Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type Severity Summary Status Progress  desc Assigned To Due In Version Opened Last Edited
2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019 Task Description

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
0%
31.12.201631.12.2016 Task Description
...
symfony/event-dispatcher suggests installing symfony/dependency-injection ()
symfony/event-dispatcher suggests installing symfony/http-kernel ()
guzzle/guzzle suggests installing guzzlehttp/guzzle (Guzzle 5 has moved to a new package name. The package you have installed, Guzzle 3, is deprecated.)
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017 Task Description

We have some private Tasks in our FS-bugtracker to hide them from normal reporters. But we also have some external beta-testers in a betatesters-group and they should be able to see (and check) the private tasks without giving them a project manager status. So it would be good, if there is a switch in the group option to give specific groups the right to see private tasks.

2328Backend/CoreFeature RequestMediumAdd [key] support for each project instead of FS#Unconfirmed
0%
1120.01.201710.02.2017 Task Description

Adding key support for each project instead of using the prefix FS#<task_id>

Let the administrator choose the key for project.

What’s a project key?
It prefixes each task in the project

2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017 Task Description

The filename for the csv export is build based on project name and current date.

Due different handling of web browsers, the appropriate http header should send the filename in ascii and also provide them as utf-8 for web browsers who can handle that.

Related RFC5987

2333Backend/CoreInformationLowSet Default View on Login?Unconfirmed
0%
326.01.201727.01.2017 Task Description

I can’t see an option to set the default view after login. It always defaults to tasklist view when it would be useful to show the overview by default on login.

2335Backend/CoreInformationLowPDF Attachment does NOT View/Open in New Window/TabUnconfirmed
0%
127.01.201727.01.2017 Task Description

if a pdf is attached with commentit needs either be forced as download or open target _blank

2336Backend/CoreBug ReportHighCaptcha validation always fail on registrationUnconfirmed
0%
1301.02.201721.07.2018 Task Description

Correct or wrong code return false!

The results of Securimage Test Script on my server

This script will test your PHP installation to see if Securimage will run on your server.

Session Functionality: Yes!
GD Support: Yes!
GD Version: bundled (2.1.0 compatible)
imageftbbox function: Yes!
TTF Support (FreeType): Yes!
JPEG Support: Yes!
PNG Support: Yes!
GIF Read Support: Yes!
GIF Create Support: Yes!
SQLite Support: Yes!
SQLite is available. If you choose to use it, Securimage can support users who do not accept cookies.
MySQL Support: Yes!
MySQL is available. If you choose to use it, Securimage can support users who do not accept cookies by storing codes in MySQL.
PostgreSQL Support: No
No PostgreSQL support.
LAME MP3 Support: No
LAME was not found, audio will work in WAV format, but not MP3. See Securimage HTML5 audio documentation for info.
Your server meets the requirements for using Securimage!

on modify.inc.php line:754 got

if( !Post::isAlnum('captcha_code') || !$image->check(Post::val('captcha_code'))) {
if( true == false || false == false ) {
2346Backend/CoreFeature RequestLowCustom css inheritanceUnconfirmed
0%
220.02.201723.02.2017 Task Description

If i set up a custom css in the main FS settings the style doesn’t get applied to all nested projects. I have to set the css to all projects explicitly to get the stylings work on all project pages.
Wouldn’t it be a good idea to first load the css set in the main dialog and after that load an additional css specified in the sub project? Then it would be possible to specify general stylings for all projects and project based stylings also.

2427Backend/CoreFeature RequestLowallow hotlinking (direct links) to uploaded filesUnconfirmed
0%
207.03.201709.03.2017 Task Description

Currently all attached files get renamed (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f”) and they could be downloaded only throught the php script (”/index.php?getfile=1234”) which requires that user must be logged in to view the file.
It is not very convenient when you need to show a file to some person who is on mobile phone at the moment or using not a work computer. Also sometimes you might need to share a file with anyone without having them to register at your bug tracker.

I suggest you to add a checkbox like “create a direct link” when uploading a file, which will save the file with original name and extension but adding some random generated prefix (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f.screenshot331.png”).

However this poses a high security risk so there should be a list of allowed file extensions (e.g. “jpg,png,txt,pdf,doc,zip”) - only these files could be saved with the original extension. This list should be accessible by the main administrator only, thus the safest option would be storing it inside the “flyspray.conf.php”.

2429Backend/CoreInformationLowMy tasks URLUnconfirmed
0%
109.03.201720.03.2017 Task Description

Hey peterdd,

I was wondering: is there a standard URL for “My tasks”? I have an internal website and I would like to create a menu with a few submenus (Add task and My tasks) that link to FlySpray. However if I place the URL for My Tasks (being logged in with my user account), and copy this link to the menu, all others that click the submenu My Tasks, are seeing the tasks that where opened by me or where I am assigned, not that user that is connected on Flyspray with his account on his PC.

So that’s why I am asking for a generic URL of My Tasks, so I can place it on this middle-site?

Thanks

2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017 Task Description

So, there would be great option if we can set permission to users to see and post only in specific opened projects in bug tracker.

Idea is, that user has all right to all projects, but in some cases we want that user can see only projects which is allowed and also to publish new tasks to only allowed projects.

In that case tasks overiew is locked and user must be logged in to see opened tasks.

2435Backend/CoreInformationLowMax attach a fileUnconfirmed
0%
118.07.201718.07.2017 Task Description

Hello,

Can you tell me which file to modify to increase the size of the attachments? Currently limited to 2mb. I would like to authorize 4mb

Thank you

Julia LECLERC

2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017 Task Description

The dokuwiki renderer automatic creates for each h(1-6) tag an html id attribute, but doesn’t ensure that this:

  • is not used by Flyspray templates
  • is unique across all tasks (tasklist summary/description mouseover!), id must be unique on a webpage.

Example: id=”footer” and id=”title” are used by the default CleanFS template for example.

id=”footer”

title

id=”title”

title

id=”title1”

title

id=”title2”

The original intention I think is to make dokuwiki content each h-section linkable, for instance by a “table of contents” at top of a wiki content page.
This is currently not used by the dokuwiki integrated in Flyspray, but could be in future.

Possible solution

Add the task_id to the generated id h(1-6) tags, for instance “d1234_footer” “d1234_title”

d - like description

(t1234 used for tags/labels id currently)

2439Backend/CoreFeature RequestLowClone a ProjectNew
0%
15.09.201715.09.2017 Task Description

There is a request for cloning a project on Flyspray mailing list:

Would be a very welcome features to have Project Templates for repetitive workflow. Any idea if its in the pipeline?
Thanks

Well, not yet.

The question is, how exactly you want that project clone.

Do you want just a rough copy of the project table entry?
Thats quite easy and can even be done without programming or writing a line of SQL just by using PHPMyAdmin (or similiar Tools for PostgreSQL) and copy a row of the project table for example.
See yellow marked project table on the right of the attached dbschema screenshot.

The other extreme is copying every project depending list table entries to new ones.
This sure requires some programming, but not too hard to add this to Flyspray. (all yellow marked tables in the attached dbschema screenshot.

I attach a rough form mockup how could this could look like.

Possible solution

  1. add a new file scripts/ folder for instance copyproject.php (check admin permission)
  2. add a template file to themes/CleanFS/templates/copyproject.tpl
  3. Set a link to that clone form page somewhere, for example on the toplevel page of a project (see screenshot)
  4. Handle the adminuser (or add a clonepermission for that project manager usergroup) submitted form careful and savely either by includes/modify.inc.php (or like scripts/copyproject.php to keep it seperate from core)

The link to the clone form looks then ?project=123&do=copyproject

2440Backend/CoreFeature RequestLowOption to disable tag featureNew
0%
15.09.201715.09.2017 Task Description

There is a wish on the Flyspray mailing list:

Is there a way of hiding the TAGS input field from the Add New Task form?
Alan

If it is just hiding on that form, there are several options to achieve this (from simple to complex)

A) Hide by CSS

Add that rule to themes/CleanFS/theme.css CSS file:

#edit_tags{display:none;}

B) Hide by CSS (better)

Add a rule to a custom_*.css, for instance themes/CleanFS/custom_mytheme.css

#edit_tags{display:none;}

and choose custom_mytheme.css in your project settings.

D) Edit themes/CleanFS/templates/newtask.tpl directly

and remove the whole div-tag with id=”edit_tags” (all between ‘<div id=”edit_tags>”’ and its closing ‘</div>’ (not recommended)

E) Use a custom template

  1. Create a folder in themes/, for instances themes/mynotagtheme/
  2. Only copy themes/CleanFS/templates/newtask.tpl to themes/mynotagtheme/templates/newtask.tpl
  3. Make the changes to that newtask.tpl like in B) (custom theme not overwritten by Flyspray Updates if you keep or backup your themes/mynotagtheme/ folders, but requires review if something has changed within themes/CleanFS/templates/newtask.tpl between version updates)
  4. Choose your mynotagtheme as project theme. All other files fall back to default themes/CleanFS/

(not tested, but thats the way it should work with current Flyspray 1.0-rc5)

D) Nag or caress someone

to finish tag feature for Flyspray with options/permissions to turn it off per project or project group or something like that.

This would effect not only that newtask form but all places where that options should kick in (listing tags in tasklist, tasklist filters etc)

2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
0%
15.09.201715.09.2017 Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the formattext.inc file? Seems unlikley because it’s so old but can’t work out why nothing shows.
Alan

I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.

As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.

As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.

Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions.
But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).

2447Backend/CoreFeature RequestMediumAllow notifications when a new task is createdUnconfirmed
0%
226.10.201729.10.2017 Task Description

The only (only!) feature that I have missing in Flyspray is an option to receive email notifications when a new task is created

I think that this could be in the profile of the user, and/or in the main configurations as “send a notification to the -group- (admins?) when a new task is created”

Thanks a lot! flyspray r00lz after all these years, never failed, no bugs, no hacks, fast and efficient! :)

A Happy user.

2448Backend/CoreBug ReportLowerror message in eventlog reportsUnconfirmed
0%
226.10.201729.10.2017 Task Description

The last version of Flyspray is simply amazing! it works like a charm :)

This is a small bug report in the eventlog page, that shows this message:

Notice: unserialize(): Error at offset 237 of 808 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88 Notice: unserialize(): Error at offset 229 of 796 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88

There’s a small screenshot: http://main.elivecd.org/ss/display.php?image=e-59f2541a445543.02125094.jpg

Thank you!
Thanatermesis

2451Backend/CoreFeature RequestLowMod: blank Category - user must chose before pressing A...Confirmed
0%
208.12.201714.12.2017 Task Description

Hello Peter,

I am interested in making the following mod:

When posting a new task, category should be blank by default, in order for the user that opens a new task to select that specific category.
If he doesn’t select any task, when pressing Add this task button, FlySpray should display an error message saying that the Category hasn’t been specified.

Do you think this mod can be made with the current version?
If so, do you mind if you help me a bit with the things that need to be modified?

Thanks!

2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018 Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
}
2466Backend/CoreInformationLowHow to run under httpsUnconfirmed
0%
1303.06.201802.12.2018 Task Description

I have changed the htaccess.dist into .htaccess and modified to force https.
However, despite having https activated on my site I cannot get Flyspray running, it’s waiting forever.When I abort I get a page without makeup. I have all other applications like cms and wiki running under https, so it is something I have not done in the flyspray configs obviously (as this site is running https too). But could you give me a hint?

I installed flyspray in a subdirectory, if that is something to know about...

regards, Albert

2476Backend/CoreInformationLowGuzzle/Guzzle is abandoned, should use library that's s...Unconfirmed
0%
110.08.201810.08.2018 Task Description

(Working on a network monitoring system that really needs a ticketing system, saw this and since I speak PHP, thought it would be a good place to start... I just installed and am sharing my notes, do with them what you will!)

2477Backend/CoreInformationLowold style MySQL extension is abandoned ..Unconfirmed
0%
110.08.201810.08.2018 Task Description

the old php mysql extension is long ago reached its demise, why bother supporting it?

I also see in the database connector that your supporting MySQL/PDO - why not settle on that? If the queries aren’t MySQL specific, it becomes easier to support other DB’s, etc.

2479Backend/CoreInformationLowUser table seems really complexUnconfirmed
0%
110.08.201810.08.2018
2480Backend/CoreInformationLowBetter file organizationUnconfirmed
0%
110.08.201810.08.2018
2481Backend/CoreInformationLowMove to MVCUnconfirmed
0%
10.08.201810.08.2018
2482Backend/CoreInformationLowProtect issues by defaultUnconfirmed
0%
110.08.201810.08.2018
2484Backend/CoreInformationLowIncrease min. version of PHP requirementUnconfirmed
0%
10.08.201810.08.2018
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018
2522Backend/CoreFeature RequestLowemail vs username login issuesResearching
0%
431.10.201802.11.2018
2527Backend/CoreBug ReportLowDatabase Check »Your mysql supports full utf-8 since 5....Unconfirmed
0%
105.01.201905.01.2019
2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
0%
816.01.201918.01.2019
2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
0%
216.01.201921.01.2019
2536Backend/CoreFeature RequestMediumstore session in Flyspray databaseNew
0%
221.01.201915.03.2019
2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019
2560Backend/CoreBug ReportLowdo not allow close task with reason duplicate referenci...New
0%
peterdd29.07.201929.07.2019
2561Backend/CoreFeature RequestMediumability to limit assignee permissions (was:User without...Confirmed
0%
705.08.201908.08.2019
2575Backend/CoreFeature RequestLowability to view and reset Flyspray default settingsNew
0%
19.09.201919.09.2019
2582Backend/CoreInformationLowHow to reach internal windows share (was: Internal URL)Unconfirmed
0%
304.11.201905.11.2019
1748Database QueriesFeature RequestLowSort by recent activityPlanned
0%
1.1 devel717.06.201211.03.2015
1985Database QueriesFeature RequestVery LowFor developers - testing with huge flyspray data setsNew
0%
224.03.201516.03.2016
2014Database QueriesFeature RequestVery LowAdd MS SQL Server as database backendMaybe
0%
2120.07.201530.07.2015
2304Database QueriesBug ReportMediumGreek letters crash tagsConfirmed
0%
126.10.201626.10.2016
2432Database QueriesInformationLowDelete tasks from all projects (like factory reset)Unconfirmed
0%
208.05.201710.05.2017
1964DocumentationFeature RequestLowOn page documentationNew
0%
11.03.201511.03.2015
2337DocumentationInformationLowFlyspray ThemesNew
0%
402.02.201716.02.2017
2568DocumentationBug ReportMedium[MANUAL] a missing image in "Understanding Permissions:...Unconfirmed
0%
101.09.201902.09.2019
1882EmailBug ReportMediumError with email notificationPlanned
0%
2.0622.12.201308.04.2016
Showing tasks 151 - 200 of 301 Page 4 of 7<<First - 2 - 3 - 4 - 5 - 6 - Last >>

Available keyboard shortcuts

Tasklist

Task Details

Task Editing