RosterTool development log --------------------- SHORT TERM --------------------- - stronger permission checking, not only on prints but on actions - submit to CGIresource.com - add several "common searches" to the custom search, use javascript. - .htaccess log files? - add award editting ability - add check for existing award when adding (to avoid duplicates) - improve awards searching ability - add upload targetted to a particular directory - test for more than 1 level deep on file archives --------------------- MEDIUM TERM --------------------- - full install script, tarball - add permissions/privs to some archives directories?? (put perl eval statements in .permission files per directory??) --------------------- LONG TERM ------------------- - javascript focus... hilite fields on data input error (eludes best efforts to make it work) - Historian access to Alumni and letters +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Complete: --------- - removed database stats from the user navbar (moved to admin) in a general effort to de-clutter. - added a pop-up help file for the Files section, please adjust as pertinent for your site. - added file size to display in file_Archives - added photo delete to "edit my info" - file archives will return if directory does not exist - added file archive button to nav bar - updated check_rt for download/portrait scripts - added photo/portraits as a upload and display feature. Use the portrait.cgi script to protect the image URLs. Uses HTTP_REFERER to verify display request is from RT. - finally more work on a file archive. Added a filearchive section to the upload, and worked on the file browser. Added the download.cgi script which should give protection to the actual file URL. - added "do_safe_award_search" to allow non-privleged call into the script that would print out awards info - modified do_query for the generic query to not add uid when search contains 'FROM awards' - Awards search now uses a list for output - modified award process so the "add award" form will be present after each previous award is added. - some spelling corrections in various files (I do all my HTML freehand in vim/emacs) - added use of include.pm as alternate to CGI::SSI for header/footer 1.70beta3 - check_rt checks for the awards table - populate_roster now creates the awards table (uses the make_awards.pl script) - Nationals removed the no-december thing for membership (all Dec were pushed into Jan), so now all 12 months are treated equally. - fixed bug in the renew panel mailing labels - list awards under each person - new script (make_wards.cgi) to create awards table - add awards infrastructure - make email check (Yahoo verify) case-insensitive - Debug info now removed to a pop-up window - added name_to_uid utility.. limit the results to 20.. results for search appear in a pop-up window (Added to make awards entry less painful since UID ios needd, but should have a general usefulness for many admin functions) - FEATURE: added varaint feature for Yahoo groups to see who among ACTIVE members is NOT on the list of pasted addrs. - bug fix with cpg_info - ros_error now has several configurable options related to sending mail when an error occurs. - fixed bug in call to do_upload - all calls to MIME::Lite->send are now sent to safe_send, which uniformly logs the mails, checks for test conditions, and print the mail (instead of sending) when on test host. - correction for log file in ros_error (wasn't open) - bug fix in RTforms, do_preview_letter (add do_) Version 1.70 alpha1 - convert " to " in print_form_field - add "" as csv escape of quotes within fields in do_query csv data - BORDERCOLOr removed from RTstyle.pl.. not used anywhere anymore (style sheets) - do_query results table cleaned up. - more checking on valid email addrs in senduserpass from login form - added stub email_lists.html file to the package - added check for email_lists.html file, wil continue if not found - header/footer.pl now check for file existence and continue if not found. - found and removed hardcoded NEWSLETTER_EMAIL value. - files in roster_files now check for existence of navjump_header/footer before trying to include. - found (and removed) 2 hardcoded COOKIE_PREFIX values (caused install problems) - new member create moved to its own routine to clean up the main loop. - use sth-{'insertid'} instead of $dbh{'mysql_insertid'} for new member # retrieval (not sure why it stopped working) - new letter button has javascript to check for a name - Header.footer files corrected to be optional (used at my site in an html_wrap function so that every page has a common header/footer that can be changed in one common file. Each "page" is a cell in a table with the header being the top nav bar on teh side, footer at the bottom. Not needed for anyone else. (in styles.pl) - Beginning to split the one long script into several files. Hoping this will make upgrades more managable. roscfg.pl is now moved to cgi-bin/rt/config/config.pl, and divided. ros2.cgi is having code moved into cgi-bin/rt/lib/ - changed all? references to JCB (local list name) to generic "yahoo". Version 1.69 - changed getcwd calls to cwd for compatibility - improved logging on senduseremail - new install check script (check.cgi,) will check for needed Perl modules, log file paths, and test mySQL access. Version 1.68 - Changed so that when a cookie is detected it won't present the login form, so you can "go away" and come back. Less secure, but more usable. Logging off will still require a new login. - Email newsletter now sends individual copies. Large Bcc list was seeing a high rate of mails not received. old routine kept in code, just in case. - Renewals page now sorts by last, first - Added custom roster search ability to search only Active members (for odd chance do not want LTM or JCI in results). - Added <, <=, >, >= to custom roster search. - modified user tagging in log files, and added log search feature. - bug fix for Yahoo group validate Version 1.67 - make jci/ltm easier to remove... on roster, etc (the *) (flag in config file) - allow Newsletter Editor to update any members eNewsletter value. (uses new permission structure). - re-vamped permissions (edit_, view_) structure. Now instead of just being perm_ok($PERM_VALUES), it is a full expression that will be eval'd when executed, so that more complex permissions types can be created. All permissions stayed the same (in effect) except for those related to the NEWSLETTER editor, who can now edit any person's newsletter status, and also the addr, contact info for State level officers. (status eq State). 5 iew_perm lines, 9 edit_perm lines changed, plus values in the field_data struc were encapsulated in a string 'pern_ok(previous perm value)' - read-only mode for testing/maintenance - Ikonboard integration: creates a new user in IKB when user is created in RT. Several values are updated into the IKB DB when updated here, so that passwords will stay in sync. Several mods to IKB are required (see documentaion). - fixed bug in Phone#/directions related to the info_afer_quit variable. - remove debug Print in do_query - remove 0,1,O,L,I, and lowercase from random passwords to reduce confusion (copy and paste would work, but for some reason many ppl do not use it) - cron job of integrity report (run the 10th of every month) - send exit letter default value to config file $DEFAULT_EXIT_LETTER - "check Yahoo addrs" now prints a list at the end with just the email addrs that should be removed. This list can be copy/pasted into the form on Yahoo for removing members. Much easier than going into the Member list and changing each individual person to "unsubscribe". Version 1.66 - get each column's size and use that as the max. redefine max_column to be size_column for text entry fields - fix 30 char limit on email addr (fixed with max/dispsize) - put (filename) in create letter window (remove with javascript) to prompt user - why does admin have newsletter upload privs? (removed) - remove any spaces in letter names - add cookie test (set at login page, provide check page, and check when login) Version 1.65 - uploading of files using roster for authentication, post-processing (zip) available/configurable - do_query now printes error message to screen when DBI error, and returns - When do_query returns 0 matches, no longer prints the option to send results (since there are none) - Fixed bug with multiple permissions stomping on each other and not saving correctly. - Integrate with Gallery for online scrapbook (no script mods needed in RT, all done in Gallery, but examples available) - have external access so other scripts can pull info for things like forms (PIS, CPG forms, calendar) (rough external interface added for command-line access. Originally designed for use with Gallery, but abandoned. Hooks left in code for potential future use. Version 1.64 - ALTER TABLE roster CHANGE ejaycall enewsletter enum('Y','N') - DESCRIBE is now available to the generic mySQL query. - parse_letter to use any field names as in #FN# - use $string=$dbh->quote("$string") vs. s/'/''/, etc - VCF access to all members - nightly refresh of sample DB on dev site - optional pop-up descriptions of each form item with formatting info in add/edit form - CSS file moved to config file - added a function call parameter to send_letter so each call can specify the FROM: addr - query strings and permissions for the file downloads are now in config file - use of the city pick list is now an option in the config file - pass mySQL admin query limit forward - no mySQL error on table alter - convert table format tags to named variables - create "starter" script to populate with admin - update cookie time such that each access causes an "extension" before cookie expires - fix weekly archive to only do roster table and not other tables in mySQL db (such as ikonBoard, etc) - corrected a bug in new member add that was setting all new pwds to 'none' (instead of random) - roster backup script to use config file - handle # of Yahoo gruops == 0 - password in cookie is now crypted in addition to previous replacement algorithm - move cookie scramble into config, and change - put default state, city, area code in config file - automate use of lists array for groups - rename jaycall newsletter to generic term - send welcome letter default in config file - cron jobs of list charters to lists monthly - better Yahoo group validate.. search for non-active and flag - javascript 'are you sure?' on annc - Announce version 1.60 - install verify cron job (who is from email??) - change jm=12 to 11 ?? - enable send_info checks - required fields... colored backgrounds?? - increase log detail - quotes in interest field (and other places???) cause error - allow state director/Pres to see Bday, join date, - format_guide_field (shown in form) - have CPG create for Pres, VP, Director - exit letter - renewal mailing labels ALTER TABLE roster ADD COLUMN info_after_quit VARCHAR(1) AFTER board UPDATE roster SET info_after_quit ='N' - send email directly when new person added - inactive show info - add anncpref ALTER TABLE roster ADD COLUMN anncpref VARCHAR(1) AFTER im UPDATE roster SET anncpref='Y' Install 1.5 ------------- - email inside roster - add email info to phone#/directions - JCB signup inside roster - new member add, auto-generate out a letter? - add IM info ALTER TABLE roster ADD COLUMN im VARCHAR(20) AFTER email2 UPDATE roster SET im='' - add occupation ALTER TABLE roster ADD COLUMN occupation VARCHAR(40) AFTER employer UPDATE roster SET occupation='' - rename notes to intersts ALTER TABLE roster CHANGE notes interests VARCHAR(200) -upload verify letter -set/verify all state positions, and set Notes field, document to JE - Raleigh members that are also State-level positions. -- lock placeholder info... JAYCALL can only edit addr, email, not name, etc -- recreate any dups - vcf export working - add (*) for LTM, JCI - add list description pop-ups - add new field for new list - add new lists VERIFY EMAILS ---------------------------- - FROM roster where (uid % param == 0) - get_member new uses fields, not SELECT * -- foreach ver_uid send info_verify letter if status == Active -- letter read-in (hard-coded for now) -- log sent -- verify each letter unique -- sends 2 mails/year (day of year) (use localtime[7] and modulus) -- separate log file -- move letter out to file -- send mail to roster if no email addr for info confirm -- test: verify that bounces come back to addr -- tested: no email on file -- tested: from command line (not cron) New permission structure --------------------------------------- -- redo/simplify print_info - added init value for each field - Welcome message handles new permissions correctly - city/other function - onchange function for each field - password in cleartext -> PASSWORD type - js on the fly validate full form? (onSubmit) - buddy can see recently added people - letters access for Buddy chairperson - delete function -- fix permisions setting to allow multiple bits Error handling: ------------------------------ - add link to admin screen