I totally agree with that, we need a more robust base and it must begin by cleaning up the code base and enhance the security.<br><br>What do you think Sreenivas? What do think the other members of the dev list? What should be the first step forward? May be produce a wiki page with a list of the work to be made ordered by importance. After that, we could define weekly goals following the tasks list and produce reports to see the progression.
<br><br>I am not a great technician, but I am willing to help. If some tasks are well defined, like finding queries and modify them in a certain way, I will be happy to give a hand.<br><br>Regards,<br>Clem <br><br><div><span class="gmail_quote">
On 8/8/07, <b class="gmail_sendername">Manilal K M</b> <<a href="mailto:libregeek@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">libregeek@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi all,<br> I am glad that the vtiger community has started seriously to look<br>into the issues of contributors. Before adding anymore features to the<br>current code base, I would prefer fixing the security issues and
<br>cleaning up code in the current code base.<br><br>Eg. The application uses PEAR and ADOdb in the source code. I don't<br>know why we require two database abstraction layers. This makes the<br>code unmaintanable and cumbersome. The current module management is
<br>really a mess.<br><br>There is also the whole issue of application structure and strategy.<br>Please refer the bug:<br><a href="http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4102" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4102
</a><br>These kind of bugs prove that the application cannot be deployed in a<br>production environment. I have raised this issue in the bug tracker<br>and in the mailing list, but didn't got any reply. IMO, an enterprise
<br>application should have maximum security, but in this case a simple<br>SQL query can withdraw all the passwords in plain text format.<br><br>--<br>Manilal K M.<br><a href="http://gnubreeze.blogspot.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://gnubreeze.blogspot.com
</a><br><a href="http://flossvalley.blogspot.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://flossvalley.blogspot.com</a><br>Better to light one candle than to curse the darkness.<br>_______________________________________________
<br>Reach hundreds of potential candidates -
<a href="http://jobs.vtiger.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://jobs.vtiger.com</a><br></blockquote></div><br>