Flyspray

Flyspray does not recover the time set in php.ini. On display, the system has two hour delay.

The issue with many servers now and the reason that recaptcha does not work is because it requires servers to enable allow_url_fopen which is a huge security risk. That is why you get the warning message when you try to run recaptcha that file_get_contents failed to connect.

So the solution is to use Curl to do that job.

Here is the fixed file, excuse my mess i had not cleaned up my code yet... but recaptcha now works.

this file goes in the includes dir... you can clean up the file if you like again sorry about that.

Correct or wrong code return false!

The results of Securimage Test Script on my server

This script will test your PHP installation to see if Securimage will run on your server.

Session Functionality: Yes!
GD Support: Yes!
GD Version: bundled (2.1.0 compatible)
imageftbbox function: Yes!
TTF Support (FreeType): Yes!
JPEG Support: Yes!
PNG Support: Yes!
GIF Read Support: Yes!
GIF Create Support: Yes!
SQLite Support: Yes!
SQLite is available. If you choose to use it, Securimage can support users who do not accept cookies.
MySQL Support: Yes!
MySQL is available. If you choose to use it, Securimage can support users who do not accept cookies by storing codes in MySQL.
PostgreSQL Support: No
No PostgreSQL support.
LAME MP3 Support: No
LAME was not found, audio will work in WAV format, but not MP3. See Securimage HTML5 audio documentation for info.
Your server meets the requirements for using Securimage!

on modify.inc.php line:754 got

if( !Post::isAlnum('captcha_code') || !$image->check(Post::val('captcha_code'))) {

if( true == false || false == false ) {

Edit 2021-03-15: Only effects Flyspray source releases on Windows where running composer is required. Releases with included dependencies are not effected!

Moving task to another project seems to require fields updated to target project options. This operation is not possible on the task category field and possibly others. Attempting to submit changes gives error:

“Oh, there are some incompatible properties set that must be resolved before moving this task to a different project.”

However, you cannot select a new value (from the target list) for the properties in question.

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

From the ‘Task Statuses’ menu, when in the global project, the ‘delete’ cases are grayed out, preventing me from deleting them.

This is a problem for me because I would like to only have project specific statuses and I would like to name one of those statuses ‘Assigned’.

For now, I got around it renaming the system wide ‘Assigned’ status.

Add a system where people can donate towards a specific task. For example, I want to donate $10 if someone implements gravatars. The money sits in a pool, and then when someone claims that task and it is marked as completed by the admin, they get the bounty (less some commission that goes towards the project).

Maybe this is not an issue, but my problem is: upload images approximately 3000 px x 2000 px and this image appears larger than the monitor
is it possible that the image is automatically resized to 800 px x xxx px size

(reported by Ivan Cilic)

Save public files inside public or public_html directories, and non-public files outside of those directories;

config file

vendor directory

setup logic

etc

This goes onto another question/point - why are you deleting files from the vendor directory? It happens during composer install, and again after installation? Those files will just get put back if the user ever runs composer install again...

When entering the wrong SMTP information and then adding a user through Multiple New Users page, the error message is bad. It just says 'this should never happen'. Instead, we need to detect that it is an SMTP authentication error and report that issue to the user more clearly.

We need to have a better way to do user rights, group rights and manage users.

Here is what I am thinking, global administration can go to a ACL tab. Click on it and you have a simple way to add a new user / group. Two tabs on top are User Rights and Group Rights. These are global so each project will inherit the global setting for user / group.

Clicking on User Rights tab will lists users with a table to grant user rights. Specific to that user, it would be the same for group rights tab.

You can also search by a user name. This will make things faster to find that specific user.

I often used color identifiers for my Task Statuses in my old bug tracking solution, and it helped me prioritize things, like confirming unconfirmed bugs. The only thing that currently has colors, is the severity- I’d like a possibility to have (customizable) colors for Task Statuses too.

E.g. actual version, dueVersion, ...

Edit by peterdd: Topic was discussed earlier on https://github.com/Flyspray/flyspray/issues/130 (edit:It seems Jordan turned “issues” on github.com off in favor of bugs.flyspray.org)

The feature still exists but it is turned off until finished in a secure way. The possibility of sub and parent tasks requires many checks.

We must teach browsers not to use some input fields in the admin prefs area to offer to store it in their password manager.

Steps to reproduce:

1. Login with Firefox as admin into Flyspray. (Maybe other browsers behave same)
2. Go to admin prefs area (top right gear icon)
3. Click link somewhere else (so leaving admin prefs page)
4. Firefox browser pops up password manager as it detected some password input fields on admim prefs setting page. But in this case this is not wanted.

Either by using different input field names where the browser does not assume it is a login password field or find input field attribute to tell them.

auto-complete="off"

is not working anymore in browsers for password fields.

webbrowser: Firefox 85.0.2

Popup probably triggered by the password fields for configuring Email and XMPP notification: smtp_pass and jabber_password input fields. Firefox heuristic is too stupid to detect that these are for server configuration, not user login fields!

Neither

autocomplete="new-password"

nor

autocomplete="one-time-code"

attribute helped.

Stubborn Firefox ..

If I write a task and press the back button in the brower and go forward again, my expection is that the
text I wrote is still existing, even if I didn't save it.

It is frustrating losing a well thought issue editing and having it to rewrite.

All is in the title

vote for this task please

It would be great if the Admin Toolbox had an attachments section with an on/off switch, a max size setting, and it would print out all the reasons why it can’t set it to your desired value.

This would help in situations like  FS#2458 , it would be more clear if there is a setting to turn on/off attachments instead of turning them on and off by setting the rights if the attachments folder.

This way if the attachments setting is On, the GUI could also print an error “Attachments folder must be writable” when it detects that the writable attribute does not match the desired setting.

As title says

In version 0.9.9.5.1 (unfortunately I couldn't select this version in the dropdown list on the left), reminders can only be created and edited by Admins and Project Managers. I recommend to give Assignees the permission to create reminders for themselves. To minimize any programming impact, his may be done as part of the "edit own tasks" permission.

This topic has been reported by Engie as part of Bug #713 for version 0.9.8 as well: "Also it would be useful if a user could create reminder for himself." Although that bug is already closed ("fixed in devel"), this part is not yet solved in the current version.

An assigned ticket can't be edited by a lower privileged user.

Forms should be submittable by using keyboard shortcuts.
S for submit.
Set-able via the accesskey attribute on HTML inputs.

Hi, in order for us to push our name (rather than flyspray) on emails, notifications, and GUI we had to edit the language file to replace the text “flyspray” with our install site name. That way notifications come from our company name rather than flyspray.

It would be nice if you could take the site name variable and add it to the language files in all keys that face the public user and all notifications. This would not only prevent editing of the lang file but also make setup alot faster.

Thanks so much..
Dave

Actually you can't automatically add a bug report. Or i haven't found it.
In a first time a simple report via email or webservice could be great.

- Project Name
- Message
- System
- Version
- Status –> New
- Priority → Normal
- Category –> On a new category (created by default) : 'Automated report bug'

Sorry for bad grammar, i'am not english.

With the existence of now two peoples named “Peter” on bugs.flyspray.org (I - peterdd , and PeterTheOne)
there are several places where the full names are display instead of usernames and the user can’t know who is which “Peter” until he visits the users profile page.

Different solutions possible:

• more profile image/gravatar usage where user names are shown, on mouseover link title attribute shows username and realname
• display user name (username) instead of full name (realname)
• display full name and username (where much space available and precision needed)
• …

When adding the mention feature, the username will be probably the prefered setting as the username is unique but the realname not.

add a theme Setting in the user details, where the user can override the global theme setting (maybe even per project?) with his favourite theme.