Wikimania Scholarships app/Cleanup sprint

Duration

2013-10-23 through 2013-11-08

Team

Bryan Davis, Chad "^demon" Horohoe (consultant), Katie Filbert (consultant)

Sprint Goal

Have a functioning version of the existing application running in Labs with major code cleanliness and security concerns addressed.

Scope

Core functionality of the existing application, namely providing a data entry form with validation for requesting a scholarship and supporting a simple workflow for reviewers to triage and approve/decline requests.

Sprint review

2013-11-12T19:00Z via google hangout

• Robust and secure data access layer
  • PDO or possibly Doctrine DBAL
• Robust and secure template layer
  • Twig is a likely candidate
• Minimize number of files exposed via document root
• Strong separation of code from configuration
• Secure password storage for reviewers
  • Current unsalted md5 is unacceptable

•   Done Move index.php and static content into a directory
•   Done Cleanup database schema
•   Done Make everything use routes
•   Done Move session initialization to router script
•   Done Securely delete session on logout
•   Done Format with code-utils/stylize.php
•   Done Change passwords to use crypt() with Blowfish
•   Done Convert database calls to PDO
•   Done Implement Twig template engine & Slim framework
  •   Done Convert application form
  •   Done Convert public facing collateral pages (credits, privacy, contact, translate)
  •   Done Convert reviewer pages
  •   Done Convert user management pages
•   Done Move PHPMAILER to vendor directory
•   Done Convert to use autoloading
•   Done Change the way that Lang finds/loads localization files
• Set include_path externally (not needed after other refactoring)
•   Done Custom 404 page
•   Done Deal with unhandled exceptions
  • Still possible to break things with an error in the error handler :(

The work done in this sprint was reviewed and approved by Ellie and Jessie. See Sprint 1 review notes for details.

The backlog is a list of tasks that could/should be done discovered during the sprint. These are considered stretch goals and any unfinished at the end of the sprint will be considered for inclusion in the next increment.

The backlog task list has been moved to Wikimania Scholarships app/Backlog where it will be groomed and maintained.

--BDavis (WMF) (talk) 17:12, 19 November 2013 (UTC)[reply]