Flyspray - The bug killer!

  • Status Closed
  • Percent Complete
  • Task Type Bug Report
  • Category Backend/Core
  • Assigned To No-one
  • Operating System All
  • Severity High
  • Priority Very Low
  • Reported Version 1.0-rc
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Flyspray - The bug killer!
Opened by Arthmoor - 19.11.2016
Last edited by peterdd - 26.01.2018

FS#2314 - HTMLPurifier_Config error after installing 1.0rc4

Updated to the new security release today and anytime someone tries to add a comment, the following error is thrown:

Notice: Undefined variable: conf in /includes/class.backend.php on line 312 Fatal error: Class ‘HTMLPurifier_Config’ not found in /includes/class.backend.php on line 313

This is the offending code:

if($conf['general']['syntax_plugin'] != 'dokuwiki'){
	$purifierconfig = HTMLPurifier_Config::createDefault();
	$purifier = new HTMLPurifier($purifierconfig);
	$comment_text = $purifier->purify($comment_text);

After commenting this block of code out, comments can again be posted.

Closed by  peterdd
26.01.2018 03:22
Reason for closing:  Complete
Additional comments about closing:  

fixed in 1.0-rc6

Project Manager
peterdd commented on 19.11.2016 12:27

The Notice

I probably forgot to add global $conf (the Notice message) to function add_comment on github. :-(

public static function add_comment($task, $comment_text, $time = null)
        global $conf, $db, $user, $notify, $proj;

The Error

Missing HTMLPurifier

Which release files do you used? or one of the compiled Flyspray_*.tgz ?

Which PHP version?
Did you build from source with composer?
Did you have an old file composer.lock in flyspray directory?

HTMLPurifier was added to composer.json with FS 1.0-rc4

Either delete the vendor/ directory and run

php composer.phar install

again or run

php composer.phar update
Arthmoor commented on 19.11.2016 20:34

I used the source.tgz file.

PHP 5.6.11.

I ran the upgrade process from 1.0rc3 to 1.0rc4. No other steps that I am aware of unless that composer process is part of the upgrade.

Our tracker install is set to use dokuwiki format so HTML Purifier doesn't matter to us.

And yes, $conf was missing in the add_comment function. It's also missing in the create_task function later on in the same file.


Available keyboard shortcuts


Task Details

Task Editing