core: Re-review all indexes

0 votes

Vote

Raised 0% of 18 credits
(18 credits = 3 hours or $129.13)

Review all indexes in the system...

1) Is each necessary? Document why with a code comment. If not, remove (as indexes use disk space and slow writes).
2) Is *sorting* covered on a single index. For example, ideally an index on a category ID will also have a secondary index column on the timestamp, so…

Suggested by Chris Graham on 19th November 2019

core: Cache warm up via Cron

1 vote

Vote

Raised 0% of 180 credits
(180 credits = 30 hours or $1,302.52)

Initial installs may seem slow because initial caches are not populated.
Additionally, future use may seem slow if some resource is accessed but the cache is expired.

These caches could easily be populated in the background (in this priority order):
- Language file cache
- Template cache
- Comcod…

Suggested by Chris Graham on 19th November 2019

core: Opportunistic scheduler

0 votes

Vote

Raised 0% of 24 credits
(24 credits = 4 hours or $172.17)

Some background Cron hooks are not very time critical, but may have a performance impact. Ideally we would run these hooks only when the server is under low load.

Code in a detector function to find if the server is under 'low load', based on I/O load, CPU usage (uptime command on Linux), and memory usa…

Suggested by Chris Graham on 19th November 2019

core: Support for descending indexes

0 votes

Vote

Raised 0% of 30 credits
(30 credits = 5 hours or $215.22)

MySQL 8 adds support for descending indexes.

This is particularly relevant for indexes where we sort by descending timestamps (e.g. viewing in a forum).

It improves index performance by about 15%, avoiding the 'Backward index scan'. I'm not sure exactly why a backward index scan is slower, because a…

Suggested by Chris Graham on 18th November 2019

core: AJAX session generation / httponly session ID

1 vote

Vote

Raised 0% of 30 credits
(30 credits = 5 hours or $215.22)

This issue is to solve a few distinct issues:

1) We cannot have the session ID as httponly as it is used as an ad-hoc CSRF token (getCsrfToken function).
2) CSRF tokens may expire which is poor user experience (for example, a form is opened, a user goes to sleep, and submits it the next day - but the t…

Suggested by Chris Graham on 15th November 2019

core: Option to bypass SMTP relay server

0 votes

Vote

Raised 0% of 96 credits
(96 credits = 16 hours or $688.70)

E-mail is implemented in a complicated way, more complicated and error prone than it needs to be for our situation.

A mail client connects to an SMTP relay server (smarthost), and the message goes into that server's queue - and that server then connects to the recipient's SMTP server (or another relay,…

Suggested by Chris Graham on 7th November 2019

core: Use emojis in email subject lines

0 votes

Vote

Raised 0% of 18 credits
(18 credits = 3 hours or $129.13)

A good way to attract attention in a crowded inbox, and to summarise an email, is to use an emoji at the start of the subject lines.

Consider an option to the mailer function that specifies what emoji to use, and a global option to decide if the feature is on or not.

Suggested by Chris Graham on 9th October 2019

core: Brute-force login attempt protection

1 vote

Vote

Raised 0% of 24 credits
(24 credits = 4 hours or $172.17)

Add options to protect against brute-force login attempts.

1) Maximum login frequency by IP address
2) Maximum login frequency (global)

The format would be...

[<num>/<seconds>[,]]*

e.g. 3/10,7/60,20/3600,30/86400

This means "Max 3 attempts within last 10 seconds, Max 7 attempts within last…

Suggested by Chris Graham on 1st October 2019

import: Consistent fast resume support

0 votes

Vote

Raised 0% of 12 credits
(12 credits = 2 hours or $86.09)

I made some import optimisations as a part of this commit:
https://github.com/ocproducts/composr/commit/fbbbb5d9fabfed72bebbf934aaa7c9a8ea37c389

It allows it to not have to scan through everything to see if already done at the start of a resume.

This should ideally be implemented consistently across…

Suggested by Chris Graham on 3rd September 2019

core: Refactor convert_image_plus function

0 votes

Vote

Raised 0% of 6 credits
(6 credits = 1 hour or $43.04)

The convert_image_plus function chooses an output file path, decodes a string-specifier for a thumbnail size, and also wraps _convert_image (generating complex calculations). The first two actions are logically separate, and should be moved into new functions somehow.

Suggested by Chris Graham on 25th July 2019