In the localization module, we recently introduced the t function as a wrapper for translatable text.

While we still didn't integrate po management, it would be useful to start wrapping all translatable strings in t().

In terms of colors, Doctor messages in the bash currently look a bit random.

While it's "just" a bash script, we should consider enhancing it so that it looks better. Compare black terminal screen with white terminal screen in the process.

We have a "temporary form" tab that we are using to store node's system metadata and run shadow javascripts. This approach was actually temporary and looks weird. We need a smarter solution for making it an "invisible" tab.

We need to integrate Behat tests (using composer) in Quanta, in order to facilitate testing, preventing regressions, allow continuous integration, etc.

5-10 basic tests with custom behaviors (i.e. login, add node, etc.) would be a good start.

Integration of PhantomJS or similar library would also be benefical, for testing all Quanta features on an emulated browser.

At the moment, login and logout action, after being performed, redirect the user to the homepage.
We need to support for the [LOGIN] qTag a redirect attribute (as we do with the [REGISTER] qTag) allowing to setup a target for redirecting the user after a successful login/logout.

Is there a way to span tags into multiple rows? I'm not sure if it's currently available. I tried but the tags were not rendered.

At times your qtags might become very lengthy. It would be nice to span it into multiple lines for readability sake.

An example:

[MENU|links={LINK|title=about:about}---{LINK|title=work:work}---{LINK|title=services:services}---{LINK|title=partners:partners}---{LINK|title=blog:blog}---{LINK|title=contact:contact}|menu_class=menu text-center...]

Into something like:

 [MENU
       |links={LINK|title=about:about}---{LINK|title=work:work}---{LINK|title=services:services}---{LINK|title=partners:partners}---{LINK|title=blog:blog}---{LINK|title=contact:contact}
       |menu_class=menu text-center...
    ]

Or:

    [MENU
      |links=
        {LINK|title=about:about}---
        {LINK|title=work:work}---
        {LINK|title=services:services}---
        {LINK|title=partners:partners}---
        {LINK|title=blog:blog}---
        {LINK|title=contact:contact}
      |menu_class=menu text-center...
    ]

Integrate with Docker for easy delivery & deployment

A qtag can be filtered using the access module:
i.e.
[QTAG|filter=role@logged]

The filter are currently defined in access.hook.inc

We need to create a hook (i.e. hook_access_filters()) , so that each module can define its own custom filters.

We need to integrate an automated coding style check (i.e. PHPCodeSniffer) and add the check in a git pre-push hook, so that it's impossible to commit wrong code.

1. Integrate PHPCS in composer
2. Add rules that are good for Quanta
3. Add a git pre-push hook that prevents pushing formally incorrect code

The "catch-all" tpl (tpl^) should be works only if no other tpl is set.
the priority is:

• tpl (nodes in same folder)
• tpl- (nodes in sub-forlders)
• tpl-- (nodes in sub-sub-forlders)
• tpl---
• tpl----
• tpl-----
• tpl^ (all nodes, from current forlder to all sub-folders)

Current bug: at the moment, if you set
/folder/tpl^
and
/folder/tpl-

nodes in /folder/sub-folder/ will take tpl^ instead of tpl-

Create a nice install profile for a "portfolio" kind of site.

the hook_qtag function allows modules to interact with qtags while they are being rendered, .
I.e. the no_amp attribute can be applied to any tag to prevent it from appearing when user is navigating in an AMP mode.
i.e.
[LINK|no_amp:home]

The problem comes when you want to setup an attribute inside the qtag rendering itself,

function qtag_MYQTAG($env, $target, $attributes) {
$attributes['no_amp'] = TRUE;
....
}

While formally correct (and very useful) this won't work, because the hook_qtag is ran BEFORE the qtag is actually rendered, so the attribute no_amp (from the above example) won't exist yet.

We need a smarter way to attach parameters inside the qtag definition as well.

The OPERATIONS qtag renders in sequence;

• ADD qtag
• EDIT qtag
• DELETE qtag

Currently only ADD qtag create a correct output -> a ⊕ icon.
The other 2 tags renders as the ADD qtag icon code, "⊕", instead of edit and delete icon.

I think that it deals also with filter_xss function...

At the moment, roles are assigned manually, by altering the JSON of the user node by hand.
We would rather have something visual, like a dedicated Shadow form, to allow administrators creating and assigning roles visually.

This approach should include rules for deciding "which role can assign which role"

We need to create a way to do inline replacement of single files (i.e. node thumbnail, user avatar...).
This should (probably?) be done using Shadow, with its single display output.

Shadow is very powerful but (still) poorly documented so far; keep in mind that you can select the tabs to appear in shadow by adding javascript parameters. See in example the standard node edit buttons:

The qtag qtag_EDIT
https://github.com/quantacms/quanta/blob/master/engine/modules/core/node/node.qtags.inc#L283

and the JS
https://github.com/quantacms/quanta/blob/master/engine/modules/core/node/js/node.js

We need the garbage collector to become an useful and powerful tool, able to get rid of whatever is unused and consuming resources.

A good starting point would be removing automatically all the thumbnails related to nodes that are not existing anymore (i.e. deleted nodes).

by creating a node named "tags", the system complained that it existed already.
I realized that "tags" is a subfolder of .git (full path: ./.git/refs/tags), meaning that Quanta is also looking for nodes within this folder, that means performance loss and incongruencies.
Fix the Environment->nodePath function so that it skips .git when searching for real node paths.

In "manage files" tab, in node edit screens, we want to support multiple view modes.

Just as it happens in normal OSs views, we want at very least to support:

• list mode (similar to what we already have now)
  

• icons + preview mode
  

User should be able to switch between view modes using icons on top:

We need to create a bash version of Doctor, similar to what drush is in Drupal.
Browser version might be supported for the future, while that's still under brainstorming, as there is no safe way to grant access, assuming that sometimes Doctor needs to run even in a broken environment where even login could be impossible.

The login / register shadow forms have quite a poor appearance.

We should make them look a little better, and (eventually also enhance the appearence of the node edit form?)

Write all the documentation required so that Quanta user can make good use of the powerful grid module.

The [LINK] qtag is growing big and getting a bit messy.
We need to convert it to an object oriented approach, creating a new class (Link.class.inc), eventually in a separated link module, to handle all the attributes and parameters, and render them appropriately.

Currently, there is no means to increase the size of the fontawsome.

With the latest version of fontawsome, you can increase the size of the icon by passing to the class its size like: fa-2x, fa-3x, fa-4x, etc

I think this will be handful.

Step to reproduce

• Go to https://www.quantacms.com/

• Go to the bottom of the page, in the footer, click on the link Github community.

Response

404 - File not found

Doctor check should make sure that file system requirements are met:

• temporary folder must be writable by the web server (check folder owner and / or permissions and compare with web server user...)
• thumbnails folder must be writable (same as above)
• site folder must be writable (same as above)

Use hook_doctor_check() for integrating the checks above.

Currently we are using a standard MD5 / salt algorithm to store passwords.
It would be good to let the user choose a personal algorithm in his modules, to open the way to different, customizable encryption methods.

1. Pass $env variable to the passwordEncrypt() method, wherever it's called (so it will look like -passwordEncrypt($env, $pass)

2. Create a hook function that will allow other modules to change the default algorithm
   so it will look something like this

$vars = array('string' => $string)
$env->hook('passwordEncrypt', &$vars) 
if (!isset($vars['encrypted_string'])) {
   $encrypted_string = substr((md5(substr($pass, 0, 5) . 'ABC' . substr($pass, 5, 2) . 'nginE')) . md5($pass), 0, 50);
}
else {
  $encrypted_string = $vars['encrypted_string'];
}
return $encrypted_string;

Qtags are Quanta's core feature, and they are extremely powerful - but from great power, comes great responsability, especially when we consider that Qtags can be added (by design) anywhere, included the body, comments, etc. - and therefore, are virtually accessible to any registered and non registered user of a Quanta web application.
That's why we need to walk through the whole list of core qTags:
https://www.quantacms.com/qtags-overview/
and perform a security check of each of them.
It would not be acceptable in example if a qTag was discovered being able to access files and folders outside of its scope, or - even worst - system files.

Please perform a full security check, and do a short report per each qTag.
This is a paid (bounty) issue!

Unfortunately Froala, the wysiwyg editor that we have been using so far, can not be used for open source projects.
We need an alternative, as much professional and clean looking as possible.

https://techwiser.com/best-wysiwyg-html-editor-open-source/

This can be a starting point to test stuff out.

When you do something like

[JS|external:/assets/js/script.js]

It returns the document root path like:

<script src="/var/www/html/quanta/sites/quanta.test//assets/js/script.js"></script>

Instead of

<script src="/assets/js/script.js"></script>

Possible line of code

In order to support exposed filters and advanced querying of content, we need to create ElasticSearch support in Quanta.

This feature should include at very least:

• elastic search inclusion in Quanta (via composer and / or docker?)
• indexing of nodes on cron
• rendering of faceted search filters as [FACETS:fieldname] qtags
• rendering of search results as [RESULTS] qtag

Will then be extended with other attributes and features.

At the moment, the [INPUT|type=file] field, being used for drag & drop / multiple file uploads, can only be used inside a Shadow form.
This happens because the javascript needed by this input is loaded inside an invisible shadow tab:

https://github.com/quantacms/quanta/blob/master/engine/modules/core/node/tpl/node_data.inc

We need to make this more consistent, so that:

• the JS is loaded when there is an actual [INPUT|type=file], independently from where it's called
• the JS is never loaded two times

Create a "blog" install profile with a nice layout.