Doing the API sprint – 14th-15th of June, 2014.

BLOG

phplosy logoDoing the API sprint…

This weekend there is an API hackathon (which will be superfun for all to be sure) where some phpList users and developers, including some of the Open Funding crowd, are going to spend some time improving the phpList API. Here are the instructions on how to join in:

Where to meet

Some of the developers are meeting in Berlin and Manchester, but most of us will be meeting “virtually” in the phpList IRC channel.  We are meeting from 10am GMT. To access this, you need to log into the freenode network and joing the #phpList channel. If you are unsure of how to do this, there is a help site here.

Important: to ensure good communication, please make sure to:

  • Turn on auditory notifications in your IRC client (so you can hear people holler!)
  • Refer to people by name in the IRC (for clarity and better notifications)  – you can start typing their name and press tab for auto-complete in many clients

What we are working on

First of all, we need to examine the current code and plan the work. There have been several points mentioned allreadyon the developers mailing list have been discussed already. These include*:

      • Merging the two API’s (phpList download and phpList hosted)
        • The ability to disable certain calls easily (eg I cannot have people
          do a processqueue API call remotely).
        • The ability to throttle requests
        • Full security check and verification.
        • Logging of requests (or at least the option to switch it on).
      • Removing variables like “$_REQUEST[‘template’]” to improve security
      • A Bug https://mantis.phplist.com/view.php?id=17214
      • Documenting the API here http://resources.phplist.com/plugin/restapi
      • Centrally sanitise incoming variables (to what extent do we already do this)
      • Use PHP’s strip_tags() to specify allowable tags with a whitelisted subset of HTML

After that, we will allocate tasks and coordinate our efforts – this will likely be people choosing what tasks they wish to/feel able to do and discussing them as they go along in the IRC.

Sam Tuke will be handling the merge requests for the duration of the sprint.

During these things there will be lots of pizza and fun! Don’t forget to tweet your pics and experiences!

*Please note that list is my attempt (as a non-programming person) to summarize some stuff I don’t totally understand.