ldap: Support STARTTLS

1 vote

Vote

Raised 0% of 6 credits
(6 credits = 1 hour or $43.30)

Current LDAP support just assumes the original LDAP protocol, with no encryption layer.

PHP has functionality for STARTTLS:
https://www.php.net/manual/en/function.ldap-start-tls.php
It's undocumented, but usage seems straight forward.

An option (or even unofficial hidden option) could be added to s…

Suggested by Chris Graham on 16th May 2019

core_themeing: Support dark mode in default theme

1 vote

Vote

Raised 0% of 120 credits
(120 credits = 20 hours or $858.37)

See Safari's announcement:
https://webkit.org/blog/8718/new-webkit-features-in-safari-12-1/

You can make a website light/dark based on media queries. This would be a really cool feature for Composr's default theme.

Currently it's non-standardised.

What is exciting to me is that this may be cool e…

Suggested by Chris Graham on 5th April 2019

recommend: Support web share API

0 votes

Vote

Raised 0% of 18 credits
(18 credits = 3 hours or $128.76)

https://wicg.github.io/web-share/

At this time I think only Safari supports it, so it's very early days. It is interesting though.

Suggested by Chris Graham on 5th April 2019

core_database_drivers: Cleanup queries so can_arbitrary_groupby/remove_duplicate_rows

1 vote

Vote

Raised 0% of 24 credits
(24 credits = 4 hours or $173.19)

In various places we use can_arbitrary_groupby and/or remove_duplicate_rows to strip out duplicated rows coming out of SQL queries.

This is because doing JOINs on tables will multiply up rows on the main table being queried, if the joined table has multiple matching records.
For example, if you are usi…

Suggested by Chris Graham on 3rd April 2019

core: Support DNS entries in backdoor_ip, and multiple values

0 votes

Vote

Raised 0% of 12 credits
(12 credits = 2 hours or $86.59)

Allow DNS entries, and multiple values, in the backdoor_ip setting.

DNS queries may be better due to dyndns, while users often aren't truly on static IPs, or may want a working backdoor as they move locations. As for security improvement: this is debatable as there are such things as DNS-poisoning attac…

Suggested by Chris Graham on 5th March 2019

galleries: Import from filesystem

1 vote

Vote

Raised 0% of 24 credits
(24 credits = 4 hours or $173.19)

Allow importing galleries from an on-disk directory structure, just like we currently support for the downloads system.

Suggested by Chris Graham on 27th February 2019

core_database_drivers: Support upsert on non-MySQL backends (Make use of MySQL REPLACE INTO syntax)

0 votes

Vote

Raised 0% of 18 credits
(18 credits = 3 hours or $128.76)

put_into_cache and set_value are both highly trafficed functions that do a query_delete (DELETE FROM) followed by a query_insert (INSERT INTO). These cases could be single REPLACE INTO calls in MySQL.

The ideal solution would be to extend the insert_into method to change $fail_ok to take constants QUERY…

Suggested by Chris Graham on 22nd February 2019

core: Automatic image resizing with download-associated-media option

0 votes

Vote

Raised 0% of 12 credits
(12 credits = 2 hours or $86.59)

Change the download checkbox to a list of 4 options:

1) Leave remote media as remote
2) Download all remote media and limit maximum size to <configured maximum image size setting>
3) Download all remote media smaller than <configured maximum image size setting> and leave the rest as remote
4) Downloa…

Suggested by Chris Graham on 20th February 2019

core_feedback_features: Maintain read counts on comment topics

1 vote

Vote

Raised 0% of 6 credits
(6 credits = 1 hour or $43.30)

When a content item is read, it implies the comment topic is read - so increment the view count on the forum.

Suggested by Chris Graham on 7th February 2019

core_upgrader: Better "excessive file permissions" detection

1 vote

Vote

Raised 0% of 24 credits
(24 credits = 4 hours or $173.19)

The excessive file permissions checker currently only checks when non-suEXEC servers have files/directories chmodded as world-writable that don't need to be (hence lowering security as any other web server user may potentially have write access).

Actually there's a more important check we should do. For…

Suggested by Chris Graham on 7th February 2019