1. R 6.1

Roadmap
dev repo [bitbucket.org]
ChangeLog
https://github.com/WackoWiki/w[...]pare/6.1.27...master - Diff since last release

Main Focus: Implement new PHP 8 functionality and improve GUI usability.

1.1. PHP

1. https://php.watch/articles/php-regex-readability

1.1.1. PHP 8.3

1. https://stitcher.io/blog/new-in-php-83
2. https://php.watch/versions/8.3
3. https://github.com/rectorphp/r[...]es_overview.md#php83

Creation of dynamic property Wacko::$mathjax is deprecated in /formatter/highlight/math.php on line 15	

• The resultant HTML of highlight_string and highlight_file has changed.
  Whitespace between outer HTML tags is removed. Newlines and spaces
  are no longer converted to HTML entities. The whole HTML is now wrapped in
  <pre> tag. The outer <span> has been merged with <code>.

1.1.2. PHP 8.4

1. https://php.watch/versions/8.4
2. https://github.com/rectorphp/r[...]es_overview.md#php84

1.1.3. PHP 8.5

1. https://php.watch/versions/8.5

1.2. Features

• section-edit
  • in some cases it saves only the edited section
• improve thumbnail support
• customizable secondary navigation (Menu) out of the box apart from the so called bookmarks

1.3. Core

1. Clear-Site-Data Header
2. user:UserName link must be case sensitiv but seems not - check
3. improve notification options for moderators
   • send only a summary
4. replace col attribute in input and textarea element with CSS percent width and max-width for mobile usage
5. declared visibility on all properties, constants and methods
6. fix SQL Strict mode issues opportunistically (see error log)
   • 'sql_mode' => '2'

   • const SQL_MODE_STRICT = 'TRADITIONAL,NO_ENGINE_SUBSTITUTION,ONLY_FULL_GROUP_BY';
     const DB_ERROR_MODE = 1;	

7. unwrap_link() strip also last slash if user provides page="/Cluster/SubPage/" to match tag Cluster/SubPage in database
   • utf8_rtrim(new_tag, '/') or better already via regex
8. add option to overwrite upload pre-selection (global/local)
9. migrating from SHA-1 to SHA-256 for all hashes?
10. improve mixed directionality of text support
    • set dir in user elements when dir differs from content, e.g content is in Persian and GUI is Greek
    • how to determine the use of the <bdi> tag, e.g. for breadcrumbs or lists
11. The user name regex allows . and - in usernames however the sanitizer removes it
12. Why does it store interwiki in session and not as JSON in _cache/config/interwiki.conf?
    • get_inter_wiki_url($name, $tag)
13. move interwiki.conf and antispam.conf into table & _cache/config/*
14. COLLATE utf8mb4_bin for tag eats 𝓦𝓲𝓴𝓲𝓦𝓸𝓻𝓭𝓼 in LIKE '/%' query, without slash it finds it, whO_Ot
15. UTF-8 text must be checked for well-formedness

    • static function is_utf8($string)
      {
        return (bool) preg_match('//u', $string);
      }	

16. improve and foster message sets
17. set return type declarations : (array | bool | float | int | mixed | string | void | ... )
    • http://docs.php.net/manual/en/[...]returning-values.php
18. fix client side JS input validation patterns
    1. new, clone and rename handler, import action
    2. $tpl->pattern = $this->lang['TAG'] . '+';
19. Replace all HTML-Entities except HTML special chars
    1. nbsp; -- to indent or add extra spacing to a paragraph, sentence, or another portion, better using CSS instead of multiple non-breaking spaces.
20. allow also login with email address instead of user name
21. individual CSP per page
22. move link and notifications functions in own class
    • $this->msg->notify_user()
    • $this->ref->link()
23. partial mixed usage of DB warnings and exceptions (must use either one or the another)
    • MySQLi: mysqli_sql_exception and mysqli_connect_errno
    • PDO: errorCode and PDOException
24. Implement a quasi mailing lists where users can register and participate, WackoWiki already comes with all functions for realisation
    • similar to personal messages, but on topics that send outgoing messages to all users subscribed to that topic
25. improve page export and import feature (see export handler)
    • add option (handler) to add meta-data like keywords, description, language, etc.
    • json format
    • files
26. provide simple migration script for page and files
27. add warning about too long page tag
    • https + domain + base path + page tag + reserve for handler name and parameters
    • roundabout 2000 max
28. Improve sending emails (bcc, timing, digest, diff options, mailing lists)

1.4. Installer

1. add new system page with whatsnew action
2. commented out auto-creation of empty help, terms and privacy page - needs FEEDBACK
   • make creation optional, the default theme shows the links when set in the config
   • either the user defines them individually in the admin panel or sets an additional option in the installer to create them
3. user pages: only the user should be able to write and create sub-pages by default in his namespace
4. validate username
5. Nginx: installer seems to activate rewrite_mode ?
6. use dbal also for installer: $db->sql_query($sql)
7. raise DB version requirement (there is a technical minimum requirement as well as a end of support) DONE
   • enforces version for technical requirement
   • show warning for versions with end of support
8. show error message if variable $fatal_error is true
9. upgrade: set new config parameters individually or merge them via config_defaults.php; evaluate, improve and simplify
   • move purge old cache files from write-config.php to installer class before steal-config() call, this way the config array factors in updates in $wacko_config_defaults otherwise it would take the possibly outdated config cache -> reload config
10. set default bookmarks for new languages with multi-language mode after installation / upgrade
    • if the user adds new langages later by hand or activates it via Admin Panel, the default menu for newly activated languages are then missing
    • currently the admin can fix this only by manually adding the missing bookmarks with the {{menu system=1}} action or re-runs the upgrade process by setting back the WackoWiki version in the config file

1.5. Handler

• moderate: the has_access() validation for the lock/unlock feature as well as for the indicator needs a special option for the Admin and the page owner, both have always access, and the handler always assumes only system read & comment defaults, so it won't show the correct indicator and lock/unlock mode
  • a forum or a topic however allows individual read and comment rights
• export.xml: add option for cluster and if the handler should show the xml or offer it for direct download, some browsers modify the XML in presentation mode or show it as feed - however the user needs the original source text including the line feeds!
• rename: add utf8_ucwords() like in new handler, however it must deal with slashes from cluster tags
• auto-save function on the edit and _comments handler by applying the localStorage function
• save discarded comment or page due invalidated token to avoid data loss
  • Lately, it is enough (with Firefox) to use the "Back" button of the browser and post the message again.
• send notice on comment edit and make change visible in actions like it is done for pages, to not miss possible important content changes
• increase the default size of the comment textarea in the default theme
• edit: set custom textarea size (user settings/JS)
• diff: add page title to diff
• print: pass arguments? e.g. ?phrase=canonical&lang=&p=2
• upload: says filesize with 0 means unlimited in AP, however it is checked as zero, leftover?
  • fix check or description
• add feature to move attachments between pages and global, useful for page and content refactoring
• filemeta: one click to copy file syntax to clipboard
• copy page tag to clipboard feature, as button, dropdown, maybe handler similar to watch

1.6. Action

• toc: new created page without revision wont build toc
• search: improve search, highlighting, ideographic languages
  • add regex search option and feature (similar to admin_replase)
• registration: add option to enforce certain user name patterns
• blog: improve options, sorting and filtering, add content templates
• paragraphs: add option to set permalinks to paragraphs (to page version) for export (PDF) or other external reference
• forums: check not only for deleted topic but also for deleted comment in last comment query
• gallery: add media query for small displays
  • add filter like in files action
• turn off doubleclick_edit for actions with form input and textarea, e.g. user, admin_replace, ...

1.7. Formatter

• checks for base_url in URL in string, but should check only at the beginning of the string to decide to add icon for external URL

  • <?php
    
    if (!mb_stristr($tag, $this->db->base_url))
    {
        $title    = $this->_t('OuterLink2');
        $icon    = $this->_t('Icon.Outer');
    }
    	

• add Accordion, Carousel, Tabs
• check typografica options
  • update default settings of options, some options are mostly more annoying than useful, e.g. (c)
  • interference with other syntax, e.g. striketrough
  • Unicode context
  • create test cases
• multi-line strikethrough (marker similar) may break correct tag nesting and parsing, how this should work anyways across paragraphs, lists, etc. by only wrapping it via <del> tag
  • WikiEdit as well the Formatter must recognize a new paragraph, list as terminators to avoid invalid tag nesting!
• evaluate syntax for definition list, e.g. ;term:ex
  • there is a working patch, however the current workaround for the random <dt> to <dd> tag transition, prevents wiki text formatting
• add option to wrap caption around code blocks

  • <figure>
      <figcaption>Language of code</figcaption>
      <pre>
        <code>
          <!-- your code here -->
        </code>
      </pre>
    </figure>

• indenting text in quote breaks page

  • <p id="p291-1" class="auto">
    <br>
    <blockquote>Where authority fails in its duties and indeed betrays the purpose for which it has been established, disobedience is not only lawful but obligatory: non-violent disobedience, at least for now, but determined and courageous.</p>
    <div class="indent">.</blockquote>
    <p id="p291-2" class="auto"></div>

• auto-paragraph did not terminates correctly in indent div having a code wrapper

  • <div class="indent"><pre class="code">su</pre>
    <p id="p86658-7" class="auto"></div>

• str_replace("\xc2\xa0", " ", $string);	

  (nbsp;)
• text inside ##code formatter## is processed as wikitext with possibly undesired results
  • the text must be escaped to be taken as is
• removes intentional left empty lines inside info formatter
• ((../ Go Back)) goes back two levels, but should go to parent page only
• interwiki links are not tracked
• relative links were not parsed in the context of the page they are included, what is the default behavior?
• re-parsing all pages and links may result in wrong toc references, when the included page gets parsed after the page which includes them
  • HOTFIX: save all included pages with wrong toc reference again, this will update body_toc
• add support for geo: and tel: links
  • RFC 3966 - URI for Telephone Numbers
• table in list prevents closing of list, ignoring the following empty line

  •   * first list
          * #||
      || « Previous | Content |  Next » ||
    || ← Back to overview | | « Back ""|"" Next » ||
    ||#
    
    some text
    
      * next list	

• add debug to WackoFormatter to check where it breaks, e.g. returns only white page after saving page
  • add example text the formatter fails on

1.8. Cache

1.9. Admin Panel

• rewrite users and groups module
• support templates
• check for admin password length only for members of admin group and not for other accounts
• allow Admins to reset / overwrite passwords (?)
  • feature: pros / cons

1.10. Database

• Listing JOINS with no index: log_queries_not_using_indexes
  • https://dev.mysql.com/doc/refm[...]es_not_using_indexes
  • https://endoflife.date/mariadb
  • https://endoflife.date/mysql

1.11. WikiEdit

Help wanted

1. Autocomplete seems broken, shows possible pages - but selection does not work
2. use only one popup for new link, having link and link description together
3. select and remember the color of the highlighter or marker, keep selected color in session
4. do not set multi-line markup beyond paragraph, list and other terminators, only valid tag nesting
5. popup for tables
   1. select rows and columns
   2. set table header
6. select color for text and highlighting
7. resize textarea
8. undo / redo
9. JavaScript search & replace
10. ECMAScript 2018
11. some key shortcuts does not work any longer
    • test and map what works & where
    • suggest new shortcuts in case of conflict (Firefox, Chrome, ...)

1.12. Translations

• Tamil & Indonesian: work in progress - help welcome
• installer: set correct tags and titles for default pages for all new languages
  • see ConfigDefaults in installer.<lang>.php
  • change home_page_body in inserts.<lang>.php accordingly

1.12.1. Crowdin 🚩

• Crowdin Pre-MT requires proofreading by native speakers (only supported languages)
  • Quality
    • [MT] Arabic, Czech, Finnish, Norwegian, Romainian, Portugese Brasilian, Swedish, Ukrainian
    • [A] other languages with partial translations, e.g. Persian, Korean, Chinese Traditional
    • [B] Italian, Danish, French, Polish, Dutch, Greek, Japanese
    • [C] English, German, Simplified Chinese, Spanish, Russian
  • check for obvious errors (file & diff)
  • Pre-MT produces a lot of none-sense which needs to be fixed again by hand, mixed results - depending on target language and context, English as source language with little context is sometimes hard to translate
    • A small change in an English source file like setting a comma or removing a <tag>, suddenly it discards all existing translations and replaces them with a new auto-translated version - very frustrating
  • ToDo & Workflow guide
    • completness -> proofreading

1.13. Libs

• SimplePie
• freeCap
  • add WebP case - DONE
    • make WebP new default image output
    • test AVIF and WebP output
  • create seperate repo on GitHub

1.14. Refactoring

1.15. Offline usage improvements

Intranet usage, offline, etc.

1. manual, help
   • installer(option to add help/)
   • provide help cluster as XML for import (de, fr, en, es, ru, zh)
   • add all essential instruction to a doc/ folder
2. XML export / import
   • improve options (chose cluster, direct download)
   • make import / export more accessible

1.16. Themes

• CSS: [dir=rtl]
• https://css-tricks.com/solved-with-css-dropdown-menus/
• dark mode
  • https://css-tricks.com/come-to-the-light-dark-side/
  • https://css-tricks.com/a-compl[...]ark-mode-on-the-web/
  • add dark mode option: sets session value -> true: loads *_dark.css files in theme header

  •  @media (prefers-color-scheme: dark) { ... }	

•  #page-edit form textarea {
    height: 400px;
    min-height: 5em;
  }

  • change to height: auto; -> rows="40" cols="60" ?
• make WikiEdit toolbar sticky for mobile form factor so it is always visible
• unify CSS style for diff, patch formatter
• add very simple theme for the use of the wiki as a website as frontend for guests
• add hovering back to top icon for mobile devices
• default theme: move properties bar over files and comments bar like in tabs theme (?)

1.16.1. Print

CSS Paged Media Module Level 3

@page {
    size: A4 portrait;
    margin: 15mm;
    font-family: Arial, Helvetica, sans-serif;
    marks: crop cross;
 
    @bottom-center {
        content: "Seite " counter(page) " von " counter(pages);
        font-size: 10pt;
    }
}
 
.chapter h1 {
    page-break-before: always;
    string-set: chapter-title content()
}
 
h2, h3 {
    page-break-after: avoid;
}
 
p {
    orphans: 3;
    widows: 3;
}

1.17. Ideas

• https://wiki.c2.com/?DelayedIndexing
  • db->delayed_indexing_time = 0;
• add Web app manifest
  • https://web.dev/add-manifest/
• add action with conditional redirect by browser language to pre-selected pages, e.g. ['fr'] --> '/Doc/Français'
• moderation/remove/rename of sub pages without modifying the parent cluster
• JSON Feed
• Captcha dictionary in Russian as drop in
• Defense Against Spiders
• https://github.com/jgraph/drawio / https://www.diagrams.net/
  • https://desk.draw.io/support/s[...]000042544-embed-mode
  • https://embed.diagrams.net/?embed=1&proto=json&spin=1&svg-warning=0
• reveal.js implementation for WackoWiki
• https://github.com/DirectoryTree/LdapRecord
• phpMyEdit
  • https://github.com/Rajah01/phpMyEdit.class.php-PHPv8
  • http://opensource.platon.org/c[...]/phpMyEdit.class.php
• replace HashIds with Sqids
• add event table with action to edit and display upcoming events
• add option to extend the backup script with additional tables from extentions

1.18. Documentation

• temporary write permissions for image/ folder -> AP Appearance settings: logo and favicon upload
  • chmod 0755 image/
• Screenshots
  • store example text for Wabi-Sabi and diff handler in sub-pages for each language
  • add missing diff handler screenshots for languages other than English
  • replace PNG, JPEG and GIF with WebP format
• write a new technical guide and MD-file for the WackoWiki Formatter, see /Dev/Projects/WackoFormatter/Usage
  • new examples, what is what, workflow, etc.
• add README.md file to action, handler and formatter folder with a short introduction and HowTo
• differentiate update instructions between minor and major upgrade
• add a page for Terms in WackoWiki
  • cluster, free link, wikilink, etc.
• add CSP help page
• order config page according the sections in the Admin panel via sub-headings
• write your own action
• write your own formatter
• write your own theme
• When a upgrade should be done?
• add guide to write your own forms, e.g. contact, membership application or registration for event
  • action sending form data to table or email
  • with template and localization
• How I reduce the applications footprint?
• add example for rewrite with Nginx - HELP needed
  1. Converting Apache Rewrite Rules to NGINX Rewrite Rules
  2. Pitfalls and Common Mistakes
  3. Creating NGINX Rewrite Rules
• In addition to the thematic change log, add a chronological change log.
  1. by topic
  2. by release

1.19. Feedback

• migration routine for WikkaWiki users

Any major release like this is bound to have some issues, and we will continue to fix them as they arise.

1.20. Testing

• 
  • so AVIF is working finally including LibGD support on shared hosting
• file:lotus_flower.jxl?direct

1.20.1. Debug

declare(strict_types=1);

2. R 6.0

2.1. Features

• UTF-8 support - Migration to Unicode

2.2. Core

1. add option to disable hit counter
   • user already uses web analytics software or there is no use case for a hit counter
   • This reduces database load, updating the page and file hits field with every page hit is a main source for slow queries.

2.3. Handler

• wordbreak, how to break lines of Chinese, Japanese, or Korean

  • line-break: strict;
    white-space: nowrap;
    word-break: keep-all; 	

2.4. Libs

1. php-diff successor
   1. https://github.com/jfcherng/php-diff
   2. https://github.com/JBlond/php-diff <-- SWITCHED TO
   3. https://github.com/sebastianbergmann/diff

3. R 5.5

Main Focus: HTML5 support, security related features

1. HTTP Strict Transport Security (HSTS)
2. Content-Security-Policy
3. Cookies, CSRF sectoken
4. https://www.owasp.org/index.ph[...]tication_Cheat_Sheet

3.1. MariaDB / MySQL type casting

https://dev.mysql.com/doc/refm[...]type-conversion.html
https://stackoverflow.com/ques[...]d-backticks-in-mysql

whOOt https://dev.mysql.com/doc/refm[...]ent-programming.html

3.2. Features

1. normalize links to other language versions of a page
   • add table: lang_link[page_id, lang, target_id]
2. add debug option to send error log into separate file + rotate logs
3. add IP block to ban bad actors, bots

3.3. M17

open issues (add)

1. relative linking seems not working for ((../ back to parent page)), it links to root level (?!)
2. add delimiter before page handler (_properties)
   1. min_href()
   2. router.conf
3. upload of file without extension -> broken
4. empty body_r after page rename/relocation -> page needs re-rendering
5. allow multi logins (on/off)
   1. add multi login warning: 'Jemand hat sich bereits an diesem Konto angemeldet'
   2. This account is currently being used in 1 other location at this IP ().
6. add access throttling feature
   • limit the number of page requests by a single IP address within a given time interval
7. add array for 'default' AND 'user' menu so both can used independently (create/edit menu sets)
8. rewrite_mode setting in AP is pointless if it is overwritten in Setting class

3.4. Fix

1. check for avoidable SQL roundtrip queries
2. link() -> default: $anchor_link - should only active inside page_body (?)
   • additional check if its better to prefix the id="doc.deutsch.konfiguration"
     • to avoid unintentional mix with CSS settings
   • set anchor id only where needed, minimizes also size of attributes
3. broken list in tree action if levels changes not in order - e.g. depth 1.2 -> depth 2.4
   1. show missing levels
4. search?phrase="sourceforge.net" -> paging fails with "term to search"
5. bug: news action takes all subpages - is this desired?
6. improve search (open since ages), add some measures to improve relevance (time, size, user, filter, ...) and provide more and better meta data for search results
7. implement rating hack (but without mandatory JS)
   1. https://www.youtube.com/watch?v=orPVEAipz2A
8. add unique log message key to filter events (messages may differ)
9. add regex for this->config['users_page']/[*]/
   • Yet the engine does not validate the namespace for the user cluster, so that nobody can create a page under /User except his own [UserName]
   • Then we can disallow random pages for the first level in the users cluster except the own [UserName].
   • The register action creates this page usually for the user.

3.5. Notifications

1. Notifications

3.5.1. Notice digest

• store events notices and compile digest for user [user|moderator|admin]
  • new user
  • comments
  • files
  • changes

3.6. Handler

1. clone entire cluster is only available for Admins atm., it should also available for ...
2. improve global upload settings
   1. allow groups
   2. set individual rights (only images, quota, etc. for a user, group)
3. send page as email (like print)
4. show: add option 'Flag as Spam/Inappropriate'
5. show: Delayed Indexing delay_index
   • <meta name=“robots” content=“noindex,nofollow”>
6. see upload subpage
   1. upload: check if the MIME type of the uploaded file matches the file extension
      1. https://www.owasp.org/index.ph[...]stricted_File_Upload
      2. https://www.acunetix.com/websitesecurity/upload-forms-threat/
      3. https://www.php.net/manual/en/[...]n.exif-read-data.php
   2. upload: add form field to chose another file name (?)
   3. upload: add accept attribute depending on config settings https://www.w3.org/TR/html5/fo[...]ml#attr-input-accept
7. add meta handler namespace ['page', 'account', 'file', 'service']

   • This is the simplest way to standardize document locations and for the language-independent single instances of service pages, like login. Next step is the separated cluster for those pages, linked with prefix, for example, ((service:login)).

   • this can be easily done with the new URI router
   • handler/account/
8. file: apply access restrictions for global files if Wiki is closed -> $
   1. add and enforce global Wiki mode, minimum access rights
   2. route global files only for registered users

3.7. Action

1. template toc and tree

3.8. Formatter

1. Search Highlighter
2. (/Users/WikiAdmin UserSpace | WikiAdmin)) -fails on |
3. <# #> adds <!--notypo--> on first and <!--/notypo--> on second appearance of double quote like class=""
   1. caused by race condition in wacko_preprocess()

   2. <#<div class="" style="background:transparent; border:.1em solid #F66; border-left:1em solid #F66; box-sizing:border-box; margin:.5em 0; overflow:hidden; padding:.5em; text-align:left; width:auto;">Unter den Btrfs-spezifischen Anpassungen (1, 2) waren einige, die Latenz- und Stabilitäts-Probleme beseitigen, die bei knapp werdendem Speicherplatz auftreten können.</div>#>
      2
      <#<div class="" style="background:transparent; border:.1em solid #fcfce9; border-left:1em solid #fcfce9; box-sizing:border-box; margin:.5em 0; overflow:hidden; padding:.5em; text-align:left; width:auto;">Unter den Btrfs-spezifischen Anpassungen (1, 2) waren einige, die Latenz- und Stabilitäts-Probleme beseitigen, die bei knapp werdendem Speicherplatz auftreten können.</div>#>	

   3. <!--notypo--><div class="<!--notypo--> style="background:transparent; border:.1em solid #F66; border-left:1em solid #F66; box-sizing:border-box; margin:.5em 0; overflow:hidden; padding:.5em; text-align:left; width:auto;">Unter den Btrfs-spezifischen Anpassungen (1, 2) waren einige, die Latenz- und Stabilitäts-Probleme beseitigen, die bei knapp werdendem Speicherplatz auftreten können.</div>#><br />2<br /><#<div class=<!--/notypo-->" style="background:transparent; border:.1em solid #fcfce9; border-left:1em solid #fcfce9; box-sizing:border-box; margin:.5em 0; overflow:hidden; padding:.5em; text-align:left; width:auto;">Unter den Btrfs-spezifischen Anpassungen (1, 2) waren einige, die Latenz- und Stabilitäts-Probleme beseitigen, die bei knapp werdendem Speicherplatz auftreten können.</div><!--/notypo--><br />	

4. Wacko is spamming BRs, in between everything
5. add option to hide protected links
   • You must login to see this link. Register now, if you have no user account yet.
6. Error: Bad value 4 for attribute type on element ol.
   1. see $new_indent_type in wackoformatter -> error prone

      •   1. hallo
            5. should not take the number but 1, same for i, I, a, A	

   2. Block elements inside inline elements
   3. http://www.w3.org/TR/html5/gro[...]nt.html#attr-ol-type
7. allow case insensitive matching of file links, e.g. File:image.jpg
8. breaks quote

   <[http://www.example.com]>	

9. <[ ]> eats blank line in quote, undesired
10. broken nested quote

    • <[block
      <[nested quote]>
      quote
      ]>	

3.9. Admin Panel

1. upload module

   1. PAY ATTENTION TO SECURITY RISKS
       
      
      Before adding random file/MIME types: please think about possible security issues.
      
      For example HTML (.htm, .html), JavaScript (.js) and PHP (.php) file are types you’d better avoid as they can be “executed” on your server where you really would not want that to happen. For most of these kind of files, this should not be a problem though as these files are better off being compressed into a ZIP file anyway.
      
      Only add file types that you REALLY need and that you are comfortable with.	

2. add module to filter, moderate and manage pages, comments, (files)
   1. see modules for content like pages
3. recovery mode: CSS and images won't load
   • index.php: (!$db->ap_mode && RECOVERY_MODE) excludes static files!
     • !$db->ap_mode
4. purge logs (TRUNCATE)
   1. log table
   2. referrers
   3. badbehavior

   •  <thead class="data-head">
             <tr class="">
             </tr>
             [...]
         </thead>
     
     <tbody id="table-section-one">
     [...]
     </tbody>
     
     <tbody id="table-section-two">
     [...]
     </tbody>	

3.10. Usability issues

1. add double-click support for editing comments
2. When should I use a select box instead of radio buttons?
   1. https://www.nngroup.com/articl[...]es-vs-radio-buttons/
3. Not indicating an active form field
   • e.g.

     textarea:focus {
         border: 1px solid red; }	

   • You can use the ‘:focus’ selector on lots of elements, but it’s super handy when used on inputs and textareas to indicate that the field is active. Add CSS styling such as a highlighted border, or a subtle change to the background color.

Readings

1. https://www.nngroup.com/articles/low-contrast/
2. https://backchannel.com/how-th[...]eadable-a781ddc711b6

3.11. Ideas

1. spam / badword handling -> bad_words($text) function
   1. https://en.wikipedia.org/wiki/Wordfilter
   2. https://stackoverflow.com/ques[...]ood-profanity-filter
   3. What you need is a good way for users to flag inappropriate content and a mechanism to deal with it swiftly. One way is to automatically hide/remove content if it's been flagged more than X times.
2. rel="edit" -> https://tools.ietf.org/html/rfc686
3. enforce ACL-Policy, e.g. set read to $, user can't overwrite the setting

4. Unscheduled

4.1. Most Annoying Bugs

4.2. Core

1. Extended Acls
2. if ($method && $method != "show") unset($wacko->config["youarehere_text"]);
3. /Users/DidierSpaier/ProposedSpecificationsForLanguagesHolding
4. rewrite search action

4.3. Formatters

1. cleanwacko-> strip also file: links and formatter options (hl php ...)

5. Database

• PostgreSQL support
• SQLite support

Implementation itself should not be that difficult, however it needs at least one major user.

6. Requests

1. add function InviteGroup (allow/deny add/remove)
2. receive all messages combined in one digest
   1. daily at
   2. once per week on
   3. once per month, on the day number
3. option for allowed actions in comments
4. move antispam.conf as badword to config