|
2316 | Backend/Core | Bug Report | Low | "wrongtoken" is displayed if the comment box is left si... | Assigned | |
peterdd | | 1 | 22.11.2016 | 29.07.2019 |
Task Description
I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.
Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.
Surely there has to be a better way to handle this that doesn’t incur data loss?
|
|
2559 | Backend/Core | Bug Report | Low | a duplicate close accepted even when missing comment/ r... | New | |
peterdd | | | 29.07.2019 | 29.07.2019 |
Task Description
Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.
The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.
Possible solutions
Frontend hints
variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)
Backend deny
variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
|
|
2598 | User Interface | Bug Report | Low | user registration in admin area: "username taken" but t... | Assigned | |
peterdd | 1.0 | | 20.03.2020 | 14.04.2021 |
Task Description
Trying to add a new user having the same email address as an another user in the do=admin&area=newuser section results in
“That username is already taken. You will need to choose another one.”
instead of
“Email address has already been taken”
(I’ve stumbled on this issue because I have an older disabled user with the same email address)
|
|
2636 | Installer and Upgrader | Bug Report | High | Failure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18... | Assigned | |
peterdd | 1.0-rc11 | | 29.04.2021 | 23.07.2021 |
Task Description
I administer a moderate-sized (~14K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, mariadb 10.4.18) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.
It churns a while before refreshing the screen, claiming a successful 1.0-rc10 upgrade. However, the upgrade seems to not actually “stick”, because clicking on the “return” button I’m dropped back into the upgrader, which is once again claiming I’m running 1.0-rc9 and prompting me to perform the -rc10 upgrade.
According to Flyspray’s admin ‘checks’ tab:
* PHP 7.4.16 * MariaDB 10.4.18 * default_charset: utf8mb4 * default_collation: utf8mb4_unicode_ci * All tables are ‘InnoDB’
There are no errors logged that I can find, but the upgrade is clearly not working. If I revert to the -rc9 php files, everything continues along as if nothing was done.
Any suggestions?
|
|
2637 | Installer and Upgrader | Bug Report | High | Failure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6... | Assigned | |
peterdd | 1.0-rc11 | | 29.04.2021 | 05.05.2021 |
Task Description
I administer a small personal (<1K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, postgresql 12.6) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.
Unfortunately, the upgrade fails spectacularly, with a reported SQL error that belies what’s actually wrong. Here’s a snippet from the postgresql logs where the upgrade is failing:
2021-04-28 10:33:07.190 EDT [2032049] ERROR: column “attachment_id” of relation “flyspray_attachments” already exists 2021-04-28 10:33:07.190 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN attachment_id SERIAL 2021-04-28 10:33:07.194 EDT [2032049] ERROR: current transaction is aborted, commands ignored until end of transaction block 2021-04-28 10:33:07.194 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN task_id INTEGER […and everything else fails because the transaction aborted…]
It appears that the upgrade script is blindly trying to create columns that already exist in the -rc9 database, and postgresql is treating this as a failure. Because the entire upgrade happens within one transaction, this means the entire upgrade fails at the outset and won’t ever succeed.
The way past this specific problem is to make these ALTER TABLE operations conditional (eg “ALTER TABLE flyspray_attachments ADD COLUMN IF NOT EXISTS task_id INTEGER”).
|
|
2639 | Javascript | Bug Report | Medium | Unable to "deny" a pending request | Researching | |
peterdd | | | 12.05.2021 | 13.06.2021 |
Task Description
My project has 37 pending requests. Each has a set of Accept / Deny buttons next to it.
If I click on Deny, a textbox pops up for me to enter “Reason for denial” but the entire page immediately regreshes/reloads back to the task list before I have a chance to enter the reason and submit it.
I can always “Accept” the request implicitly by going to the appropriate task and closing/re-opening it, but there’s no way to “deny” something without going through this UI path.
|
|
2063 | Backend/Core | Feature Request | Very Low | show closed/open usage count on do=pm&area=XXX | New | |
peterdd | | | 29.09.2015 | 25.03.2021 |
Task Description
Currently on
do=pm&area=cat
do=pm&area=version
do=pm&area=os
do=pm&area=resolution
do=pm&area=status
do=pm&area=tags
do=pm&area=tasktype
a count of usage in tasks is shown for every property.
Interesting would be if the counter shows the count for open/closed tasks on each row.
|
|
2573 | Backend/Core | TODO | Low | add rel nofollow,ugc,.. settings | New | |
peterdd | | | 14.09.2019 | 15.09.2019 |
Task Description
Find a good configuration name just reuse relnofollow as used by dokuwiki
Find a good translation keyword for that config relnofollow
Find a good translation keyword for config description (title attribute)
Goes into prefs table as it is sitewide configuration.
As first implementation a simple checkbox should be ok. Should be on the tab with other spam handling stuff like captcha configuration.
Is enabled by default (1). Adapt setup xml files, upgrade procedure.
|
|
2620 | Backend/Core | TODO | Medium | PHP8 compatibility | New | |
peterdd | | | 26.11.2020 | 17.08.2021 |
Task Description
PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.
The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.
|
|
2625 | User Interface | TODO | Low | avoid password manager popups in admin prefs area | New | |
peterdd | | | 10.02.2021 | 10.02.2021 |
Task Description
We must teach browsers not to use some input fields in the admin prefs area to offer to store it in their password manager.
Steps to reproduce:
Login with Firefox as admin into Flyspray. (Maybe other browsers behave same)
Go to admin prefs area (top right gear icon)
Click link somewhere else (so leaving admin prefs page)
Firefox browser pops up password manager as it detected some password input fields on admim prefs setting page. But in this case this is not wanted.
Either by using different input field names where the browser does not assume it is a login password field or find input field attribute to tell them.
auto-complete="off"
is not working anymore in browsers for password fields.
webbrowser: Firefox 85.0.2
Popup probably triggered by the password fields for configuring Email and XMPP notification: smtp_pass and jabber_password input fields. Firefox heuristic is too stupid to detect that these are for server configuration, not user login fields!
Neither
autocomplete="new-password"
nor
autocomplete="one-time-code"
attribute helped.
Stubborn Firefox ..
|
|
2657 | Email | Bug Report | Critical | currently new registration emails are not received by u... | Assigned | |
Floelejudas_iscariote | | | 24.11.2021 | 24.11.2021 |
Task Description
Regardless if a gmail.com or other address (tested with my gmail and also other email address)
So this is probably a mail server problem. I try to reach server admin.
I can see my “unfinished registrations” tests in the admin→checks area, but received no emails (waited and checking spam folders too)
|
|
2601 | Public Relations | Feature Request | Medium | http -> https missing redirection (19-04-09) | Assigned | |
Floelejudas_iscariote | | | 21.04.2020 | 25.09.2020 |
Task Description
From: https://groups.google.com/forum/?hl=en#!topic/flyspray/rAnks5y_uLk
19-04-09 // More one year ago.
There are not http → https redirections.
Only one example: - http://www.flyspray.org/docs/download/ is not redirected to https://www.flyspray.org/docs/download/
Note: It is better to have the main website in https://flyspray.org/.
http://www.flyspray.org/ + https://www.flyspray.org/ + http://www.flyspray.org/ must be redirected to https://flyspray.org/
|
|
1608 | Installer and Upgrader | Bug Report | Low | reserved characters cause database error after installa... | Unconfirmed | |
| 2.1 | | 07.10.2009 | 03.03.2013 |
Task Description
the installer does not check for reserved characters when writing to flyspray.conf.php, causing parse_ini_file() to return an invalid database password.
|
|
1673 | Backend/Core | Bug Report | High | Only white screen after upgrade to 1.0 - reasons | Confirmed | |
| 1.1 devel | 4 | 12.01.2011 | 17.08.2016 |
Task Description
After I upgraded to version 1.0 (the upgrade was successful), flyspray only shows a white page (and the source in firefox shows, that the page is completely white).
Please help us finding the roots of these bugs!
We think most cases of that “white screen” are relying on the third party vendor libraries behavior we use. When a library detects an error, sometimes they just call die() or exit; of php, but suppress error messages. So the script just stopped not giving any output to browser.
The dev versions from github use composer for installing the required libraries. We will package them on the final release together and make sure most cases of “white screen” are fixed.
|
|
1734 | Backend/Core | Bug Report | Low | Add Timezone Selection to Admin Panel | Maybe | |
| 2.0 | | 12.05.2012 | 07.03.2015 |
Task Description
Add Timezone Selection to Admin Panel
|
|
1749 | User Interface | Bug Report | Low | Submit form buttons on lower right | Unconfirmed | |
| | | 17.06.2012 | 24.09.2015 |
Task Description
Any form should have its submit button directly below and to the right of the form.
This is most egregious on the New Task page where you have to scroll back up to the top right to submit.
|
|
1856 | Backend/Core | Bug Report | Medium | Wrong timezones | Researching | |
| | 3 | 27.03.2013 | 06.03.2015 |
Task Description
Hello, when selecting timezone in user profile, it only offers offset based timezones. It should offer timezones like "Europe/Prague", instead, because in summer it is UTC+2 and in the winter UTC+1. Also UTC is the same as GMT.
Using offsets will cause invalid future and past times when crossing daylight saving or when something other changes.
Adding daylight checkbox is not enough and will cause additional troubles. Just use names and store them as ENUM in database, not offset. This problem is pretty complicated and the only solution is to use names and let libraries to solve it for you.
Thank you.
|
|
1861 | Backend/Core | Bug Report | Medium | Login-Page should redirect after login to the page, the... | Confirmed | |
| 1.1 devel | 1 | 12.04.2013 | 09.07.2018 |
Task Description
When some url to a bug is redirected to the login page, because the user does not have the right to see the bug without login, the user should be redirected after the login to the url he wanted to see.
Maybe redirect to /login/?next=/task/X and put the next-url in a hidden field in the login-form, so flyspray can redirect to the correct page after login. Even preserving anchor-urls (#comment-YYYY) would be cool, but i guess this needs Javascript to work.
|
|
1882 | Email | Bug Report | Medium | Error with email notification | Planned | |
| 2.0 | | 22.12.2013 | 08.04.2016 |
Task Description
Hello,
First of all, thanks for this great tool, very user friendly. I'm informing you as requested ("This should never happend, please inform Flyspray Developers" :)) because I'm getting this error message:
[Completely unexpected exception: Connection could not be established with host http://ssl0.ovh.net/ [php_network_getaddresses: getaddrinfo failed: Name or service not known #0] This should never happend, please inform Flyspray Developers]
I set up the SMTP configuration (SSL) with information provided.
Enclosed in PHPinfo configuration, if it helps.
Thanks
|
|
1919 | Backend/Core | Bug Report | Low | AJAX Quick-Edit on category and task pages | Planned | |
| 1.1 devel | 1 | 09.07.2014 | 07.12.2015 |
Task Description
Ability to click field to edit ticket
TODO: return handler if request ok or fail.
TODO: also clicks on label should trigger show form.
Maybe the whole “click to active for editing this field” to one click too much. So if the user has the rights to edit the value the form input or action button should be shown when viewing a task. All other people just see the value if they have the right to view the value.
|
|
1924 | Backend/Core | Bug Report | Low | Better errors messages on email error | New | |
| 1.1 devel | | 11.07.2014 | 06.03.2015 |
Task Description
When entering the wrong SMTP information and then adding a user through Multiple New Users page, the error message is bad. It just says 'this should never happen'. Instead, we need to detect that it is an SMTP authentication error and report that issue to the user more clearly.
|
|
1960 | Backend/Core | Bug Report | Medium | foreign key relations between versions and tasks | New | |
| | | 09.03.2015 | 13.08.2015 |
Task Description
It seem that when deleting a version entry in a project, that tasks that have this version assigned are still connected to this deleted version. For example FS#1222 (on 2015-03-09).
There are several options to solve such things:
The same for other assignments for tasks.
This issue is similiar to the massop issue: (https://github.com/Flyspray/flyspray/issues/130)
|
|
1965 | Public Relations | Bug Report | High | PR fixes for FS 1.0 on external sites | New | |
| 1.1 devel | | 11.03.2015 | 24.07.2015 |
Task Description
Summary of TODO I found on the net:
|
|
1967 | User Interface | Bug Report | Low | Keep browser scroll position when sorting task list | New | |
| 1.1 devel | | 12.03.2015 | 19.09.2015 |
Task Description
When I scroll down the page to see more of the task list and then click on one of the column headings to sot by this heading, the answer page doesn't scroll down to the table.
I think there are 2 technical solutions for that:
1. set an name/id a-anchor on top of the table and on each column heading link add for example '#tasklist'.
2. add a js-sorter with complete extra search and sort ajax-backend with e.g. libs from http://datatables.net/ This requires aleso writing a server side handler for taking the ajax requests (respecting user permissions!) and is only usable if js in enabled in browser. So this second solution can only be a luxury comfort function.
|
|
1977 | Backend/Core | Bug Report | Low | Weird URL after closing task with reference | Unconfirmed | |
| | | 15.03.2015 | 18.03.2015 |
Task Description
On Mac OS Safari:
I just closed a task and wrote the following into the comment for closing:
"See also F.S.#.14" (of course without the points). When I then click the link in the comment box (below the task details) I'm redirected to: "http:/flyspray.stefan-herz%0Aog.tld/index.php?do=details&task_id=%0A14". No matter if #14 is closed or not. It worked with Firefox.
Any suggestions?
|
|
1978 | User Interface | Bug Report | Low | Compensate degraded usability due added token system an... | Confirmed | |
| 1.0 | | 16.03.2015 | 12.10.2015 | |
|
1982 | Backend/Core | Bug Report | Low | double entries in assignees list | New | |
| 1.1 devel | | 20.03.2015 | 11.02.2016 | |
|
1988 | Installer and Upgrader | Bug Report | Medium | Password Field for Admin | Unconfirmed | |
| | | 02.04.2015 | 12.05.2015 | |
|
2004 | User Interface | Bug Report | Low | php notice on unset params on reports page | New | |
| 1.1 devel | | 18.07.2015 | 19.09.2015 | |
|
2007 | Backend/Core | Bug Report | Low | time on project overview activity timelines | New | |
| | | 18.07.2015 | 18.07.2015 | |
|
2018 | User Interface | Bug Report | Low | review keyboard navigation | Researching | |
| 1.1 devel | | 26.07.2015 | 29.07.2019 | |
|
2036 | Backend/Core | Bug Report | Very Low | session timeout | New | |
| | 1 | 21.08.2015 | 12.01.2016 | |
|
2038 | Backend/Core | Bug Report | Low | Jscalendar must be replaced with something else | New | |
| | | 23.08.2015 | 24.08.2015 | |
|
2042 | Backend/Core | Bug Report | Medium | function absoluteURI not using basedir and force_basedi... | Unconfirmed | |
| | 1 | 04.09.2015 | 01.10.2015 | |
|
2044 | Database Queries | Bug Report | High | Need set_charset for DB connect in config file | Confirmed | |
| 1.0 | 2 | 04.09.2015 | 09.04.2021 | |
|
2048 | Backend/Core | Bug Report | Low | error when adding data containing national characters | Unconfirmed | |
| | | 09.09.2015 | 09.09.2015 | |
|
2053 | Backend/Core | Bug Report | Low | ambiguous user name display username / realname | New | |
| 1.1 devel | | 17.09.2015 | 19.02.2020 | |
|
2055 | Backend/Core | Bug Report | Low | Make the csv export table fields respect the user permi... | New | |
| 1.1 devel | | 17.09.2015 | 17.09.2015 | |
|
2057 | Backend/Core | Bug Report | Low | Do not resubmit forms on browser reload button or F5 | New | |
| | | 22.09.2015 | 23.09.2015 | |
|
2058 | Backend/Core | Bug Report | Low | Closing of github.com 'Issues' feature | New | |
| | | 24.09.2015 | 24.09.2015 | |
|
2071 | Email | Bug Report | Low | New user e-mail validation | Confirmed | |
| | | 14.10.2015 | 14.10.2015 | |
|
2073 | Backend/Core | Bug Report | Low | Couldn't edit comment of anonymous reporter | New | |
| | | 17.10.2015 | 17.10.2015 | |
|
2074 | User Interface | Bug Report | Medium | Opening tasks from tasklist | New | |
| 1.0 | | 18.10.2015 | 18.07.2016 | |
|
2075 | Notifications | Bug Report | High | Too spammy notifications under some circumstances | Requires testing | |
| 1.0 | | 19.10.2015 | 03.11.2015 | |
|
2078 | User Interface | Bug Report | Medium | layout of requested close on small displays | Confirmed | |
| 1.0 | | 26.10.2015 | 12.04.2021 | |
|
2081 | User Interface | Bug Report | Low | UI for adding comment while editing task doesn't use HT... | Confirmed | |
| | | 29.10.2015 | 06.11.2015 | |
|
2089 | Backend/Core | Bug Report | Medium | adding same taskid as subtask or related task should be... | New | |
| 1.0 | | 07.11.2015 | 18.11.2016 | |
|
2094 | Email | Bug Report | High | After Upgrade All Users Receive Notifications for All T... | Unconfirmed | |
| | 1 | 06.01.2016 | 13.01.2016 | |
|
2097 | User Interface | Bug Report | Medium | Url incorrect for view attachement | Unconfirmed | |
| | 1 | 16.01.2016 | 02.03.2016 | |
|
2101 | Backend/Core | Bug Report | Low | Mobile view GUI bug | Confirmed | |
| | | 18.02.2016 | 24.02.2016 | |