This is a list of what we see as the things in Tiki that need changing/fixing - the focus is on things about Tiki that make it harder for us to extend it. We'd like to know which of these things have been improved in the current version and which ones would still be bothersome.

Missing critical features

• No built in support for multiple databases or multiple web servers
• No built in memcache support
• How are sessions implemented in Tiki 4? We have put them in memcache since they were in DB before, also didn't like the default for auto session start (too expensive)
• No unit tests
• No well defined "core" set of functions or library. Frequently used functions sometimes lie in different files.
• Missing essential functions. g.g. for base url - I wouldn't trust using $base_url (global variable may be changed), for notifications (see also Other), sanitization (e.g. make_plain or something).
• Overuse of global variables - makes it hard to trace what comes from where. I think it's critical, we should eradicate use of globals.
• No hook system or something similar makes it hard to add functionality

Scalability issues

• Includes of thousands of lines of unnecessary code on every request, code should be included on a more as needs basis or autoloaded
• No apparent benchmarking (see also security)
• Too many layers of includes. E.g. tiki-index.php includes tiki-setup.php includes tiki-setup_base.php includes tikilib.php includes tra.php... etc. These make it very hard to track where stuff is coming from.
• Template system is really slow -- Smarty is slow as it comes, but with Tiki filters added on top it you can really feel the slowness

Security

• Top level security code really slow (version from Tiki 3) and previous versions have not worked correctly (e.g. ur<x>l)
• Escaping in templates not enforced, scattershot
• File upload code has caused problems in the past (fixed by us, did the patch make it into Tiki?)

Code organization

• Modules (code stored in db) both a security issue and a version control issue
• File naming and organization could do with work
  • hundreds of files in the root dir, mostly starting with tiki-.
  • libs not consistently located (code layout issue)
  • some libs lack cohesion
• Really long functions
• Uncommented/unphpdoced/unusefully commented functions
• Poorly indented code

Database

• Lack of critical indexes
• Lots of slow queries
• Confusingly named tables (e.g users_users)
• Use of MyISAM when InnoDB should be used

Other

• Out of date database libs (no support for stored procs etc)