|
|
| Line 1: |
Line 1: |
| This is a list of what we see as the things in Tiki that need changing/fixing - the focus is on things about Tiki that make it harder for us to extend it. We'd like to know which of these things have been improved in the current version and which ones would still be bothersome.
| | Moved to: |
|
| |
|
| '''The items most critical for us are marked in bold. '''
| | http://dev.tikiwiki.org/ArchitectureSuggestionsFromMozilla |
| | |
| = Missing critical features =
| |
| | |
| *'''No built in support for multiple databases or multiple web servers '''
| |
| *'''No built in memcache support'''
| |
| *'''How are sessions implemented in Tiki 4? We have put them in memcache since they were in DB before, also didn't like the default for auto session start (too expensive)'''
| |
| *'''No unit tests'''
| |
| *'''No well defined "core" set of functions or library. Frequently used functions sometimes lie in different files.'''
| |
| *'''Missing essential functions. g.g. for base url - I wouldn't trust using $base_url (global variable may be changed), for notifications (see also Other), sanitization (e.g. make_plain or something).'''
| |
| *'''Overuse of global variables - makes it hard to trace what comes from where. I think it's critical, we should eradicate use of globals.'''
| |
| *'''No obvious hook system or similar makes it hard to add functionality cleanly'''<br>
| |
| | |
| = Scalability issues =
| |
| | |
| *'''Includes of thousands of lines of unnecessary code on every request, code should be included on a more as needs basis or autoloaded'''
| |
| *No apparent benchmarking (see also security)
| |
| *Too many layers of includes. E.g. tiki-index.php includes tiki-setup.php includes tiki-setup_base.php includes tikilib.php includes tra.php... etc. These make it very hard to track where stuff is coming from.
| |
| *'''Template system is really slow -- Smarty is slow as it comes, but with Tiki filters added on top it you can really feel the slowness'''
| |
| | |
| = Security =
| |
| | |
| *'''Top level security code really slow (version from Tiki 3) and previous versions have not worked correctly (e.g. ur<x>l)'''
| |
| *Escaping in templates not enforced, scattershot
| |
| *File upload code has caused problems in the past (fixed by us, did the patch make it into Tiki?)
| |
| | |
| = Code organization =
| |
| | |
| *'''Inconsistency. This is everywhere. Naming conventions, mixed approaches, etc, etc.'''
| |
| *Modules (code stored in db) both a security issue and a version control issue
| |
| *File naming and organization could do with work
| |
| **hundreds of files in the root dir, mostly starting with tiki-.
| |
| **libs not consistently located (code layout issue)
| |
| **some libs lack cohesion
| |
| *Really long functions
| |
| *Uncommented/unphpdoced/unusefully commented functions
| |
| *Poorly indented code
| |
| *Messages mixed between php and template files, e.g. error messages assigned using tra(). This should never be used since it creates issues with portability and consistency (see https://bugzilla.mozilla.org/show_bug.cgi?id=510282). Also makes it hard to track where messages are coming from.
| |
| *Mixed implementation in include files: classes/objects versus stand-alone functions. This means that when you're including a library file you have to remember which of the two it is. Also, some of the choices to use one vs the other seem arbitrary to me, and in some instances use of globals is abused versus in others using objects. (if need be I can find concrete examples)
| |
| *Lack of coding standards. A really annoying example: I can remember a situation when a PHP file had spaces after the closing tag and it took me a long time to figure out that's what caused a page not to load. Coding standards should include no closing tag.<br>
| |
| | |
| = Database =
| |
| | |
| *Lack of critical indexes
| |
| *'''Prevalence of slow queries'''
| |
| *Confusingly named tables (e.g users_users)
| |
| *Use of MyISAM when InnoDB should be used
| |
| | |
| = Localization =
| |
| | |
| *'''No support for placeholders makes it almost impossible to translate strings with variables'''
| |
| *No support for markup (just plain text) -- this is connected to previous
| |
| *No caching, at least none that I'm aware of. This + smarty + loops with localized strings almost certainly leads to ridiculous page load times.
| |
| *'''Why doesn't Tiki use po files?'''
| |
| | |
| = Other =
| |
| | |
| *'''Out of date database libs (no support for stored procs etc) (note I think this is solved by the change to PDO)'''
| |
| *'''No centralized notification system. Dumping errors to error.tpl does not allow notifications on page. No types of notifications: warning vs error vs inform user messages '''
| |
| *'''No built in pagination support (which other CMSes have)'''
| |
| *'''No centralized form handling. It feels very unsafe to build forms in Tiki.'''
| |
| *'''Abuse of $_REQUEST variable'''
| |
| *Some features not well documented<br>
| |
| *A way to provide redirects would be useful. E.g. Drupal has ?destination parameter that redirects to a different location after form submission. Lots of places in the code have the header('Location: ') tag and this + lack of base_url function leads to nightmares when wanting to change redirects or figuring out why this page dies or goes somewhere, etc.
| |
| *Use of 'y' instead of booleans.
| |
| *No real "modular" system. Files from different modules are mixed together, and files from the same module must be kept in different places. Also applies to themes. To add an on/off switch for a module, must edit multiple files (and first find out which ones need editing).
| |
| *'''Use of Smarty'''
| |
| *Lack of menu system. Adding items to menus requires editing templates.
| |
| *Disorganized/unclear admin system. Under "General" is a (currently unused) option called Browser Title, which is akin to "Site Name," while under Look & Feel are options to change things Site Logo Title and Site Logo Alt description, which could be combined into more logical or familiar controls like "Site Name" and "Site Tagline." (It also says you should go to Site Identity, which is blank.) It seems like the poor organization of the admin system, particularly relating to themes, lead to it being ignored.
| |
| *Links used as headers in admin section. For example, in Look & Feel, instead of <h#> elements, it uses <a href="#"> to separate sections. At best, the links are links to themselves, at worst, to the top of the page.
| |
| | |
| = Examples =
| |
| | |
| *Refer to http://pastebin.mozilla.org/667336
| |
| *Mixed sources of information. There are 7 lines of the form if ( $prefs['something'] == 'y' ) followed by an if ( isset($_REQUEST['somethingelse']) ) then another reference to the global $prefs then one to if ( !empty($_SESSION['something']) ).
| |
| *Mixed responses to information. Most lines in the snippet include a file. Not all of them do. Some take additional actions.
| |