Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Known Issues and TODOs
- 1: navigation is bugged for mobile - TODO***
- 2: run npm build production for minify .css/ .js again once its done - TODO*
- 3: forgot password page - TODO*
- 4: another middleware to ensure USER cant edit other users from the front panel - DONE
- 5: another middleware to control reputation create page, so people cant abuse IDOR vulnerability aka: add to other people reputations - TODO*
- 6: add the middleware isAdmin route , currently Admin Page is locked for anon users only. - TODO
- 7: seed the database with a default user with admin role TODO
- 8: delete user avatars FILES if the user is deleted from the DB - DONE
- 9: fix the stupid and idiotic SIDEBAR of the BLOG - TODO***
- 10: ask nortrant for the sitename for edit the hardcoded strings of the sitename - TODO
- 11: check for XSS vulnerability - DONE
- 12: check for LFI/ RFI vulnerabilities - DONE
- 13: add CSRF tokens to every request for handling CSRF vulnerability - DONE
- 14: fix some ahref links from register/ login route - TODO
- 15: save user theme choise in a COOKIE - TODO
- 16: clean the backend codebase from uniused controllers and action methods - TODO
- 17: rename ReputationController@finalsteps to ReputationController@create / save - TODO
- 18: Additional checks to make sure site wont give an exception if some relation is not found - TODO
- 19: test and make sure site wont give exceptions if User is deleted, and someone is trying to look reputations given by the deleted user - TODO*****************
- 20: check all pages for dumb hardcoded strings left from the development - TODO
- 21: clean the blade.php views from unused comments - TODO
- 22: Disable reputation if the receiver is MERCHANT - TODO***
- 23: add default avatar if user have no avatar - DONE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement