Wikimania Scholarships app/Cleanup sprint

Sprint 1: Cleanup existing code

 * Duration
 * 2013-10-23 through 2013-11-08


 * Team
 * Bryan Davis, Chad "^demon" Horohoe (consultant), Katie Filbert (consultant)


 * Sprint Goal
 * Have a functioning version of the existing application running in Labs with major code cleanliness and security concerns addressed.


 * Scope
 * Core functionality of the existing application, namely providing a data entry form with validation for requesting a scholarship and supporting a simple workflow for reviewers to triage and approve/decline requests.


 * Sprint review
 * 2013-11-12T19:00Z via google hangout

Primary concerns to be addressed

 * Robust and secure data access layer
 * PDO or possibly Doctrine DBAL
 * Robust and secure template layer
 * Twig is a likely candidate
 * Minimize number of files exposed via document root
 * Strong separation of code from configuration
 * Secure password storage for reviewers
 * Current unsalted md5 is unacceptable

Tasks

 * ✅ Move index.php and static content into a directory
 * ✅ Cleanup database schema
 * ✅ Make everything use routes
 * ✅ Move session initialization to router script
 * ✅ Securely delete session on logout
 * ✅ Format with code-utils/stylize.php
 * ✅ Change passwords to use crypt with Blowfish
 * ✅ Convert database calls to PDO
 * ✅ Implement Twig template engine & Slim framework
 * ✅ Convert application form
 * ✅ Convert public facing collateral pages (credits, privacy, contact, translate)
 * ✅ Convert reviewer pages
 * ✅ Convert user management pages
 * ✅ Move PHPMAILER to vendor directory
 * ✅ Convert to use autoloading
 * ✅ Change the way that Lang finds/loads localization files
 * Set include_path externally (not needed after other refactoring)
 * ✅ Custom 404 page
 * ✅ Deal with unhandled exceptions
 * Still possible to break things with an error in the error handler :(

Sprint review
The work done in this sprint was reviewed and approved by Ellie and Jessie. See Sprint 1 review notes for details.

Backlog
The backlog is a list of tasks that could/should be done discovered during the sprint. These are considered stretch goals and any unfinished at the end of the sprint will be considered for inclusion in the next increment.


 * The backlog task list has been moved to ../Backlog where it will be groomed and maintained.
 * --BDavis (WMF) (talk) 17:12, 19 November 2013 (UTC)