Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on bugs.flyspray.org due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version  desc Opened Last Edited
2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016 Task Description

When a anonymous user tries to display a ticket of a non public project (for example by entering a random ticket id), Flyspray exposes the title of the non public project in the header bar.

Edit by peterdd: also applies to project description

2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018 Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2598User InterfaceBug ReportLowuser registration in admin area: "username taken" but t...Assigned
0%
peterdd1.0320.03.202014.04.2021 Task Description

Trying to add a new user having the same email address as an another user in the do=admin&area=newuser section results in

“That username is already taken. You will need to choose another one.”

instead of

“Email address has already been taken”

(I’ve stumbled on this issue because I have an older disabled user with the same email address)

2609User InterfaceFeature RequestLowAdd an Effort Description fieldPlanned
50%
1.0-rc115107.05.202001.04.2022 Task Description

It would be nice to have a description field to put a brief note about the work done for a given effort item. This would help when using effort tracking for the purpose of making invoices to a client.

2636Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18...Assigned
50%
peterdd1.0-rc11729.04.202123.07.2021 Task Description

I administer a moderate-sized (~14K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, mariadb 10.4.18) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

It churns a while before refreshing the screen, claiming a successful 1.0-rc10 upgrade. However, the upgrade seems to not actually “stick”, because clicking on the “return” button I’m dropped back into the upgrader, which is once again claiming I’m running 1.0-rc9 and prompting me to perform the -rc10 upgrade.

According to Flyspray’s admin ‘checks’ tab:

* PHP 7.4.16
* MariaDB 10.4.18
* default_charset: utf8mb4
* default_collation: utf8mb4_unicode_ci
* All tables are ‘InnoDB’

There are no errors logged that I can find, but the upgrade is clearly not working. If I revert to the -rc9 php files, everything continues along as if nothing was done.

Any suggestions?

2637Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6...Assigned
50%
peterdd1.0-rc11729.04.202105.05.2021 Task Description

I administer a small personal (<1K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, postgresql 12.6) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

Unfortunately, the upgrade fails spectacularly, with a reported SQL error that belies what’s actually wrong. Here’s a snippet from the postgresql logs where the upgrade is failing:

2021-04-28 10:33:07.190 EDT [2032049] ERROR: column “attachment_id” of relation “flyspray_attachments” already exists
2021-04-28 10:33:07.190 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN attachment_id SERIAL
2021-04-28 10:33:07.194 EDT [2032049] ERROR: current transaction is aborted, commands ignored until end of transaction block
2021-04-28 10:33:07.194 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN task_id INTEGER
[…and everything else fails because the transaction aborted…]

It appears that the upgrade script is blindly trying to create columns that already exist in the -rc9 database, and postgresql is treating this as a failure. Because the entire upgrade happens within one transaction, this means the entire upgrade fails at the outset and won’t ever succeed.

The way past this specific problem is to make these ALTER TABLE operations conditional (eg “ALTER TABLE flyspray_attachments ADD COLUMN IF NOT EXISTS task_id INTEGER”).

2669Database QueriesBug ReportLowuser and registrations tables: Illegal mix of collation...New
50%
peterdd1.0-rc11107.11.202208.11.2022 Task Description

The ajax call to check if a username is taken fails currently on https://bugs.flyspray.org when trying to fill the user registration form.
(beside the fact the registration confirmation loop is not working as mail server not correct configured)

Query {
    SELECT count(u.user_name) AS anz_u_user, count(r.user_name) AS anz_r_user
    FROM `flyspray_users` u
    LEFT JOIN `flyspray_registrations` r ON u.user_name = r.user_name
    WHERE LOWER(u.user_name) = ? OR LOWER(r.user_name) = ?}
 failed! (Illegal mix of collations (utf8_general_ci,IMPLICIT) and (utf8_unicode_ci,IMPLICIT) for operation &#039;=&#039;

Inconsistency probably due misconfiguration due manual upgrade + manual changes to the database.

Affected: maybe only https://bugs.flyspray.org

I fixed it on bugs.flyspray.org by running SQL commands:

ALTER TABLE flyspray_registrations CONVERT TO CHARACTER SET utf8mb4;

and

ALTER TABLE flyspray_users CONVERT TO CHARACTER SET utf8mb4;

Both now using the servers default collation, so they can be joined again by boths user_name field.

This can be seen as just a quickfix.

Why this happened at all?

I can only speculate about this as I can do some administration only since 2021.

I assume the defaults of mysql tables charsets and collation changed with mysql/mariadb versions and the upgrade scripts does not explicit handle that.

So lets say first it was utf8 and utf8_general_ci,
then utf8 and utf8_unicode_ci
and then utf8mb4 and utf8mb4_unicode_ci.

And when upgrading Flyspray and new tables where created they use the servers new default charset and collation while the older tables and varchar fields keep their old charset and collation which leads to inconsistencies.

And then there where probably manual interventions by admins (from 2003-2021?) who fixed/changed charset/collation on certain tables and fields manually by running SQL commands.

How it should be fixed

The Flyspray install and upgrade scripts and xmlschema03 files should contain information and settings for charset and collation for the table fields and upgrade scripts and should convert wrong charset and collation fields during an upgrade if they are wrong in the database.

Sadly ADOdb’s xmlschema03 lacks configuring and handling yet, so this must be done by the upgrade PHP scripts after running xmlschema03 xml files.

How it will be handled meanwhile

Extending Admin Toolbox→Checks sections to compare the current database with the intended configuration.

So admins can fix tables and field charset and collation where required.

Such inconsistency could be detected by admin checks - tab.

I would like to see that field users.user_name and registrations.user_name just be ascii (in mysql) and only accepts allowed username characters.

2660Backend/CoreBug ReportLowmention an user with "_" does not work: @user_testConfirmed
30%
peterdd1.0-rc11829.10.202208.11.2022 Task Description

@peterdd: It is not possible to tag the user, for example, @user_test.

It is stopped before “_”.

change by @peterdd: quickfix is now in master branch

2668Backend/CoreBug ReportHighCKeditor update (CVEs)Unconfirmed
10%
peterdd1.0-rc11202.11.202208.11.2022 Task Description

It is possible to update CKeditor?

Currently it is 4.16:
- https://github.com/Flyspray/flyspray/blob/master/js/ckeditor/CHANGES.md

Vulnerabilities / CVEs:
- https://www.cvedetails.com/vulnerability-list/vendor_id-12058/Ckeditor.html

There are at this time:
- 4.20: https://github.com/ckeditor/ckeditor4/tags
- 35.2.1: https://github.com/ckeditor/ckeditor5/tags

2210User InterfaceInformationLowTasklist color for due dateUnconfirmed
100%
612.10.201618.10.2016 Task Description

Hello,

I was wondering if there is a way to make the task more visible if it wasn’t completed due to the date that was selected by a user - let’s say a yellowish background in tasklist, just like the ones from custom css based on severity, but that will take color if the task has the due date passed.

2456User InterfaceBug ReportHighMissing GUI controlsUnconfirmed
80%
509.02.201810.02.2018 Task Description

After updating from “1.0-rc6” to “1.0-rc7 dev” there is missing controls menu on writer. Look attachment.
How to solve this?

Is there any settings to enable this or I’m missing something...

1749User InterfaceBug ReportLowSubmit form buttons on lower rightUnconfirmed
50%
117.06.201224.09.2015 Task Description

Any form should have its submit button directly below and to the right of the form.

This is most egregious on the New Task page where you have to scroll back up to the top right to submit.

1791Backend/CoreFeature RequestMediumAbility to merge version, OS, etcSuspended
50%
1112.12.201212.01.2017 Task Description

For example, say I no longer want 1.1, 0.9.9.8, 1.0.0, etc. So want to merge them all into one version 1.0. Same goes for OS, and others

1988Installer and UpgraderBug ReportMediumPassword Field for AdminUnconfirmed
50%
302.04.201512.05.2015 Task Description

The installer requests a password for the admin account, and provides a default one.

Because this field is not type=”password”, the browser caches this data for any field named “admin_password”

This also applies to future installations of the software.

I have marked this as critical as this can pose a security hazard. A different implementation would be allowing entry of password, or in the case of wanting to provide a default one, have two password fields prepopulated, and a text one prepopulated so that it can be viewed by the end user.

2065User InterfaceFeature RequestMediumOne click signup (with facebook, twitter , Google, yaho...Unconfirmed
50%
1109.10.201503.03.2016 Task Description

Hello,

I wanted to request a feature that will DRAMATICALLY increase the popularity and the usage of flyspray worldwide which is :

One click signup

This can be done by using existing signup solutions like openID, live.com, Google, Facebook ,twitter, Yahoo, gravatar (these are the most universal according to http://www.alexa.com/topsites)

The goal is to give a new user the possibility to sign up in less than 15 sec (and mention this in the signup page)
2208Backend/CoreInformationLowSeverity "medium" by defaultSuspended
50%
2127.09.201629.09.2016 Task Description

Hi,
Where i can change severity and priority by default?
I want change severity to “Medium” by default for group Basic
I cant find this option in the Flyspray settings.

2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017 Task Description

Pretty minor, but seems to show up regularly enough in our logs. The line in question:

$outfile = str_replace(' ', '_', $tasks[0]['project_title']).'_'.date("Y-m-d").'.csv';
2338Backend/CoreBug ReportMediumExport tasks to csv has issuesUnconfirmed
50%
202.02.201712.03.2019 Task Description

You cannot select the fields for export to csv. This means that the commentfield (edit: you mean task description, right?) is always exported too. As this commentfield task description (?) could contain quotes, comma’s etc (like people inserting copies of emails on an issue) it corrupts the output file and the file cannot be read by excel.

2344NotificationsBug ReportLowAdmins still get noticed for new users even with the op...Unconfirmed
50%
616.02.201724.03.2017 Task Description

/index.php?do=admin&area=prefs

There’s a checkbox on this menu to toggle whether admins get notices for new user registrations or not. Ours is off, but I’m still getting those notices.

2528User InterfaceBug ReportLowNew user registration doesn't check for duplicate usern...Confirmed
50%
505.01.201907.01.2019 Task Description

Steps done to create the problem:
Visit https://bugs.flyspray.org/index.php?do=register in a private browser window (so you are logged out)

Put in an already taken username (e.g. Stefan or Stefan2)

Expected behavior:
Username gets red and a note appears that username already is taken

Experienced behavior:
Username gets green and registration of a new user proceeds with sending a notification mail with confirmation code.
After putting in the confirmation code in provided page, user gets presented a “username is already taken, choose another” (where?) message, and has to re-start registration process from beginning and hopefully this time choose a not taken name.

2553User InterfaceTODOLowintelligent accesskey shortcut helper dependent of OS, ...New
50%
106.06.201929.07.2019 Task Description

The HTML accesskey attribute feature is differently accessible dependent of operating system, web browser and web browser configuration, and users keyboard layout and user language.

By taking advantage of the User-Agent HTTP header value provided by default by web browsers, Flyspray could better know of what kind of keyboard and browser the user sits in front off and show the key combinations for the accesskey feature that best fits the users environment.

2620Backend/CoreTODOMediumPHP8 compatibilityNew
50%
peterdd226.11.202017.08.2021 Task Description

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

  • Replace removed and deprecated functions with alternatives in our source code.
  • Upgrade used libraries or make used libraries compatible:
    • post github issue or pull requests for ADODB
    • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains too much stuff we do not need and changed much)
    • review used geshi
    • upgrade our swiftmailer version to PHP8 compatible version
    • upgrade our oauth2-client stuff to PHP8 compatible version
  • The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.
2425SlovenianFeature RequestVery LowTranslation: SlovenianConfirmed
40%
105.03.201705.03.2017 Task Description

I prepared Slovenian translation.
File is in attachment.
You can freely add to release.

2062User InterfaceTODOLowreview do=admin&area=editallusersNew
30%
329.09.201515.04.2020 Task Description

Bugs

  • Small javascript issue: When checkbox of one users row clicked, it doesn’t select the checkbox because the row click event handler doubles the click (check and uncheck, tested with firefox41). Clicking in the row (not on the name) selects the checkbox. fixed
  • browser back button after delete of a user not working as expected. (fix it by redirect 303 , see modify.inc.php how it done for other form submits)

Missing features

  • no sorting possible of the table (like tasklist)
  • no pagination (like on tasklist) OK, probably not needed: ~2000 user registrations on bugs.flyspray.org and no problem rendering the table in browser. Archlinux has over 12k users and my test with 30k generated users showed problems handling the huge query results. So we need this!
  • no filtering of user list possible
  • no helpful information for admins like registration date and last time of login of users (last login time requires a new field in flyspray_users) implemented in Flyspray 1.0-rc7
  • no summary about users like how many exists or how many are currently online (requires storing sessions in a db session (e.g. flyspray_session) table instead php default session directory) on the install. Or a statistic graph of activity or peaks of new registrations over time.
  • maybe show user profile image too in the list.
  • choosable user field columns - partially implemented since 1.0-rc7 by selecting groups of user fields and calculated user fields: user stats, user settings
2108User InterfaceFeature RequestMediumSupport local language when install FlysprayConfirmed
30%
3103.03.201617.04.2021
2303User InterfaceFeature RequestVery LowHome screen for private flyspraysRequires testing
30%
625.10.201626.10.2016
2308User InterfaceFeature RequestLowimprove user management for adminsNew
30%
227.10.201610.02.2021
2101Backend/CoreBug ReportLowMobile view GUI bugConfirmed
20%
418.02.201624.02.2016
2225GreekBug ReportVery LowGreek uses slash for datesConfirmed
20%
324.10.201622.11.2016
2573Backend/CoreTODOLowadd rel nofollow,ugc,.. settingsNew
20%
peterdd114.09.201915.09.2019
2581User InterfaceFeature RequestLowreplace bitmap icons of default themeNew
20%
31.10.201905.04.2021
2610User InterfaceFeature RequestLowEffort pop-up timerNew
20%
207.05.202024.08.2020
2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
10%
peterdd129.09.201525.03.2021
2111Installer and UpgraderBug ReportMediumUpon trying to install flyspray release, setup says I'm...Planned
10%
224.03.201605.06.2016
2143TranslationsTODOVery Lowjscalendar: week start should be monday, ISO 8601Confirmed
10%
201.07.201603.03.2019
2322User InterfaceFeature RequestMediumMention SystemNew
10%
7107.12.201619.10.2019
2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018
2601Public RelationsFeature RequestMediumhttp -> https missing redirection (19-04-09)Assigned
10%
Floelejudas_iscariote321.04.202025.09.2020
1222Backend/CoreFeature RequestMediumWorkflow engine / Role-based State Transition Rules Eng...Unconfirmed
0%
11725.03.200705.05.2019
1236User InterfaceFeature RequestLowMark Issue As Verified or UnverifiableUnconfirmed
0%
3409.04.200718.07.2016
1481User InterfaceFeature RequestLowDiff visualisationUnconfirmed
0%
4104.05.200809.03.2015
1518NotificationsFeature RequestLowShow last date/time when a reminder was sentUnconfirmed
0%
15.11.200815.11.2008
1521Backend/CoreFeature RequestLowAssignees should be able to see and create reminders fo...Unconfirmed
0%
22.11.200818.04.2009
1670User InterfaceFeature RequestLowAssign Key-Shortcuts to form fieldsUnconfirmed
0%
04.12.201004.12.2010
1856Backend/CoreBug ReportMediumWrong timezonesResearching
0%
1327.03.201306.03.2015
1957User InterfaceFeature RequestLowautomatic temporary storing while writing/editing taskResearching
0%
209.03.201512.03.2015
1958User InterfaceFeature RequestLowPreselect values for event log viewNew
0%
09.03.201509.03.2015
1960Backend/CoreBug ReportMediumforeign key relations between versions and tasksNew
0%
209.03.201513.08.2015
1961User InterfaceFeature RequestLowshow new notifications in flysprayNew
0%
11.03.201511.03.2015
Showing tasks 101 - 150 of 326 Page 3 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing