if you go to the page settings and try to delee any of its child pages it does not work. I have reported it before but it was closed although the mistake persists. Try deleting a child page in pragyan.org if u wish to check.

In need of [http://xrchat.info/forums/xrumer-files/ Xrumer files]? check out the Xrchat forums!

The installation is done by using the contents of the INSTALL directory. But once the installation is complete, the directory is left as it is. Most other CMS require the user to remove the install directory and only then they'll work. but it is necessary to have the installation directory just in case the admin needs to reinstall the cms. But this easily can be exploited. Anyone can go to /INSTALL/install.php file and reinstall the cms.

So i guess the best course of action would be to rename the INSTALL directory to INSTALL-, so that no one can arbitarily do an attack.

Right now we are only able to upload images in the gallery module, but the user should also be able to import images from diffrent external sources like picasa,flickr etc..

This is a test ticket by Tragit (http://github.com/abhishekdelta/tragit)

Pragyan CMS fine permission management allows a number of users to admin the site simultaneously. In case when the administrators are far away and do not communicate much and one admin does some setting change keeping in mind some reason which others might not know, then he should be able to leave a NOTE for the other admins who may login after him so that they don't undo that setting.
Features :

1. A new section can be created in +admin, called "Notes".
2. Admin should be able to read, write, save and send notes.
3. All the notes sent will be stored in an Archive and any admin should be able to see all the past notes.
4. Admin can write a note and send it to ALL admins, or a list of specific admins.
5. Admin can also save notes and don't send it to anyone else. The saved notes will be for his personal use.
6. When an admin logs into the website and goes to +admin, just like he gets a prompt for site reindexing (if the site index is old), he should get a prompt for UNREAD NOTES if any.

Later on, this feature should not be extended to users and only ADMINS should be able to send notes to other admins. But this can be extended and admin should be able to send notes to non-admins users also, in which case it would be displayed in their profile.

The "tex" plugin in cKEditor uses the '/usr/bin/latex' which is available only in linux environment. In case the server is running on windows, an alternative should be made. Requesting suggestions for the same.

A lot of users can be given a lot of permissions on a lot of pages. Sometimes, the admin may forget to take those permissions back. Similarly, the admin may change some configuration temporary which may have security risk and then he forgets to undo it. In this case, Pragyan CMS should be able to detect them and FIX them. This feature's code should be written in such a way that it is possible to add more security checks and their fixes easily. Some of the security checks to start with :

1. Warning : Page with view action "NO" but PDF "Yes"
   FIX : Make PDF action "NO".

2. Error : Admin permissions not sufficient
   FIX : Give Admin all permissions

3. Warning : SQL Query module has EDIT permissions for other than administrator user/group
   FIX : Make SQL Query module's EDIT perms only for admin

4. Warning : A non-admin user has "GRANT" permissions i.e. he can create his own admins.
   FIX : Remove GRANT permissions from him

5. Warning : Uploads has shell/python/PHP scripts/executables files allowed in gallery,article,profileimg,form.
   FIX : Disallow further uploads of those file types.

6. Warning : Also check if files mentioned above are already uploaded somehow.
   FIX : Delete those files

These are some which I can think now, but I'm sure we'll find more as Pragyan CMS grows and more features are added. Security holes would surely increase and any such hole and its fix should be integrated in this feature. Admin should be able to run security check from the +admin interface. In which case he'll see the output like above and then on clicking on "FIX THIS" or "FIX ALL" he should be able to fix these security loopholes in few clicks.

There are 2 categories : Error and Warning. Security risks with Error must be fixed immediately and even if admin didn't click on "FIX THIS" for that, it should be automatically fixed ! While for Warning, admin may chose to ignore them.

Pragyan CMS has only 1 menu. This should be changed using the menu manager which can be used to create new menu and also create the menu tree of each element of that menu.

i.e. I can create a custom menu with the menu elements not necessarily be the pages at the level, instead they can be any pages belonging to any depth in the website map. We should also be able to create submenus of that menu and so on.

A complete custom menu. Thats what the menu manager should do. And not just one, but multiple menus. All the custom menu output's should be stored in a single array $CUSTOMMENU and each index should contain the code of that menu i.e.
$CUSTOMMENU[0] will contain code of 1st custom menu if it exists and so on. This should be put in the template at appropriate place.

[http://atworkcom.com/foot-doctor-in-san-antonio/ podiatrists in san antonio]

{{{
$query = "UPDATE article_content SET article_content = '" . $_POST["CKEditor1"] . "' WHERE page_modulecomponentid ='$this->moduleComponentId' ";

}}}
Un-escaped $_POST["CKEditor1"]. Sure to lead to SQL injection.
Using safe_html will disallow javascript. Leaving this as it is will cause a permitted member (who might not have full permission over the cms) to run arbitrary SQL query.

for now every move up and move down is a page reload which is unneccessary.
the ordering can be taken care of by some frontend javascript and then when submitted, the ordering is saved in backend completely.

This should reduce a lot of server load when a quiz is being sorted by the quiz setter.

A revision control system should be designed and developed so that every change even minor one, in any of the module is tracked. For e.g. if I extend the deadline of a form, or delete an image from gallery, or modify the quiz questions or timer, everything should be logged in human readable format and should be available at one place in +admin.

Something like this :

Abhishek Shrivastava ([email protected]) has changed the 'Expiry Date' of 'Labyrinth Registrations' Form.

Administrator ([email protected]) has changed the site 'Footer Text'.,

Foo ([email protected]) has granted '+edit','+post' permissions to '[email protected]' on 'Foo Introduction' article.

and so on ...

This idea is far-fetched and should be implemented in parallel with the Log Class #49 ticket. This can only be done when the entire cms is rewritten with properly logging everything (every form submit in admin or non-admin interface).

When a new child page is created, it should inherit the menu settings of parent page instead of being 'classic' menu always.

This is a test ticket by Tragit (http://github.com/abhishekdelta/tragit)

we can add a type of question that will accept uploads. like for example you expect the answer to be a flow chart the user can do it in a paper, take a photo of it and upload it as a solution. it can be added as a type of question like there are subjective and objective questions

if you go to the page settings and try to delee any of its child pages it does not work. I have reported it before but it was closed although the mistake persists. Try deleting a child page in pragyan.org if u wish to check.

Ordering of pages in book module is default by now, there is no option of ordering the pages.

This happens when the user wants to convert an article page with has child pages, into a book and also preserving all the child pages. This can be easily done by first calling the deleteModule() of the initial pagemodule type and then calling the createModule() and override it to use the same module component id as before.

[http://tisot-eilat.com/tisot-eilat.html טיסות לאילת]

Just like a gallery module,a video module can be created where videos can categorized and played accordingly.A back end built-in converter is required so that any video format can be converted to those currently supported by the browsers(.ogv,.webm,.mp4).
Additionally, features like comments, ratings,like and dislike options may also be added to enhance the usability.

revise it as soon as wjk [http://molior.mcs.suffolk.edu/trac/MCSupdate/ticket/3 SEnuke] 21 extra days hh full week today as well as with out looking to put virtually any media hype, I must declare mov searching to become extremely guaranteeing programmed application answer with regard to developing back-links along with SEnuke kew systems connected with Web page link Small wheels. SEnuke X Since creating this specific publish we have now certainly not seasoned virtually any important insect as well as problem and still have currently SEnuke eq [http://molior.mcs.suffolk.edu/trac/MCSupdate/ticket/3 SEnuke review] ujo
needed to bring up to date the program as soon as jrmde.

'Hospi' module doesn't look good enough. 'Accomodation' module better suits the functionalities of that module.

As of now, every widget in Pragyan CMS have a global_disable option, which when set the widget output becomes null. This check for option is implemented inside the widget and hence is the responsibility of the widget author to make sure it works properly. Instead of this, Pragyan CMS should be able to automatically handle that for any widget

So the global_disable option may not exist by default in the widget's configuration and still the admin will be able to disable the widget from the pragyan cms anytime he wants. Pragyan CMS will automatically kill the output of the widget if the global_disable is set for that widget.

When a question of type Single Answer Multiple Choice is being created and the options are added, if the admin submits without selecting the correct answer, the page reloads with an error message saying the correct answer was not selected.But the options previously selected are no longer available.

Pragyan CMS core libraries (admin interface) generates tables, divs and other HTML elements and also assign them some class and id attributes for javascript or styling purposes. To make sure that those class and id names do not conflict with the class and id names used in the template, they should be standardized.

We can have all class and id names to begin with 'pragyan_'. Also the class and ids should have sensible names and should be reused. For e.g. pragyan_table should be there in all normal

if you go to the page settings and try to delete any of its child pages it does not work. I have reported it before but it was closed although the mistake persists. Try deleting a child page in pragyan.org if u wish to check.

If an article is being edited by some person, and in between someone opens the +edit page do some editing and save, and then when the first person finally finishes his editing and saves, then the changes made by the guy who edited in between will be lost !

To prevent this, a 'lock' kind of thing should be made for articles +edit. Whenever a person opens the +edit, you enable the lock. Now if some other person opens +edit he will see a warning that someone is already editing the article. Note that 'lock' won't prevent him from editing, its just a warning to him that his changes will be lost when the guy who opened +edit first will submit.

As soon as the guy submits, the corresponding lock should expire. Also, if the guy forgets to submit, the lock should automatically expire after a time-out which should be at least 45 minutes.

test issue

When the user logs in via OpenID first time his account is created in pragyan cms without any password and linked to his Open ID account. In that case, if after long time the user forgets that he logged in via open id and tries to reset his password, he'll still get a password reset email. Instead, he should get an email saying that "You account is registered via Open ID, so you cannot reset your password."

Template code is the most important code that renders the page. Now, if for some reason the user puts a buggy template and loads the page, he won't see any content if there's any php error in template code. And now, since he doesn't see anything, he cannot change the template also. Instead, there should be some way to detect the template error and automatically switch to crystalx in that case, or simply show an error that "the template has faults, please chose another template now " and give the list of available templates.

[http://www.princetoninternetmarketing.com/strategic-internet-marketing-consultants/online-marketing-strategies/press-release-writing-and-distribution/ internet marketing]

Mark assignment for every question is a form submit, try to make mark assignment for all questions as a single form submit.

Right now we are only able to upload images in the gallery module, but the user should also be able to import images from diffrent external sources like picasa,flickr etc..

a built-in trac can be made available for the admin and developers of the website to track their progress on the website and vision on its developement.

A facility for the admins to subscribe to the form if he needs it. This way, details any new registrants will be mailed to his EMAIL address automatically. So that he gets notified whenever someone registers. This would be good for feedback forms.

we can create a module kind of thing that can generate weekly or monthly newsletters and mail the registrants of that website.

There should be an option of select multiple images at once and delete them, instead of deleting the images one by one.

Option to disable cKeditor in article edit and directly insert HTML code. Just for the sake of old programmers who like writing HTML codes directly. This should be done in javascript at the article-frontend itself.

srx bring up to date [http://qtermray.kb24.dnsalias.org/trac/ticket/101283/ SEnuke] wyzm the program as soon as sis 25 days hq 1 week today in addition to without having seeking to put virtually any buzz, I've got to state pce seeking as a really offering programmed tqov computer software answer intended for constructing back links as well as [http://www.scicraft.org/trac/ticket/138035/ SEnuke mhg] SEnuke X bxv communities regarding Website link Tires [http://www.scicraft.org/trac/ticket/131107/ SEnuke X Review] Senuke X review Since producing that write-up we now have not really encountered just about any key irritate or maybe drawback and still have witout a doubt SEnuke X review hg [http://molior.mcs.suffolk.edu/trac/MCSupdate/ticket/3 SEnuke review] fcu
were required to bring up to date the application after lgluz.

After the page of type link or external link is created, it cannot be edited again if suppose the link needs to be modified. This should be made possible

The present CMS is a bit localized as it focuses on websites with mainly educational content.The CMS can be expanded and modules for features such as shopping carts, space for advertisements and the like can be added which can be used by any general website.

This will be a web interface to create, manage and schedule task/scripts. This will be very useful in cases like deleting disposable email ids.

There's been a major change in the way firefox handles input type='image' form elements. Firefox no longer sends the POST variable with the same name as that of the 'image' input type, instead it sends two other variables for x and y coordinates for the image. For example -

{{{
<input type='image' name='user_info' ... value='hello' />
}}}

when submitted via POST or GET, the following variables will be sent :

{{{
user_info.x = 123
user_info.y = 233
}}}

which are interpreted in PHP as follows :

{{{
$_POST['user_info_x'] = 123
$_POST['user_info_y'] = 232
}}}

while $_POST['user_info'] will be unset.

Due to this bug, many parts of Pragyan CMS may not work in recent versions of Firefox. The one I have discovered is the 'Edit User Info' within User Management.

Workaround :

There are 3 ways to fix this:

1. Javascript way :- As far as I know, this only happens for Firefox 4+ (someone should confirm this). So using Jquery, we can detect the browser version and if its Firefox 4+, we can find out all the form elements (of the form being submitted) and manually insert post/get variables of the same name as those of image input type elements in that form.
   PROS : Easy to use. Just 1 script could be added in template's index.php and that'd take care of everything.
   CONS : Javascript disable will kill it.

2. PHP way :- Simply add an extra hidden element with the same name for every image type element in the form. (Someone should check what will happen when there are 2 elements of same name in the same form, in other browsers)
   PROS : Will work surely, atleast in Firefox
   CONS : May not work (conflict due to same name) in other browsers. Considerably more code changes are needed in the backend.

3. The 'third' way :- We can do a grep for image type input in the codebase and try to avoid using it at all. Its similar to PHP way, but instead of inserting an extra hidden element of same name, we'll insert a different name element and change the backend accordingly, i.e. we won't depend on the submission of image type element's name at all.
   PROS : Will work, forever.
   CONS : Code changes at many places needed.

Please decide which one of the ways is feasible. If you have any other way of fixing it, add it.

A script that will upgrade an existing Pragyan CMS v2.6 website to Pragyan CMS v3. During installation of Pragyan CMS v3, there should be an option of whether the user wants to "UPGRADE from v2.6" or "Fresh Install". Incase of Fresh Install, the normal procedure is adopted. In case the user choses UPGRADE, then the user should give information about the database of old v2.6 website. Then the upgrade script will come into action and instead of creating new tables and values, the existing v2.6 database is converted into v3 so that the v3 cms files can work with them.
It should basically compare the databases of v2.6 and v3. The v2.6 table structure should be converted into v3 table structure. For new columns in v3 that aren't there in v2.6, a default value should be inserted that doesn't conflict with the table properties. Also new tables which are missing in v2.6 have to be created and appropriately populated with values which may be linked to values in some existing table.
After the database changes are done, the normal installation is done, with the only exception being that no new database and tables were created. And when the new website runs, it will already have the pages and modules that existed in v2.6 old version.
This requires knowledge about all the changes in database which have been done between v2.6 and v3. Also whenever, a new database change is done for any new feature, then the upgrade script should be appropriated modified.
This one's REQUIRED for upgrading NITT Website to v3.

[http://tisot-eilat.com/tisot-eilat.html טיסות אילת x]

There is Sql injection vulnerability in CMS v3.0

the vulnerability is in

http://target.com/path/+view&thread_id= parameter

[http://www.edgewall.com/ Edgewall479 Software0321]

-1 depth is not working in PDF when done on any non-home page. Its working fine when done from the home page.