Family Genealogy - Site Notes Home

TNG 11 Notes

I use TNG as a web display program. User login is authorized only for those allowed to view the living, and is usually restricted to a branch. Changes or editing, etc are not allowed (see modifications below).

TNG Needs

  • Needs a general setup feature to disable any menu item despite content.
    • Perhaps each with logged-in user and/or admin exception.
    • Similarly, the Trim Menus option should trim any menu with no content, such as Albums.
    • Lines Statistics should be similarly blocked and trimmed.
  • Needs better use of space in the Individual display. Multiple value events need to stay on one or fewer lines if the text will fit, rather that use multiple lines.
    • Relationship need not be displayed unless other than Natural. Or possibly change the event name to Step-Father, Adoption-Father, ...
  • Needs a logging option for non-programming users to block gethostbyaddr() to prevent response delay for viewers with inadequate reverse lookup support. Perhaps with an administrative option to view or convert the log with client host names added.
  • Needs setup option to make thumbnails presentation the default for media displays.
  • Problem: Media only imports one directory level down, needs to go deeper.
  • Problem: Places and Cemeteries are too strict when parsing place names. Trailing characters or comments are treated as part of the last name given such as the state or country. I use trailing comments in parentheses, e.g. "Austin, Texas (Westside Cemetery)".
  • Needs to say "Living" with icon in media thumbnails display.
  • Needs to verify all caller supplied data including parameters but also such as HTTP_REFERER, HTTP_USER_AGENT, HTTP_HOST, etc. preg_match() is a very powerful tool for such uses.
    • Needs to reject entirely with 400 Bad Request, not just trim as in processvars.php and give as "does not exist". This allows Bots to clear their indexes and reduce further server workload.
  • Needs to suppress display of details about a living person in ssources/notes when on a deceased persons page (if that citation is linked to a living person as well as a deceased)
    • TNG currently links identical citations from a loading a GEDCOM to multiple persons, and in some cases does block images, etc. with a living link. But not for citations?
    • This is a hard problem. Really only the details about a living person need be redacted as per my personal modification gts016, but that requires the data provider to mark such places.
  • Needs to report most die() calls as 403 Forbidden and log. Several die() calls related to too many queries, need to report back to the search page to help the user.
  • Needs to change thispagedoesnot.html redirection to a 404 Not Found response. This would reduce the GET requests and allow Bots to remove the bad link from their indexes and reduce further server workload.
  • Needs and option to remove the "short icon" in the Meta Tags for regular web pages. It just causes an extra GET request for sites that have the favicon in the web root.

TNG Questions and Unresolved Problems

  • personID etc allows trailing blanks in web requests. Why? Apparently never used by TNG itself.
  • Larger image does not pop-up when hover over image. Why? Browser problem? Worked in previous versions.
  • Problem: PDFs and GEDCOM download can be blocked entirely by setup, but login user permissions don't seem to block?

TNG Setup and Modifications (local changes)

  • gts007 - Remove Between-And in date format, and set to show as "1998 - 1999".
  • gts011 - ID import to trimsize 5 for FTM.
  • gts012 - Remove forgot/remember/reset option from login.
  • gts014 - Security and request validation front-end and associated modifications to make it work.
  • gts015 - Remove some remaining vestiges of global variables. Leave request variable copying. [Need further study of processvars.php.]
  • gts016 - Provide partial or total Redaction of information when not logged in. Also Private redaction for everyone. Uses a special character: if first in text redacts entire, if first in line redacts line, else redacts part delimited as quotes. [TNG exposes living data in citations in a deceased person's page.]
  • gts017 - Remove Send-Copy option on suggestion page. Allows reveal of server information and junk mail sending.
  • gts020 - Remove host name lookup for logs. Gehostbyaddr() causes long response delays for clients whose provider does not adequately support reverse DNS lookup.
  • gts021 - Disable genlog.txt. All needs now met by gts014 logging.
  • gts022 - Add help line to new Family Tree display.
  • gts023 - Revise unsafe direct use of HTTP_REFERER. Verify URL valid.
  • gts024 - Block unused menu items: bookmarks, albums, allmedia, whatsnew, mostwanted, reports, trees, branches, notes.
  • gts025 - Change all 46 instances of die() to dieX() so that TNG gives HTTP error 403 and logs error in gts014 log. Except for search, famsearch, and searchlib which now gives a friendly error message using the msg parameter.
  • gts026 - Change all 26 "pagedoesnotexist" responses to direct 404 instead of a 302 redirect to thispagedoesnotexist.html. This should help Bots clear invalid requests from their indexes.
  • gts027 - Remove "shortcut icon" from plain web page presentation in genlib.php. Causes an unnecessary extra GET request.
  • gts028 - Remove loading of jQuery from GoogleAPI from genlib.php and adminlib.php. This revealed the parameter string of every GET request!

Page modified: 17 Apr 2019 18:21:13 -0700

[Back to Top Send comments or questions to Contact Me. Home