TNG 11 Setup and Modifications
I use TNG as a web display program. User login is authorized only
for those allowed to view the living, and is usually restricted to a
branch. Changes or editing, etc are not allowed.
- gts007 - Configure Between-And in date format to show
as "1998 - 1999".
- gts011 - ID import to trimsize 5 for FTM 2017.
- gts012 - Remove forgot/remember/reset option from login.
- gts014 - Security and request validation front-end and associated modifications to make it
- gts015 - Remove some remaining vestiges of global variables.
Leave request variable copying. [Need further study of processvars.php.]
- gts016 - Provide partial or total Redaction of information
when not logged in. Also Private redaction for everyone. Uses a
special character: if first in text redacts entire, if first in
line redacts line, else redacts part delimited as quotes.
exposes living data in citations in a deceased person's page.]
- gts017 - Remove Send-Copy option on suggestion page. Reveals server information and
allows junk mail sending.
- gts020 - Remove host name lookup for logs. Gehostbyaddr()
causes long response delays for clients whose provider does not
adequately support reverse DNS lookup.
- gts021 - Disable genlog.txt. All needs now met by gts014
- gts022 - Add help line to new Family Tree display.
- gts023 - Revise unsafe direct use of HTTP_REFERER. Verify
- gts024 - Block unused menu items: bookmarks, albums,
allmedia, whatsnew, mostwanted, reports, trees, branches, notes.
- gts025 - Change all 46 instances of die() to dieX() so that
TNG gives HTTP error 403 and logs error in gts014 log. Except
for search, famsearch, and searchlib which now gives a friendly
error message using the msg parameter.
- gts026 - 4/3/2019 Change all 26 "pagedoesnotexist" responses to
direct 404 instead of a 302 redirect to
thispagedoesnotexist.html. This should help Bots clear invalid
requests from their indexes. After 5/2/2019 responds 410 Gone
because most are deleted items.
- gts027 - 4/16/2019 Remove "shortcut icon" from plain web page
presentation in genlib.php. Causes an unnecessary extra GET
- gts028 - Remove loading of jQuery from GoogleAPI from
genlib.php and adminlib.php. This revealed the parameter string
of every GET request to Google.
- gts014a - 4/16/2019 Change gts014 to give a direct 400 Bad
Request response to Invalid Requests. The 302 Redirect to the
unknown "/URI=" previously resulted in a 404 Not found.
03 May 2019 08:48:13 -0700