Things I'd like to make happen

2009/09/04
 - Retain offset/perpage/sort-order and related info in the session and/or user profile
   - need to keep separate record of domain list and record list settings [COMPLETE]
 - Support groups (currently group id is hardcoded to 1 anywhere it might be referenced) [COMPLETE]

2009/09/10
 - Security/hardening
   - "if a=1 then elsif a=2 then elsif a=3 then else die neatly"
   - work correctly with taint mode
   - use SQL execution parameters to reduce quoting screwups
   - throw garbage at it and see what sticks
   - throw deliberately malformed data and see what sticks
 - rDNS matching
   - tag'n'warn records where forward and reverse are both supposed to be published
     "here" - mainly prevents unneccessary record duplication

2009/12/10
 - MOTD
 - Encapsulate all SQL in DNSDB.pm

2009/12/15
 - Wrap non-critical bits like Net::Whois::Raw so that they don't just cause a failure,
   and the bits that need them are only available if they're installed

2009/12/16
 - Add record type editor - note, just to edit which types are visible
 - Subclass some of the specifics of record handling?
   - would let users create plugin code to support arbitrary types
 - Push DB name, host, username, password into config file [COMPLETE]

2009/12/17
 - "complete rewrite" target:  one table of objects, one set of functions;  hooks
   to manipulate "special" data for given types of objects?  (even merging
   domain/group/user objects would reduce a lot of code almost-duplication)

2010/04/07
 - Show domain's group in domain record display

2010/06/24
 - VegaDNS is apparently derived from NicTool (nictool.com), and, of course, has
   somewhat fewer features.  *sigh* [COMMENT]

2011/02/17
 - Multi-column sort in record list, possibly domain, group, and user lists too.
   This could probably integrate with the previous point;  there's a lot of
   copy-paste-tweak between the four types of abstract object.

2011/07/14
 - Warnings:
   - non-best-practice SRV record (not _service._class)
   - long TXT records (tinyDNS support for TCP DNS responses is limited and often not configured)
 - Auto-rDNS on adding A record

2011/07/18
 - "Move domain to group <x>" [PARTIAL - only for domains, separate "bulk operations" page]

2011/07/20
 - Replaceable web templates
 - Stolen^Wborrowed from Curtis Bruneau's API, sort of):
   - Multiple templates per group, including sane default template (integrate with default records;  add
     "template" column)
   - Deep search (eg record content) from high UI layer
   - Locations/views

2011/08/31
 - OOPishness:  Once things are converted to put all entities/objects in the same table
   (with a single series of IDs to uniquely identify any give entity), create subobjects
   for user, group, domain, record, and defrec

2011/09/09
 - Options to bypass the "do you really want to delete <x>" pages, and Just Do It(TM).
   Should increase logging verbosity so it can be more easily undone (er, sorta)
 - Steal Vega's active_sessions table?

2011/09/21
 - (Ab)use DNS RR types in the range 65280 to 65534 ("Reserved for Private Use")
   for eg A+PTR, or bulk-rDNS default PTR

2011/10/07
 - Watch for undefined parameters
 - Componentizing:
   - Add custid field to domains (and/or groups?) to more easily
     allow retrieving a restricted set of domains
   - For production use, turn on "no errors on template var doesn't exist"
     for HTML::Template
   - Config knob to allow loading complete custom templates (fall back to stock ones)

2011/10/13
 - Catch "delete group with stuff still in it" errors.  Or possibly offer a flag to
   really "YES DAMMIT I WANT IT ALL GONE" delete all children of a group with stuff in it.

2011/10/20
 - Add "back to <parent>" link in log for domain
 - Add subgroup count to group list
 - Add log link to users, domains, groups? listings
 - Validate A -> \d+\.\d+\.\d+\.\d+, AAAA -> [\da-f:]+ before
   feeding to NetAddr:IP;  don't want to enter a v6 address on
   an A record or vice versa [COMPLETE]

2011/10/27
 - Add support for converting a bare "@" as the hostname into the domain name a la BIND
   - do this on entry, or export?

2011/11/03
 - Log security violations in a separate log, accessible to a restricted group of users (ie, admin-only)

2011/11/08
 - Instead of logging failures alongside everything else, only log when a
   fail-counter for that action has passed a threshold.  Track the fail
   count in the session.

2011/11/10
 TODOs and ideas are now (mostly) in Trac (https://secure.deepnet.cx/trac/dnsadmin)