Markers
Table of Contents
attach.php
Type | Line | Description |
---|---|---|
TODO | 664 | fix below. I think this is actually a bug. |
channel.php
Type | Line | Description |
---|---|---|
TODO | 509 | fix this check? |
photo.php
Type | Line | Description |
---|---|---|
TODO | 279 | replace this with a validate ACTION_VIEW check? |
privatemessage.php
Type | Line | Description |
---|---|---|
TODO | 382 | Is there any reason to delete the humanverify record after the validate() call below instead of letting the cron deal with it? |
TODO | 490 | log these errors. |
TODO | 593 | get this from bbcode utility in the future. |
TODO | 1206 | remove this function. Do not simply deprecate since |
editor.php
Type | Line | Description |
---|---|---|
TODO | 254 | , set default values for this. |
TODO | 262 | AND usergroup limit > 0 |
hv.php
Type | Line | Description |
---|---|---|
TODO | 91 | - We need a better solution. This works for now but is homely |
node.php
Type | Line | Description |
---|---|---|
TODO | 2500 | why is setApproved() used to publish nodes?? Something does not look correct here. |
TODO | 2885 | if this is ever corrected/implemented, be sure to add the old owner as a member of the channel |
TODO | 4827 | make a legitimate map function that we can use everywhere for this. Is 'contenttypeclass' always set? |
page.php
Type | Line | Description |
---|---|---|
TODO | 450 | Pagination? Currently fake-paginated (sliced) via the admincp page. |
TODO | 583 | check for conflicts with existing pages for $url !! |
TODO | 795 | If there already exists a "hard coded" '/' home navitem that's NOT associated with |
paidsubscription.php
Type | Line | Description |
---|---|---|
TODO | 369 | replace the messy & confusing function params (i.e. wtf are $costs & $sub) with entity and update all paymentapis' generate_form_html() |
TODO | 373 | vB_Template::create() has many PHP notices. We need to fix them. |
profile.php
Type | Line | Description |
---|---|---|
TODO | 180 | is there supposed to be an else...error here for when pathinfo's empty? |
TODO | 420 | check that this event is triggered when modifying the content of a subchannel |
TODO | 797 | CACHE THIS??? |
TODO | 1198 | check that this event is triggered when modifying the content of a subchannel |
reactions.php
Type | Line | Description |
---|---|---|
TODO | 372 | do we want to still update the totallikes even without rep perms? |
TODO | 456 | We should figure out what to do about reputation & totallikes counters when a node that has likes on it is removed... |
TODO | 502 | We probably want to refactor the LikedNode notification in phrasing & usage. |
TODO | 581 | Also check globalignores & skip send? |
TODO | 624 | Better permission check |
TODO | 655 | Not sure if above type limiting is still necessary or valid. This was copied from |
reputation.php
Type | Line | Description |
---|---|---|
TODO | 94 | Better permission check |
route.php
Type | Line | Description |
---|---|---|
TODO | 385 | check channel perms instead of MAIN_CHANNEL perm later. |
search.php
Type | Line | Description |
---|---|---|
TODO | 92 | $searchType shouldn't have a default value, but be explicitely declared in each call |
TODO | 1526 | figure out how to actually implement this for photo attachments... |
socialgroup.php
Type | Line | Description |
---|---|---|
TODO | 858 | this code is similar to vB_Api_Widget::saveChannel, add a library method with it? |
style.php
Type | Line | Description |
---|---|---|
TODO | 21 | some of these methods shouldn't be public. We should move them to vB_Library_Style instead to avoid exposing them in the API. |
styleschedule.php
Type | Line | Description |
---|---|---|
TODO | 99 | Hard-code the start time & end time to 00:00:00 & 23:59:59 in API? Or in admincp? |
template.php
Type | Line | Description |
---|---|---|
TODO | 585 | Product API |
TODO | 762 | Product API |
TODO | 1060 | Product API |
unsubscribe.php
Type | Line | Description |
---|---|---|
TODO | 82 | create a separate user lib function for saving email options, user::save() is ridiculous. |
user.php
Type | Line | Description |
---|---|---|
TODO | 1817 | What's the difference in data between $userinfo & $olduser? Why do we need both? |
TODO | 4700 | // also add max db column length check? |
TODO | 6879 | what else should we lock behind canviewmembers? |
activity.php
Type | Line | Description |
---|---|---|
TODO | 346 | Need to look into this. |
TODO | 363 | TEST THIS |
TODO | 507 | This doesn't seem right but I'm not going to go search around |
TODO | 669 | include this as part of the regular 'photo' array info? |
album.php
Type | Line | Description |
---|---|---|
TODO | 29 | Implement when vB5 is more well defined on this feature. |
TODO | 69 | Implement when vB5 is more well defined on this feature. |
TODO | 88 | Change this when VBV-9148 is fixed. There is no such thing as private albums in vb5 atm. |
TODO | 89 | Change this when moderation of album pictures is respected |
TODO | 147 | 'pictureurl' => $thumbUrl, |
TODO | 152 | , moderation? |
TODO | 182 | 'end' =>0, // TODO |
TODO | 188 | 'personalalbum' => ($album['viewperms'] == 0), |
TODO | 214 | 'messagestats' => array( |
TODO | 273 | 'caption_html' => '', // TODO |
TODO | 283 | 'prev_text_short' => '', //TODO |
TODO | 286 | 'next_text_short' => '', //TODO |
TODO | 309 | 'add_group_link' => 0, // TODO |
TODO | 311 | 'moderation' => 0, // TODO |
TODO | 313 | ), |
cms.php
Type | Line | Description |
---|---|---|
TODO | 289 | should this array also have any section data? |
TODO | 913 | spec this. |
TODO | 921 | spec this. |
TODO | 1053 | spec this. |
TODO | 1131 | What's the actual analog of the list.php vB4 page??? |
TODO | 1134 | Is this the expected value?? |
TODO | 1136 | how's this used by the app? |
TODO | 1143 | what is this |
TODO | 1220 | What's the actual analog of the list.php vB4 page??? |
TODO | 1222 | Is this the expected value?? |
private.php
Type | Line | Description |
---|---|---|
TODO | 465 | when should a PM be read when fetched from MAPI? |
report.php
Type | Line | Description |
---|---|---|
TODO | 132 | does the app require these error keys to have corresponding phrases in vB5 ? |
widget.php
Type | Line | Description |
---|---|---|
TODO | 184 | update cleanWidgetConfigData() to better handle random values coming in from above... |
TODO | 336 | this requires a phrase fetch... see addWidgetTitles |
TODO | 1761 | reduce code duplication without degrading readability. |
TODO | 2137 | Optimization-- this information has probably already been queried somewhere |
TODO | 2454 | this doesn't use pagination. If/When UI changes, use vBForum:getChannel instead |
api.php
Type | Line | Description |
---|---|---|
TODO | 421 | Check if this is truly necessary with mobile team |
bbcodehelper.php
Type | Line | Description |
---|---|---|
TODO | 205 | need a way to also remove trailing ... I think the only way can get in |
TODO | 209 | ^- |
TODO | 362 | do we need to escape smiliepath? |
apc.php
Type | Line | Description |
---|---|---|
TODO | 84 | This can be inherited once late static binding is available. For now it has to be redefined in the child classes |
memcached.php
Type | Line | Description |
---|---|---|
TODO | 101 | This can be inherited once late static binding is available. For now it has to be redefined in the child classes |
cache.php
Type | Line | Description |
---|---|---|
TODO | 647 | Provide more options |
database.php
Type | Line | Description |
---|---|---|
TODO | 1175 | -- need to clean up VB_AREA stuff |
moderator.php
Type | Line | Description |
---|---|---|
TODO | 141 | the way we return the int value directly disallows using this method to set perms to 0. |
TODO | 159 | the way we return the int value directly disallows using this method to set perms to 0. |
stylevar.php
Type | Line | Description |
---|---|---|
TODO | 583 | validate fontlist is a list of fonts, with "'" wrapped around font names with spaces, and each font separated with a ",". |
stylevardefn.php
Type | Line | Description |
---|---|---|
TODO | 111 | TEST THIS FUNCTION!!! Coded w/o testing or reference |
user.php
Type | Line | Description |
---|---|---|
TODO | 1006 | we may want to allow bypasses for these types too for third party data providers. For now |
TODO | 2429 | Should *losing* a usergroup that has an auto channel sub remove the sub? |
paidsubscription.php
Type | Line | Description |
---|---|---|
TODO | 18 | probably should make these readonly after php 8.1 |
entity.php
Type | Line | Description |
---|---|---|
TODO | 175 | need to figure out how to differentiate between backing-field properties |
404.php
Type | Line | Description |
---|---|---|
TODO | 27 | Set the reroute path from vB_Router::$App->get404Route(); |
gd.php
Type | Line | Description |
---|---|---|
TODO | 1280 | Do we really care that they renamed the extension?? |
imagick.php
Type | Line | Description |
---|---|---|
TODO | 816 | force rewrite image????? |
TODO | 970 | determine based on image size (width)? whether it's best to try to fit |
image.php
Type | Line | Description |
---|---|---|
TODO | 1554 | What if the marker is split between 2 chunks? |
bbcode.php
Type | Line | Description |
---|---|---|
TODO | 114 | refactor this property |
TODO | 149 | remove $this->forumid |
TODO | 246 | combine with $this->options? |
TODO | 874 | discrepancy with frontend parser: |
TODO | 1599 | edit & preview mode hit this. We may want Edit to use the existing cache... |
TODO | 2316 | discrepancy, frontend seems to render 'video_frame' not 'bbcode_video" template? |
TODO | 2708 | edit & preview mode hit this. We may want Edit to use the existing cache... |
TODO | 2971 | Move to UNSHARED block at bottom |
TODO | 3171 | This doesn't look right to me. I feel like htmlSpecialCharsUni should be outside of the |
TODO | 3186 | can legacy attachments come through here...??? |
TODO | 3340 | Allow $size == 'icon' case for thumbs-only-channels?? |
TODO | 4147 | This doesn't look right to me. I feel like htmlSpecialCharsUni should be outside of the |
TODO | 4160 | REPLACE USE OF unserialize() above WITH json_decode |
TODO | 4240 | WHAT IS THIS CAPTION??? |
attach.php
Type | Line | Description |
---|---|---|
TODO | 715 | This needs to check signature related usergroup permissions. VBV-14819 |
TODO | 1679 | Remove need for $skipUploadPermissionCheck |
TODO | 1735 | upload check? at the moment, all callers have already called $this->scanFileArray(...), so |
channel.php
Type | Line | Description |
---|---|---|
TODO | 94 | API will no longer allow this. Remove this code as well at some point. |
event.php
Type | Line | Description |
---|---|---|
TODO | 44 | should this be LIB? API should've checked perms.. |
TODO | 323 | Remove this, should not be needed any longer and we can't keep supporting |
link.php
Type | Line | Description |
---|---|---|
TODO | 357 | uncomment this when the editor is ready |
poll.php
Type | Line | Description |
---|---|---|
TODO | 51 | Why do we call this when the parent::getFullContent() already called it? |
TODO | 117 | we need to improve this to consider voting permissions for guests. |
TODO | 480 | Should subscribers get notifications for poll votes? |
privatemessage.php
Type | Line | Description |
---|---|---|
TODO | 1097 | This isn't correct. There's no guarantee the first node (or ANY node requested here) is |
text.php
Type | Line | Description |
---|---|---|
TODO | 1169 | figure out a way to do this in bulk |
TODO | 1525 | Some legacy attachments may not be visible due to permissions. I don't think this function |
video.php
Type | Line | Description |
---|---|---|
TODO | 244 | Permission check |
content.php
Type | Line | Description |
---|---|---|
TODO | 281 | finish documenting this function |
TODO | 389 | refactor this and create a vB5_Route method to get this info, |
TODO | 1079 | Not sure if this is actually used. The CreateContent controller |
TODO | 1597 | I think the $action below is supposed to be $thisaction, but unclear ATM and changing this is |
TODO | 2948 | VM CHECKS. VM's got their own thang going on, and we should make sure that the backend & front-end match. And that the different parts of the rear match |
TODO | 3151 | GET RID OF $record['canremove'] |
TODO | 3155 | GET RID OF $record['canremove'] |
TODO | 3160 | , update above with the new, real moderator permission when we work on VBV-12234 |
TODO | 3230 | figure out a way to combine this & the following if blocks into the |
TODO | 3257 | figure out what this does and remove if it does nothing |
TODO | 3435 | GET RID OF $record['canremove'] |
TODO | 3552 | fetch tag synonyms?? |
TODO | 4045 | Should this function return result of below call instead of guaranteed false if we hit this point? |
fcmessaging.php
Type | Line | Description |
---|---|---|
TODO | 1426 | do we have to validate the device token (aka registration id)? |
TODO | 1469 | do we have to validate the device token (aka registration id)? |
node.php
Type | Line | Description |
---|---|---|
TODO | 1878 | instead of skipping $vmAvatar, generate a "default" array in case templates expect the avatar |
notification.php
Type | Line | Description |
---|---|---|
TODO | 254 | also group by languageid for phrasing. |
TODO | 613 | need to add heavy testing for the counts below |
TODO | 963 | figure out how to get rid of this double call to follow API (this is also called in |
TODO | 1139 | REFACTOR CONTENT LIBRARY'S sendEmailNotification() |
phrase.php
Type | Line | Description |
---|---|---|
TODO | 920 | store this somewhere? -- might as well store phrases converted now to |
product.php
Type | Line | Description |
---|---|---|
TODO | 160 | shouldn't subtype be empty or match $package? |
reputation.php
Type | Line | Description |
---|---|---|
TODO | 82 | implement guest votes? |
TODO | 118 | implement guest votes? |
unsubscribe.php
Type | Line | Description |
---|---|---|
TODO | 185 | do we need a function to reset all mailoption secret & hashes? E.g. like resetting passwords after a breach. |
TODO | 187 | delete record when user is deleted |
user.php
Type | Line | Description |
---|---|---|
TODO | 261 | We need to skip perm checks for this so *all* user data gets caught in the net when |
TODO | 270 | figure out what should happen with categories |
TODO | 3722 | userfield scope for userlib saves??? |
TODO | 5285 | All of these selects are candidates for UNBUFFERED selects, when we implement it. |
usergroup.php
Type | Line | Description |
---|---|---|
TODO | 28 | This seems to only be used by the channel XML importer. |
TODO | 693 | push this into systemevent. |
functions.php
Type | Line | Description |
---|---|---|
TODO | 1369 | Implement when vB5 adds them |
TODO | 1380 | Implement when vB5 adds them |
mail.php
Type | Line | Description |
---|---|---|
TODO | 677 | some claim that this header should NOT be RFC 2047 encoded as that'll be ignored |
usermention.php
Type | Line | Description |
---|---|---|
TODO | 93 | Add UGP |
likednode.php
Type | Line | Description |
---|---|---|
TODO | 79 | Confirm this behavior, should this be if_read instead? |
pollvote.php
Type | Line | Description |
---|---|---|
TODO | 86 | Confirm this behavior, should this be if_read instead? |
visitormessage.php
Type | Line | Description |
---|---|---|
TODO | 393 | Do phrases like {1}: {2} that can be hard-coded concatenations require phrasing for |
web.php
Type | Line | Description |
---|---|---|
TODO | 44 | how should we determine this? |
usercontext.php
Type | Line | Description |
---|---|---|
TODO | 301 | do we need a superadmin bypass here? |
TODO | 1145 | do we need to allow superadmin bypass for infraction masking here? |
TODO | 1313 | We probably need to check if any infraction groups are applied on this user and if they |
TODO | 1342 | This needs to actually check. This is fairly complex, but it needs to check with |
TODO | 1484 | We have a lot of cases where we do this operation: |
TODO | 2242 | ... is this right? We don't check if the node is actually their own channel or anything? |
date.php
Type | Line | Description |
---|---|---|
TODO | 268 | This isn't really "broken", just not exactly the same. Should we |
action.php
Type | Line | Description |
---|---|---|
TODO | 32 | Add an error phrase for no controller/action specified |
data.php
Type | Line | Description |
---|---|---|
TODO | 30 | Add an error phrase for no controller/action specified |
rawdata.php
Type | Line | Description |
---|---|---|
TODO | 30 | Add an error phrase for no controller/action specified |
template.php
Type | Line | Description |
---|---|---|
TODO | 25 | Add an error phrase for no template specified |
vb.php
Type | Line | Description |
---|---|---|
TODO | 616 | Do any hooks need this information? |
TODO | 662 | this should be handled with an exception, the backend shouldn't produce output |
wysiwyghtmlparser.php
Type | Line | Description |
---|---|---|
TODO | 415 | the [^>]+ breaks if there's any attribute that has > in quotes before the src attribute. We need a way to handle this. |
TODO | 688 | update regex to also check that it is OUR server? |
TODO | 783 | update regex to also check that it is OUR server? |
TODO | 1788 | use stylevar |
TODO | 1822 | use stylevar |
theme.php
Type | Line | Description |
---|---|---|
TODO | 141 | need to test that overwrite works correctly |
TODO | 265 | Figure out what this is used for |
TODO | 349 | should we throw an exception if no guid is provided? |
TODO | 742 | need better check to grab REAL files only. One approach is to use a filename prefix and check for that, like how customlanguages does it |
widget.php
Type | Line | Description |
---|---|---|
TODO | 801 | update saved adminconfigs |