deverica / capstone-communities Goto Github PK

Bug description
The main page of the application displays the user's username and password within the HTML header. This is dangerous because of the fact that onlookers can easily steal the credentials of the users when they are logged in. This is also a violation of the ISO standard.

Steps to reproduce

1. Enter a username and password.
2. Click on Login.
3. Notice the "?LoginUserName=&LoginPassword=" within the header

Expected behavior
The header would load without including the username and password.

Bug description
Anytime a ' is inputted in a form field that is tied to our database, the application errors out. This gives a hint that SQL Injection is present in our fields.

Steps to reproduce

1. On the login page, input a ' and hit enter
2. Watch our app die.

Expected behavior
Our forms would be able to handle ''s

Current Situation
Currently, we have tables for User, Communities, and Posts. One of the desired functionalities for our application is to display events going on with the community

Desired Outcome
A table for events will be created with the following parameters : Event ID, Event Name, Event time, Event Location, Event Details.

Current Situation
Currently, our Post and Community displays in the home page aren't scrollable. The Posts and Events displays in the Community page are also not scrollable. This will hit us in the long run especially when it comes to scalability.

Desired Outcome
Turn the Post and Community displays in the home page into scrolling elements. Repeat for the Posts and Event page.

Current Situation
All code for the back end is located within one file, app.go. This makes it hard for implementing new features and debugging issues.

Desired Outcome
App.go needs to be split up into multiple files, with each file referencing a feature.

Current Situation
We currently have no method of displaying community events for the community page.

Desired outcome
When the event database is built, it needs to be converted into a form of HTML output.

Current Situation
The only way that our communities are tied to areas is by city. In order to display communities at certain locations within a city, we will need those particular fields.

Desired outcome
The communities table will have lat and long fields.

Current Situation
Currently, the 'Visit Communtiy' page goes to a mock up of what a community page should look like. Those pages should be given the ability to be associated with the community whenever a user wants to check out what a community is up to.

Desired Outcome
Turn the mock up of the community page into a page that is to be associated with particular communities. The post window should take in all posts of the community, and the event window should take in all events of the community.

After completing the rest of the tickets, we will work on Ads functionality. We will need a database that will hold all ads that will be posted by businesses around the user's area. The database should consist of the contents of the ad, and the lat and longitude coordinates of where the ad was created. Once that's established, I will work on a way to figure out how to select them for display.

Bug description
On remote hosted instances, if two people log into the application, the application only handles the most recent user, which results in other users viewing the person who most recently logged in.

Steps to reproduce
Remote Hosted Instances (e.g Linode, AWS)

1. Deploy the application.
2. Have two or more people connect to the application on the instance.
3. Have the people connected create accounts.
4. One person logs in.
5. Another person logs in.
6. The person in step 4 should hit refresh.
7. The person who logged in step 4 is now viewing the account of the person who logged in step 5.

Locally Deployed Instances

1. Deploy the application.
2. Open a private and a public window in your browser.
3. Navigate to the URL of your locally deployed instance (Default is localhost:9000)
4. Create two accounts.
5. Log into the first account on the public window.
6. Log into the second account on the private window.
7. Refresh the application page in the public window.
8. The public window is now viewing the account used in the private window.

Expected behavior
Both people would be able to view their accounts at the same time.

Current Situation
The only thing that our map outputs so far is a png image. This will make it quite difficult to render community positions.

Desired Outcome
The map should be able to take in other coordinate inputs and display them in addition to the city's coordinates. Coordinate displays for communities should be able to be clicked on.

Currenty, our database in the server only takes in plaintext passwords. #26 is a request that adds the functionality of hashed passwords. Before that is merged in, the server database must be updated to take in hashed passwords. The password column must take in strings of length 60, and all of the passwords currently stored in the database must be re-inserted in hashed form.

Bug description
The go back button within the profile page is redirecting to the login page.

Steps to reproduce

1. Input credentials into the login page.
2. Click on the My Profile button.
3. Click on the Go Back button.
4. Observe that you are back at the login page

Expected behavior
Profile's go back should redirect to the home page.