Things I'd like to make happen 2009/09/04 - Retain offset/perpage/sort-order and related info in the session and/or user profile - need to keep separate record of domain list and record list settings [COMPLETE] - Support groups (currently group id is hardcoded to 1 anywhere it might be referenced) [COMPLETE] 2009/09/10 - Security/hardening - "if a=1 then elsif a=2 then elsif a=3 then else die neatly" - work correctly with taint mode - use SQL execution parameters to reduce quoting screwups - throw garbage at it and see what sticks - throw deliberately malformed data and see what sticks - rDNS matching - tag'n'warn records where forward and reverse are both supposed to be published "here" - mainly prevents unneccessary record duplication 2009/12/10 - MOTD - Encapsulate all SQL in DNSDB.pm 2009/12/15 - Wrap non-critical bits like Net::Whois::Raw so that they don't just cause a failure, and the bits that need them are only available if they're installed 2009/12/16 - Add record type editor - note, just to edit which types are visible - Subclass some of the specifics of record handling? - would let users create plugin code to support arbitrary types - Push DB name, host, username, password into config file [COMPLETE] 2009/12/17 - "complete rewrite" target: one table of objects, one set of functions; hooks to manipulate "special" data for given types of objects? (even merging domain/group/user objects would reduce a lot of code almost-duplication) 2010/04/07 - Show domain's group in domain record display 2010/06/24 - VegaDNS is apparently derived from NicTool (nictool.com), and, of course, has somewhat fewer features. *sigh* [COMMENT] 2011/02/17 - Multi-column sort in record list, possibly domain, group, and user lists too. This could probably integrate with the previous point; there's a lot of copy-paste-tweak between the four types of abstract object. 2011/07/14 - Warnings: - non-best-practice SRV record (not _service._class) - long TXT records (tinyDNS support for TCP DNS responses is limited and often not configured) - Auto-rDNS on adding A record 2011/07/18 - "Move domain to group " [PARTIAL - only for domains, separate "bulk operations" page] 2011/07/20 - Replaceable web templates - Stolen^Wborrowed from Curtis Bruneau's API, sort of): - Multiple templates per group, including sane default template (integrate with default records; add "template" column) - Deep search (eg record content) from high UI layer - Locations/views 2011/08/31 - OOPishness: Once things are converted to put all entities/objects in the same table (with a single series of IDs to uniquely identify any give entity), create subobjects for user, group, domain, record, and defrec 2011/09/09 - Options to bypass the "do you really want to delete " pages, and Just Do It(TM). Should increase logging verbosity so it can be more easily undone (er, sorta) - Steal Vega's active_sessions table? 2011/09/21 - (Ab)use DNS RR types in the range 65280 to 65534 ("Reserved for Private Use") for eg A+PTR, or bulk-rDNS default PTR 2011/10/07 - Watch for undefined parameters - Componentizing: - Add custid field to domains (and/or groups?) to more easily allow retrieving a restricted set of domains - For production use, turn on "no errors on template var doesn't exist" for HTML::Template - Config knob to allow loading complete custom templates (fall back to stock ones) 2011/10/13 - Catch "delete group with stuff still in it" errors. Or possibly offer a flag to really "YES DAMMIT I WANT IT ALL GONE" delete all children of a group with stuff in it. 2011/10/20 - Add "back to " link in log for domain - Add subgroup count to group list - Add log link to users, domains, groups? listings - Validate A -> \d+\.\d+\.\d+\.\d+, AAAA -> [\da-f:]+ before feeding to NetAddr:IP; don't want to enter a v6 address on an A record or vice versa [COMPLETE] 2011/10/27 - Add support for converting a bare "@" as the hostname into the domain name a la BIND - do this on entry, or export? 2011/11/03 - Log security violations in a separate log, accessible to a restricted group of users (ie, admin-only) 2011/11/08 - Instead of logging failures alongside everything else, only log when a fail-counter for that action has passed a threshold. Track the fail count in the session. 2011/11/10 TODOs and ideas are now (mostly) in Trac (https://secure.deepnet.cx/trac/dnsadmin)