This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version   desc Opened Last Edited
1608Installer and UpgraderBug ReportLowreserved characters cause database error after installa...Unconfirmed
0% Task Description

the installer does not check for reserved characters when writing to flyspray.conf.php, causing parse_ini_file() to return an invalid database password.

1670User InterfaceFeature RequestLowAssign Key-Shortcuts to form fieldsUnconfirmed
04.12.201004.12.2010 Task Description

Forms should be submittable by using keyboard shortcuts.
S for submit.
Set-able via the accesskey attribute on HTML inputs.

1983Backend/CoreFeature RequestLowExport Roadmap as "Changelog"Unconfirmed
21.03.201521.03.2015 Task Description

It's a little like "text version". So you could use this exported changelog within a new release.

I think good was:

  • Only resolved tasks ordered by date (but of course without displaying the date) and only public accessible tasks
  • Without task number ("FS#...")
  • A download function via button
2045User InterfaceFeature RequestLowneed add option for can set default Severity and Priori...Unconfirmed
204.09.201504.09.2015 Task Description

need add option for can set default Severity and Priority of new creating tasks

2046User InterfaceFeature RequestLowGrouping in Task List Unconfirmed
104.09.201504.09.2015 Task Description

Need add view of grouping in Task List by Category

2048Backend/CoreBug ReportLowerror when adding data containing national charactersUnconfirmed
09.09.201509.09.2015 Task Description

this one is somehow tricky, it doesn't happens always but sometimes when fields or filenames contain national characters (I'm in Spain) flyspray returns an error looking like this one:

Query {INSERT INTO `flyspray_attachments` ( task_id, comment_id, file_name, file_type, file_size, orig_name, added_by, date_added) VALUES (?, ?, ?, ?, ?, ?, ?, ?)} with params {189,711,189_9c5d837bb10b7e0989a3c8be8d,application/pdf; charset=binary,736986,Guia de aplicación medidas difusicón y publicidad.pdf,4,1441827828} Failed! (Incorrect string value: '\xCC\x81n me...' for column 'orig_name' at row 1)

here we have a pdf named "Guia de aplicación medidas difusicón y publicidad.pdf" but I had this error also with titles or descriptions containing spanish letters...

2066Installer and UpgraderFeature RequestMediumAutomated site update (like Wordpress)Unconfirmed
209.10.201510.10.2015 Task Description

All is in the title

vote for this task please

2083User InterfaceInformationLowDrag and drop tasks on roadmapUnconfirmed
30.10.201530.10.2015 Task Description

On the roadmap it would make life a lot easier if it was possible to drag and drop tasks into versions.

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
26.08.201626.08.2016 Task Description

The user preferences and the add new user screens both allow you to set the timezone offset of the user, however, we are only provided with whole hour offsets from GMT. This makes it impossible to select our timezone here in India, which is GMT+5:30 - IST(Indian Standard Time - Asia/Kolkata as per TZ Zoneinfo). In addition, there are also timezones in the GMT+x:45, which wouild also require to be handled. Note, this is totally independent of DST Changes, since some of the countries use DST(Like in Australia) and others do not(Like India).

Here is a link with more details of the same -

I will be trying to identify and fix the codebase to resolve this, and will hopefully have a patch to submit soon.

R. K. Rajeev

2209AuthenticationFeature RequestMediumTLS support for LDAPUnconfirmed
109.10.201604.09.2019 Task Description

It would be helpful to have communication with LDAP via TLS

2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
21.11.201621.11.2016 Task Description

When filing a task, it’s possible to submit the task without any information at all being added to the main body of the ticket. This leads to reports that are of no value because the user can simply add some vague title, hit submit, and then wonder why nothing happens other than someone closing it later as invalid.

The main body of the ticket should be considered a required field and should throw an error if nothing is in the box.

2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
31.12.201631.12.2016 Task Description
symfony/event-dispatcher suggests installing symfony/dependency-injection ()
symfony/event-dispatcher suggests installing symfony/http-kernel ()
guzzle/guzzle suggests installing guzzlehttp/guzzle (Guzzle 5 has moved to a new package name. The package you have installed, Guzzle 3, is deprecated.)
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
2481Backend/CoreInformationLowMove to MVCUnconfirmed
10.08.201810.08.2018 Task Description

That way you can just protect the setup routes after installation, etc.

And have a much less cumbersome .htaccess file.

And take sensitive files outside of the server path and not risk letting them get out in the public

2484Backend/CoreInformationLowIncrease min. version of PHP requirementUnconfirmed
10.08.201810.08.2018 Task Description

Then you can gracefully drop support of old MySQL extension AND drop the need for password compat, since BCRYPT and password_hash are built into PHP from version 5.5 onwards

2524EmailInformationLowSMTP Mailer doesn't accept custom portsUnconfirmed
05.11.201827.11.2018 Task Description

Did you installed an official release or did you used an inoffical docker?!
MySQL 8.0.12, 7.2.9 on debian buster

Steps done to create the problem:
Enter server:port at Mail-Settings

Expected behavior: would make use of the custom port

Experienced behavior:
TLS Errors

          if ($fs->prefs['email_tls']) {
              $swiftconn = Swift_SmtpTransport::newInstance($fs->prefs['smtp_server'], 587, 'tls');
          } else if ($fs->prefs['email_ssl']) {
              $swiftconn = Swift_SmtpTransport::newInstance($fs->prefs['smtp_server'], 465, 'ssl');
          } else {
              $swiftconn = Swift_SmtpTransport::newInstance($fs->prefs['smtp_server']);

Should be changed to

          $someTemporaryVariable = explode(':',$fs->prefs['smtp_server']);
          if ($fs->prefs['email_tls']) {
              $swiftconn = Swift_SmtpTransport::newInstance($someTemporaryVariable[0], $someTemporaryVariable[1] || 587, 'tls');
          } else if ($fs->prefs['email_ssl']) {
              $swiftconn = Swift_SmtpTransport::newInstance($someTemporaryVariable[0], $someTemporaryVariable[1] || 465, 'ssl');
          } else {
              $swiftconn = Swift_SmtpTransport::newInstance($someTemporaryVariable[0], $someTemporaryVariable[1] || 25);
2549User InterfaceBug ReportLowOauth register template always shows "Username already ...Unconfirmed
06.05.201906.05.2019 Task Description

RC9 running on CentOS LAMP stack

Steps done to create the problem:
Set up google as an oauth provider.
Have a user click “Sign in with Google” in the login box.
User connects their account with Flyspray.
Google redirects the user back to Flyspray
The return screen (on flyspray) asks for a username.

Expected behavior:
No warning about duplicate username should be shown on initial page load since no username was entered yet

Experienced behavior:
A warning about the username being already taken is shown.

It appears there is no logic for showing or hiding that warning in register.oauth.tpl

(It would be great if flyspray was able to just use the email as a username to make the UX even better/simpler.)

2550EmailBug ReportLowException handling sending email notificationUnconfirmed
06.05.201906.05.2019 Task Description

Someone reported this:

Today i tried to report an issue about xxx on the xxx (namely xxx) and the following error message has been displayed:
Completely unexpected exception: Expected response code 250 but got code “451”, with message “451 Error in writing spool file "
This should never happend, please inform Flyspray Developers
The issue itself has been created though.
2587Backend/CoreTODOMediumdisplay_errors=1 should not set in release candidateUnconfirmed
18.12.201918.12.2019 Task Description

display_errors = 1 should not set in include/ for releases or releases candidate, because with this it is not possibele to disable the error reporting globaly.

The problem is, if I want to enable full error reporting to logfile via “error_log=…” in php.ini, then the error will also full reported to user. Full error reporting is a hig risk for security.

Did you installed an official release or did you used an inoffical docker?!

Steps done to create the problem:
Create a file in base directory with follow contens:
error_reporting = E_ALL | E_STRICT
log_errors = On
display_errors = Off
error_log = /var/log/php-flyspray-errors.log

Expected behavior:
Errors only to log file

Experienced behavior:
All errors goes also to user.
The option “display_errors = Off” has no effect.

2599Backend/CoreInformationLowadd post request on new task creationUnconfirmed
30.03.202012.04.2021 Task Description

I’m currently using flyspray

I want to make a little integration of our flyspray installation into slack.
I want make a POST request when a “new task is created”

Any experiment guy can help here ?
1. Where is the best place to achieve this quickly as “hack hardcode” 2. Im not php developer, is there any php lib in flyspray todo quick POST request without installing any additional lib.

2600Backend/CoreInformationLowError #17 when selecting a projectUnconfirmed
31.03.202031.03.2020 Task Description

When I am at the global projects page at index.php?do=admin&area=editallusers and now select a project from the dropdown menu at the top right, I get an error

FEHLER #17: Ungültiger Projektmanager-Bereich!

(according to the the translation area this is key 813: error17 Invalid PM area.)

If I select the project again, the projects start page will be shown correctly.

2613Public RelationsInformationVery LowEmail ist SignupUnconfirmed
116.09.202016.09.2020 Task Description

My School has blocked me from signing up for the Mailing list, how do I sign up or can you add me?

2614EmailBug ReportCriticalConnection timed out #110Unconfirmed
16.09.202016.09.2020 Task Description

If you are reporting a bug please provide as much information as possible to help understand and reproduce the problem:

Did you installed an official release or did you used an inoffical docker?!

database type and version, php version and OS version/linux distribution flavour, global or project settings you used that could be relevant for reproducing the problem

Steps done to create the problem: Deleate a Task

Expected behavior: Send a email

Experienced behavior:
Completely unexpected exception: Connection could not be established with host [Connection timed out #110]
This should never happend, please inform Flyspray Developers

2623EmailBug ReportMediumCompletely unexpected exception on email errorsUnconfirmed
01.02.202115.03.2021 Task Description

An incorrect email configuration may cause flyspray to hung during several seconds and report an exception.


* Linux Debian 10
* Nginx
* PHP-7.3 FPM
* Mariadb 10.3
* Flyspray 1.0-rc9

Steps done to create the problem:

  1. Cause a misconfiguration in the email configuration (e.g. an email server rejecting the user authentication)
  2. Try to post a comment on a ticket to generate a notification

Expected behavior:

Report the error in a logfile and gently show a user-friendly notification

Experienced behavior:

Flyspray hungs during several seconds and reports a user-unfriendly error:
The exception occurs in conditions that generate email notifications (e.g. posting a comment on a ticket):

Notice: fwrite(): send of 6 bytes failed with errno=104 Connection reset by peer in /var/www/flyspray/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php on line 240 Completely unexpected exception: Expected response code 250 but got code "421", with message "XXX edited XXX"
This should never happend, please inform Flyspray Developers
2666Backend/CoreBug ReportLowTag user with ID numberUnconfirmed
Showing tasks 301 - 326 of 326 Page 7 of 7

Available keyboard shortcuts


Task Details

Task Editing