Family Genealogy - Site Notes Home

TNG 11 Notes

I use TNG as a web display program. User login is to allow viewing the living. Changes or editing, etc are not allowed.

TNG Needs

  • Needs a general setup feature to disable any menu item despite content.
    • Perhaps each with logged-in user and/or admin exception.
    • Similarly, the Trim Menus option should trim any menu with no content, such as Albums.
    • Lines Statistics should be similarly blocked and trimmed.
  • Needs better use of space in the Individual display. Multiple value events need to stay on one or fewer lines if the text will fit, rather that use multiple lines.
    • Relationship need not be displayed unless other than Natural. Or possibly change the event name to Step-Father, Adoption-Father, ...
  • Needs a logging option for non-programming users to block gethostbyaddr() to prevent response delay for viewers with inadequate reverse lookup support. Perhaps with an administrative option to view or convert the log with client host names added.
  • Needs setup option to make thumbnails presentation the default for media displays.
  • Problem, Media only imports one directory level down, needs to go deeper.
  • Problem, Places and Cemeteries are too strict parsing place names. Trailing characters or comments are treated as part of the last name given such as the state or country. I use trailing comments in parentheses, e.g. "Austin, Texas (Westside Cemetery)".
  • Needs to say "Living" with icon in media thumbnails display.
  • Needs to verify all caller supplied data including parameters but also such as HTTP_REFERER, HTTP_USER_AGENT, HTTP_HOST, etc. preg_match() is a very powerful tool for such uses.
    • Needs to reject entirely, not just trim as in processvars.php.
  • Needs to redact display of details about a living person in citations/notes when on a deceased persons page.
    • This is a hard problem. Really only the details about a living person need be redacted as per my personal modification gts016, but that requires the data provider to mark such places.

TNG Questions and Unresolved Problems

  • personID etc allows trailing blanks in web requests. Why? Apparently never used by TNG itself.
  • Larger image does not pop-up when hover over image. Why? Browser problem? Worked in previous versions.
  • Problem: PDFs and GEDCOM download can be blocked entirely by setup, but login user permissions don't seem to block?

TNG Setup and Modifications (local changes)

  • gts007 - Remove Between-And in date format, and set to show as "1998 - 1999".
  • gts011 - ID import to trimsize 5 for FTM.
  • gts012 - Remove forgot/remember/reset option from login.
  • gts014 - Security front end and associated modifications to make it work.
  • gts015 - Remove some remaining vestiges of global variables. Leave request variable copying. [Need to add more verification/checking to processvars.php.]
  • gts016 - Provide partial or total Redaction of information when not logged in. Also Private redaction for everyone. Uses a special character: if first in text redacts entire, if first in line redacts line, else redacts part as if used as quotes. (TNG exposes living data in citations in a deceased person's page.)
  • gts017 - Remove Send-Copy option on suggestion page. Allows junk mail sender.
  • gts019 - Set to block comments from service provider generic host name. Originally intended to block spammers. [Needs further study.]
  • gts020 - Remove host name lookup for logs. Gehostbyaddr() causes long response delays for clients whose provider does not adequately support reverse DNS lookup.
  • gts021 - Disable genlog.txt. All needs now met by gts014 logging.
  • gts022 - Add help line to new Family Tree display. [For general use, needs to add language support.]
  • gts023 - Revise unsafe direct use of HTTP_REFERER. Verify URL valid.
  • gts024 - Remove loading of jQuery from GoogleAPI from genlib.php and adminlib.php. This revealed the parameter string of every GET request!

Page modified: 21 Jul 2018 12:20:28 -0700

[Back to Top Send comments or questions to Contact Me. Home