TNG 11 Notes
I use TNG as a web display program. User login is authorized only
for those allowed to view
the living, and is usually restricted to a branch. Changes or editing, etc are not allowed (see
- Needs a general setup feature to disable any menu item despite
- Perhaps each with logged-in user and/or admin exception.
- Similarly, the Trim Menus option should trim any menu
with no content, such as Albums.
- Lines Statistics should be similarly blocked and
- Needs better use of space in the Individual display. Multiple value events need to stay on one or
fewer lines if the text will fit, rather that use multiple
- Relationship need not be displayed unless other than
Natural. Or possibly change the event name to Step-Father,
- Needs a logging option for non-programming users to block
gethostbyaddr() to prevent response delay for viewers with inadequate reverse lookup support. Perhaps with an administrative
option to view or convert the log with client host names added.
- Needs setup option to make thumbnails presentation the default for media displays.
- Problem: Media only imports one directory level down, needs
to go deeper.
- Problem: Places and Cemeteries are too strict when parsing place
names. Trailing characters or comments are treated as part of
the last name given such as the state or country. I use trailing
comments in parentheses, e.g. "Austin, Texas (Westside
- Needs to say "Living" with icon in media
- Needs to verify all caller supplied data including
parameters but also such as HTTP_REFERER, HTTP_USER_AGENT,
HTTP_HOST, etc. preg_match() is a very powerful tool for such
- Needs to reject entirely with 400 Bad Request, not just
trim as in processvars.php and give as "does not exist".
This allows Bots to clear their indexes and reduce further
- Needs to suppress display of details about a living person
in ssources/notes when on a deceased persons page (if that
citation is linked to a living person as well as a deceased)
- TNG currently links identical citations from a loading
a GEDCOM to multiple persons, and in some cases does block
images, etc. with a living link. But not for citations?
- This is a hard problem. Really only the details about a
living person need be redacted as per my personal
modification gts016, but that
requires the data provider to mark such places.
- Needs to report most die() calls as 403 Forbidden and log.
Several die() calls related to too many queries, need to report
back to the search page to help the user.
- Needs to change thispagedoesnot.html redirection to a 404
Not Found response. This would reduce the GET requests and allow
Bots to remove the bad link from their indexes and reduce
further server workload.
- Needs and option to remove the "short icon" in the Meta Tags
for regular web pages. It just causes an extra GET request for
sites that have the favicon in the web root.
TNG Questions and Unresolved Problems
- personID etc allows trailing blanks in web requests. Why? Apparently never
used by TNG itself.
- Larger image does not pop-up when hover over image. Why?
Browser problem? Worked in previous versions.
- Problem: PDFs and GEDCOM download can be blocked entirely by
setup, but login user permissions don't seem to block?
TNG Setup and Modifications (local changes)
- gts007 - Remove Between-And in date format, and set to show
as "1998 - 1999".
- gts011 - ID import to trimsize 5 for FTM.
- gts012 - Remove forgot/remember/reset option from login.
- gts014 - Security and request validation front-end and associated modifications to make it
- gts015 - Remove some remaining vestiges of global variables.
Leave request variable copying. [Need further study of processvars.php.]
- gts016 - Provide partial or total Redaction of information
when not logged in. Also Private redaction for everyone. Uses a
special character: if first in text redacts entire, if first in
line redacts line, else redacts part delimited as quotes. [TNG
exposes living data in citations in a deceased person's page.]
- gts017 - Remove Send-Copy option on suggestion page. Allows
reveal of server information and junk mail sending.
- gts020 - Remove host name lookup for logs. Gehostbyaddr()
causes long response delays for clients whose provider does not
adequately support reverse DNS lookup.
- gts021 - Disable genlog.txt. All needs now met by gts014
- gts022 - Add help line to new Family Tree display.
- gts023 - Revise unsafe direct use of HTTP_REFERER. Verify
- gts024 - Block unused menu items: bookmarks, albums,
allmedia, whatsnew, mostwanted, reports, trees, branches, notes.
- gts025 - Change all 46 instances of die() to dieX() so that
TNG gives HTTP error 403 and logs error in gts014 log. Except
for search, famsearch, and searchlib which now gives a friendly
error message using the msg parameter.
- gts026 - Change all 26 "pagedoesnotexist" responses to
direct 404 instead of a 302 redirect to
thispagedoesnotexist.html. This should help Bots clear invalid
requests from their indexes.
- gts027 - Remove "shortcut icon" from plain web page
presentation in genlib.php. Causes an unnecessary extra GET
- gts028 - Remove loading of jQuery from GoogleAPI from
genlib.php and adminlib.php. This revealed the parameter string
of every GET request!
17 Apr 2019 18:21:13 -0700