

options.php

Type	Line	Description
TODO	391	Use phrase API to insert phrases

page.php

Type	Line	Description
TODO	512	check for conflicts with existing pages for $url !!
TODO	725	If there already exists a "hard coded" '/' home navitem that's NOT associated with

paidsubscription.php

Type	Line	Description
TODO	358	vB_Template::create() has many PHP notices. We need to fix them.

profile.php

Type	Line	Description
TODO	180	is there supposed to be an else...error here for when pathinfo's empty?
TODO	420	check that this event is triggered when modifying the content of a subchannel
TODO	797	CACHE THIS???
TODO	1198	check that this event is triggered when modifying the content of a subchannel

reputation.php

Type	Line	Description
TODO	116	Better permission check

search.php

Type	Line	Description
TODO	96	$searchType shouldn't have a default value, but be explicitely declared in each call
TODO	1480	figure out how to actually implement this for photo attachments...

socialgroup.php

Type	Line	Description
TODO	858	this code is similar to vB_Api_Widget::saveChannel, add a library method with it?

styleschedule.php

Type	Line	Description
TODO	99	Hard-code the start time & end time to 00:00:00 & 23:59:59 in API? Or in admincp?

template.php

Type	Line	Description
TODO	605	Product API
TODO	790	Product API
TODO	1099	Product API

album.php

Type	Line	Description
TODO	29	Implement when vB5 is more well defined on this feature.
TODO	69	Implement when vB5 is more well defined on this feature.
TODO	88	Change this when VBV-9148 is fixed. There is no such thing as private albums in vb5 atm.
TODO	89	Change this when moderation of album pictures is respected
TODO	147	'pictureurl' => $thumbUrl,
TODO	152	, moderation?
TODO	182	'end' =>0, // TODO
TODO	188	'personalalbum' => ($album['viewperms'] == 0),
TODO	214	'messagestats' => array(
TODO	273	'caption_html' => '', // TODO
TODO	283	'prev_text_short' => '', //TODO
TODO	286	'next_text_short' => '', //TODO
TODO	309	'add_group_link' => 0, // TODO
TODO	311	'moderation' => 0, // TODO
TODO	313	),

cms.php

Type	Line	Description
TODO	289	should this array also have any section data?
TODO	913	spec this.
TODO	921	spec this.
TODO	1053	spec this.
TODO	1131	What's the actual analog of the list.php vB4 page???
TODO	1134	Is this the expected value??
TODO	1136	how's this used by the app?
TODO	1143	what is this
TODO	1220	What's the actual analog of the list.php vB4 page???
TODO	1222	Is this the expected value??

private.php

Type	Line	Description
TODO	465	when should a PM be read when fetched from MAPI?

report.php

Type	Line	Description
TODO	132	does the app require these error keys to have corresponding phrases in vB5 ?

widget.php

Type	Line	Description
TODO	184	update cleanWidgetConfigData() to better handle random values coming in from above...
TODO	336	this requires a phrase fetch... see addWidgetTitles
TODO	1761	reduce code duplication without degrading readability.
TODO	2137	Optimization-- this information has probably already been queried somewhere
TODO	2454	this doesn't use pagination. If/When UI changes, use vBForum:getChannel instead

api.php

Type	Line	Description
TODO	420	Check if this is truly necessary with mobile team

bbcodehelper.php

Type	Line	Description
TODO	189	need a way to also remove trailing   ... I think the only way   can get in
TODO	193	^-
TODO	346	do we need to escape smiliepath?

apc.php

Type	Line	Description
TODO	84	This can be inherited once late static binding is available. For now it has to be redefined in the child classes

memcached.php

Type	Line	Description
TODO	101	This can be inherited once late static binding is available. For now it has to be redefined in the child classes

cache.php

Type	Line	Description
TODO	655	Provide more options

database.php

Type	Line	Description
TODO	1176	-- need to clean up VB_AREA stuff

moderator.php

Type	Line	Description
TODO	141	the way we return the int value directly disallows using this method to set perms to 0.
TODO	159	the way we return the int value directly disallows using this method to set perms to 0.

stylevar.php

Type	Line	Description
TODO	583	validate fontlist is a list of fonts, with "'" wrapped around font names with spaces, and each font separated with a ",".

stylevardefn.php

Type	Line	Description
TODO	111	TEST THIS FUNCTION!!! Coded w/o testing or reference

user.php

Type	Line	Description
TODO	1061	we may want to allow bypasses for these types too for third party data providers. For now

entity.php

Type	Line	Description
TODO	175	need to figure out how to differentiate between backing-field properties

404.php

Type	Line	Description
TODO	27	Set the reroute path from vB_Router::$App->get404Route();

critical.php

Type	Line	Description
TODO	24	Set the reroute path from vB_Router::get500Path();

reroute.php

Type	Line	Description
TODO	26	Create methods to add the redirect message and the target route path.

exception.php

Type	Line	Description
TODO	193	method not yet implemented
TODO	210	$this->mailed = true;

gd.php

Type	Line	Description
TODO	1280	Do we really care that they renamed the extension??

imagick.php

Type	Line	Description
TODO	816	force rewrite image?????
TODO	968	determine based on image size (width)? whether it's best to try to fit

image.php

Type	Line	Description
TODO	1554	What if the marker is split between 2 chunks?

bbcode.php

Type	Line	Description
TODO	113	refactor this property
TODO	148	remove $this->forumid
TODO	245	combine with $this->options?
TODO	879	discrepancy with frontend parser:
TODO	1578	edit & preview mode hit this. We may want Edit to use the existing cache...
TODO	2176	discrepancy, frontend seems to render 'video_frame' not 'bbcode_video" template?
TODO	2568	edit & preview mode hit this. We may want Edit to use the existing cache...
TODO	2818	Move to UNSHARED block at bottom
TODO	3018	This doesn't look right to me. I feel like htmlSpecialCharsUni should be outside of the
TODO	3033	can legacy attachments come through here...???
TODO	3187	Allow $size == 'icon' case for thumbs-only-channels??
TODO	4007	This doesn't look right to me. I feel like htmlSpecialCharsUni should be outside of the
TODO	4020	REPLACE USE OF unserialize() above WITH json_decode
TODO	4100	WHAT IS THIS CAPTION???

attach.php

Type	Line	Description
TODO	696	This needs to check signature related usergroup permissions. VBV-14819
TODO	1630	Remove need for $skipUploadPermissionCheck
TODO	1686	upload check? at the moment, all callers have already called $this->scanFileArray(...), so

channel.php

Type	Line	Description
TODO	94	API will no longer allow this. Remove this code as well at some point.

event.php

Type	Line	Description
TODO	44	should this be LIB? API should've checked perms..
TODO	316	Remove this, should not be needed any longer and we can't keep supporting

link.php

Type	Line	Description
TODO	357	uncomment this when the editor is ready

poll.php

Type	Line	Description
TODO	51	Why do we call this when the parent::getFullContent() already called it?
TODO	117	we need to improve this to consider voting permissions for guests.
TODO	480	Should subscribers get notifications for poll votes?

privatemessage.php

Type	Line	Description
TODO	1057	This isn't correct. There's no guarantee the first node (or ANY node requested here) is

report.php

Type	Line	Description
TODO	209	Should we push the view check out to email listing as well?

text.php

Type	Line	Description
TODO	1158	figure out a way to do this in bulk
TODO	1514	Some legacy attachments may not be visible due to permissions. I don't think this function

video.php

Type	Line	Description
TODO	244	Permission check

fcmessaging.php

Type	Line	Description
TODO	1426	do we have to validate the device token (aka registration id)?
TODO	1469	do we have to validate the device token (aka registration id)?

language.php

Type	Line	Description
TODO	41	add required fields as key?

notification.php

Type	Line	Description
TODO	255	also group by languageid for phrasing.
TODO	614	need to add heavy testing for the counts below
TODO	963	figure out how to get rid of this double call to follow API (this is also called in
TODO	1129	REFACTOR CONTENT LIBRARY'S sendEmailNotification()

phrase.php

Type	Line	Description
TODO	836	store this somewhere? -- might as well store phrases converted now to

product.php

Type	Line	Description
TODO	160	shouldn't subtype be empty or match $package?

user.php

Type	Line	Description
TODO	261	We need to skip perm checks for this so *all* user data gets caught in the net when
TODO	270	figure out what should happen with categories
TODO	2945	Restore the 'activememberdays' option and use that
TODO	3505	userfield scope for userlib saves???
TODO	5052	All of these selects are candidates for UNBUFFERED selects, when we implement it.

usergroup.php

Type	Line	Description
TODO	27	This seems to only be used by the channel XML importer.

usermention.php

Type	Line	Description
TODO	93	Add UGP

likednode.php

Type	Line	Description
TODO	79	Confirm this behavior, should this be if_read instead?

pollvote.php

Type	Line	Description
TODO	86	Confirm this behavior, should this be if_read instead?

visitormessage.php

Type	Line	Description
TODO	393	Do phrases like {1}: {2} that can be hard-coded concatenations require phrasing for

web.php

Type	Line	Description
TODO	43	how should we determine this?

usercontext.php

Type	Line	Description
TODO	301	do we need a superadmin bypass here?
TODO	1132	do we need to allow superadmin bypass for infraction masking here?
TODO	1300	We probably need to check if any infraction groups are applied on this user and if they
TODO	1329	This needs to actually check. This is fairly complex, but it needs to check with
TODO	1471	We have a lot of cases where we do this operation:
TODO	2229	... is this right? We don't check if the node is actually their own channel or anything?

date.php

Type	Line	Description
TODO	271	This isn't really "broken", just not exactly the same. Should we

wysiwyghtmlparser.php

Type	Line	Description
TODO	415	the [^>]+ breaks if there's any attribute that has > in quotes before the src attribute. We need a way to handle this.
TODO	688	update regex to also check that it is OUR server?
TODO	783	update regex to also check that it is OUR server?
TODO	1788	use stylevar
TODO	1822	use stylevar

channel.php

Type	Line	Description
TODO	305	after talking with Ed, we decided it might be best not to allow node removal at all. Need to confirm with Kevin

theme.php

Type	Line	Description
TODO	141	need to test that overwrite works correctly
TODO	265	Figure out what this is used for
TODO	349	should we throw an exception if no guid is provided?
TODO	742	need better check to grab REAL files only. One approach is to use a filename prefix and check for that, like how customlanguages does it

widget.php

Type	Line	Description
TODO	814	update saved adminconfigs