This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version  asc Opened Last Edited
2034User InterfaceFeature RequestLowreduced extended search form when applicableNew
17.08.201517.08.2015 Task Description

If a project has no versions defined yet and there are also no 'global' versions defined,
there is not need for displaying the version selects.

Same for categories. If no categories in project and no global categories then no need for displaying a cat select.

Maybe a tooltip/hint in the extended search form to inform the user that the fields were hidden for that reason.

2588Backend/CoreBug ReportLowps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permi...Unconfirmed
218.12.201905.02.2021 Task Description

Sometimes comes this message with a lot of backtrace log.
If you are reporting a bug please provide as much information as possible to help understand and reproduce the problem:

Did you installed an official release or did you used an inoffical docker?!
Official download flyspray-1.0-rc9

mysqlnd 5.0.12-dev
Linux 64bit
PHP Version 7.2.25

Steps done to create the problem:
Wait some weeke and edit a ID.

Experienced behavior:

[18-Dec-2019 13:19:41 Europe/Berlin] PHP Notice:  session_start(): ps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permission denied (13) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 13:19:41 Europe/Berlin] PHP Warning:  session_start(): Cannot send session cache limiter - headers already sent (output started at/var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 96
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 97
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 76
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 80
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 82
2482Backend/CoreInformationLowProtect issues by defaultUnconfirmed
110.08.201810.08.2018 Task Description

I get that your project is public and you want people visiting this site to see what issues you’re working on, but most people probably don’t want their bugs list open to the public;

Can this be protected/private by default?

2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
816.01.201918.01.2019 Task Description

I would like to restrict certain projects from view from normal users (Basic group.) I couldn’t find out a way to do it. I could restrict them from viewing tasks, which is good, but it would be nice to hide the project entirely from the Overview screen.

2617Backend/CoreFeature RequestLowPreview button not at the good placeMaybe
226.09.202026.09.2020 Task Description

The “Preview” button is not at the good place.

The “Preview” must to be near “Add this task” with same background button color.

Thanks in advance.

1958User InterfaceFeature RequestLowPreselect values for event log viewNew
09.03.201509.03.2015 Task Description

Most (or even all?) of the selectable events should be preselected in the selection list.

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2029Backend/CoreFeature RequestLowpossibility to let a user describe himselfNew
112.08.201518.01.2018 Task Description

This could be done by a textarea field (like comment text or task description) on the myprofile page and stored in a new field (of type text for instance) in the user table.

This allows the user to introduce himself to the other users.

Should be restrictive, for instance only simple text allowed, no html or tags.

2654Backend/CoreTODOMediumPHP8.1 compatibilityNew
19.10.202119.10.2021 Task Description

[ ] ADOdb xmlschema03 issues
[ ] other warnings/notices

2620Backend/CoreTODOMediumPHP8 compatibilityNew
peterdd226.11.202017.08.2021 Task Description

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

  • Replace removed and deprecated functions with alternatives in our source code.
  • Upgrade used libraries or make used libraries compatible:
    • post github issue or pull requests for ADODB
    • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains too much stuff we do not need and changed much)
    • review used geshi
    • upgrade our swiftmailer version to PHP8 compatible version
    • upgrade our oauth2-client stuff to PHP8 compatible version
  • The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.
2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
15.01.201815.01.2018 Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
2309User InterfaceBug ReportLowPHP noticed displayed on default "All Projects" page.Unconfirmed
302.11.201626.11.2016 Task Description

I am seeing some noticed on the front page of our tracker install that were not present prior to updating to 1.0rc3.

Notice: Undefined offset: 1 in <redacted>/scripts/index.php on line 202 Notice: Undefined offset: 2 in <redacted>/scripts/index.php on line 202

It’s displaying the full path to the files on the page.

There are effectively 2 issues here. One is that some kind of error is kicking up. Second is that it’s being shown to anyone who visits the site.

2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
423.01.201730.01.2017 Task Description

Pretty minor, but seems to show up regularly enough in our logs. The line in question:

$outfile = str_replace(' ', '_', $tasks[0]['project_title']).'_'.date("Y-m-d").'.csv';
2335Backend/CoreInformationLowPDF Attachment does NOT View/Open in New Window/TabUnconfirmed
127.01.201727.01.2017 Task Description

if a pdf is attached with commentit needs either be forced as download or open target _blank

1988Installer and UpgraderBug ReportMediumPassword Field for AdminUnconfirmed
302.04.201512.05.2015 Task Description

The installer requests a password for the admin account, and provides a default one.

Because this field is not type=”password”, the browser caches this data for any field named “admin_password”

This also applies to future installations of the software.

I have marked this as critical as this can pose a security hazard. A different implementation would be allowing entry of password, or in the case of wanting to provide a default one, have two password fields prepopulated, and a text one prepopulated so that it can be viewed by the end user.

2127User InterfaceFeature RequestLowoverhaul task detail page layoutNew
120.05.201625.05.2016 Task Description

There was a question on the mailing list:

I have a suggestion, even though I don´t know if it´s possible to do it. But if it is, it would be great!
In the comments list of a given task, is it possible that the comments appear from the newest one to the oldest ones, and not as it is now, with the new ones coming at the end of the list? This is because I deal with long comments list for a given task, and it is becoming difficult to reach the last one, that is, the newest comment, because the order in the comments is on the top, the older ones. If this could be altered it would be great. Kind regards
Ana ...

Quick anwsers:

  1. Users can use ‘End’-key and ‘Pos1’-key on their keyboard to scroll to bottom and top of page. (lame anwser I know)
  2. Another quick anwser is to just reverse the comments array in the appropriate template themes/CleanFS/templates/details.tabs.comments.tpl :


<?php foreach($comments as $comment): ?>


foreach($comments_latestfirst as $comment): ?>

But the real problem I think is that the details page (and others too..) is not optimized for todays wide screens (landscape views). Laptops have FullHD or higher but the Flyspray users still have to scroll to get an overview of a task.

And for narrows views too (mobile phones, tablet portrait view)

The attached screenshot shows moving the task details tabs beside their task description if the display width is over 1200 css pixel. (and the reversed comments too ;-) ). Done with pure css media query:

E.g. add to a custom stylesheet file custom_detailswidescreen.css in folder themes/CleanFS/ :

@media only screen and (min-width: 1200px) and (orientation: landscape) {
.details .tab{
.details .commenttext pre {
.details .comment_container .comment {
.details .comment_avatar {
.details #comments .fa.fa-user{
font-size:30px !important;
#submenu li a{margin-left:0;}
.details #submenu{
padding:1em 0 0;
.details #content{
/* just a temporary fix: should be redone in theme.css with class instead ids*/
#comments, #related, #notify, #remind, #effort, #history {margin-top:72px;}

(Has still some problems with current 1.0-rc1 when the project selector wraps. Also tab labels wrap if not enough width available and tab content do not adapt.)

What do you think? How should the details page look on different display sizes? How can it improve the workflow of the user?

2138User InterfaceFeature RequestVery LowOverhaul dokuwiki editor buttonbarNew
17.06.201617.06.2016 Task Description

Rethink the current sets of buttons and their functionality.

Maybe a mousover hint/cheatsheet of available dokuwiki syntax is more helpful in writing fast and efficient.

  • buttongroup links http,email,ftp
  • buttongroup code, code php: why a single button for php? maybe a cheatsheet or subselect for choosing a language (read directory plugins/dokuwiki/inc/geshi for that). Or even better: Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages
  • I miss a blockquote- or cite-tag for citation, which is more semantic than bold, italic, underline buttons. Update: It is the > character followed by text!
  • Show a cheatsheet (by mouseover?) of dokuwiki smileys as defined at plugins/dokuwiki/conf , update to current config of dokuwiki, facepalm for instance is missing
8-) 8-O 8-o :-( :-) =) :-/ :-\ :-? :-D :-P :-o :-O :-x :-X :-| ;-) ^_^ :?: :!: LOL FIXME DELETEME

8-) icon_cool.gif 8-O icon_eek.gif 8-o icon_eek.gif :-( icon_sad.gif :-) icon_smile.gif =) icon_smile2.gif :-/ icon_doubt.gif :-\ icon_doubt2.gif :-? icon_confused.gif :-D icon_biggrin.gif :-P icon_razz.gif :-o icon_surprised.gif :-O icon_surprised.gif :-x icon_silenced.gif :-X icon_silenced.gif :-| icon_neutral.gif ;-) icon_wink.gif ^_^ icon_fun.gif (not working as first character on a line, bug?) :?: icon_question.gif :!: icon_exclaim.gif LOL icon_lol.gif FIXME fixme.gif DELETEME delete.gif

2122Backend/CoreBug ReportMediumopen_basedir restrictions for FS_CACHE_DIR not respecte...Suspended
422.04.201616.08.2016 Task Description

Edit by peterdd: renamed task summary

Affected versions: at least Flyspray 0.9.9(.7/*?) up to Flyspray 1.0 RC1

Original report: Title ‘Problem regarding 0.9.7 (1.0) to 1.0 RC-1 update’

I tried to update BT from modified version (database in original state) 0.9.7 to 1.0 RC-1 but I got strange error.

PHP is 5.6.

I try to use:
Precompiled with 3rd party libs for PHP5.6

and was doing as was written on upgrade procedure.

Strange is that “D:\SShopBT\includes\class.flyspray.php” there are errors regarding writtable path... Because the path is correct and all other Joomla and Wordpress web sites are working correctly..

After upgrade web site do not work att all. Login not working - just get error. So I must reverse (use backup) database and files.

Server is Windows Server and IIS (Internet Information Services)..

Complete error was (also seen in screenshot):

Warning: is_writable(): open_basedir restriction in effect. File(C:\PHP-temp) is not within the allowed path(s): (D:\) in D:\SShopBT\includes\class.flyspray.php on line 1162 
Warning: is_writable(): open_basedir restriction in effect. File(C:\PHP-temp) is not within the allowed path(s): (D:\) in D:\SShopBT\includes\class.flyspray.php on line 1164 
Warning: is_dir(): open_basedir restriction in effect. File(C:\Windows\TEMP\e865fa2fdfc11dbb32cc6262d247e766) is not within the allowed path(s): (D:\) in D:\SShopBT\includes\ on line 82 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\header.php on line 14 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\header.php on line 15 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\header.php on line 16 
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\includes\class.flyspray.php on line 893 
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\includes\class.flyspray.php on line 893 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\index.php on line 93 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\index.php on line 94 Headers are already sent, this should not have happened. Please inform Flyspray developers.
2220Backend/CoreInformationLowOne status with different color in tasklistUnconfirmed
524.10.201603.11.2016 Task Description

Since we have a lot of tasks pending, our team leader wants a specific status (let’s say: Waiting for dispatch) to be marked with a green background in tasklist.
Can you please help me to make this mod?

Thanks in advance.

2065User InterfaceFeature RequestMediumOne click signup (with facebook, twitter , Google, yaho...Unconfirmed
1109.10.201503.03.2016 Task Description


I wanted to request a feature that will DRAMATICALLY increase the popularity and the usage of flyspray worldwide which is :

One click signup

This can be done by using existing signup solutions like openID,, Google, Facebook ,twitter, Yahoo, gravatar (these are the most universal according to

The goal is to give a new user the possibility to sign up in less than 15 sec (and mention this in the signup page)
1964DocumentationFeature RequestLowOn page documentationNew
11.03.201511.03.2015 Task Description

This is a parent task for all small helping or explaining tooltips that can be maybe added where approriate.

Many people don't like reading external documentations, which sometimes often is also not up to date with the current used version.

If you are doing something in Flyspray and you don't know exactly how it works or have to be done rigth and you must look at documentation, it breaks your workflow.

The best case is if its all perfect intuitive and you don't have to read any help texts. But in the case of more complex operations or things that do many things behind the scene a helping tooltip or explanation can give you a mental map and more trust into what the tool is doing.

2477Backend/CoreInformationLowold style MySQL extension is abandoned ..Unconfirmed
110.08.201810.08.2018 Task Description

the old php mysql extension is long ago reached its demise, why bother supporting it?

I also see in the database connector that your supporting MySQL/PDO - why not settle on that? If the queries aren’t MySQL specific, it becomes easier to support other DB’s, etc.

2549User InterfaceBug ReportLowOauth register template always shows "Username already ...Unconfirmed
06.05.201906.05.2019 Task Description

RC9 running on CentOS LAMP stack

Steps done to create the problem:
Set up google as an oauth provider.
Have a user click “Sign in with Google” in the login box.
User connects their account with Flyspray.
Google redirects the user back to Flyspray
The return screen (on flyspray) asks for a username.

Expected behavior:
No warning about duplicate username should be shown on initial page load since no username was entered yet

Experienced behavior:
A warning about the username being already taken is shown.

It appears there is no logic for showing or hiding that warning in register.oauth.tpl

(It would be great if flyspray was able to just use the email as a username to make the UX even better/simpler.)

2595NotificationsFeature RequestLowNotifications to message platforms Unconfirmed
105.03.202026.03.2020 Task Description

Is there any possible implementation in the future of a way to send new tasks and edited tasks in to discord or some messaging software like bots do, for example github bot will post new issues to a channel in discord so users can see and check up on things, especially for big projects which use these types of things and need a way to notify users of updates

2343EmailBug ReportMediumNotification mailUnconfirmed
214.02.201715.02.2017 Task Description

Good Morning,

I have this message error when I want configure SMTP Server :
Completely unexpected exception: Connection could not be established with host [Permission denied #13]
This should never happend, please inform Flyspray Developers

My flyspray installs on CentOS v7. Postfix installs on the server but I don’t configure anymore.

Can you help me please


2608EmailBug ReportMediumNotification email sent although not requestedUnconfirmed
2650NotificationsFeature RequestLownotification content or fields dependent of user permis...New
2528User InterfaceBug ReportLowNew user registration doesn't check for duplicate usern...Confirmed
2071EmailBug ReportLowNew user e-mail validationConfirmed
2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
2045User InterfaceFeature RequestLowneed add option for can set default Severity and Priori...Unconfirmed
2429Backend/CoreInformationLowMy tasks URLUnconfirmed
2198User InterfaceBug ReportLowMulti-Select from tasklist offers options to those who ...Unconfirmed
2481Backend/CoreInformationLowMove to MVCUnconfirmed
2305GreekFeature RequestVery LowMonth names not translatableUnconfirmed
2451Backend/CoreFeature RequestLowMod: blank Category - user must chose before pressing A...Confirmed
2101Backend/CoreBug ReportLowMobile view GUI bugConfirmed
2456User InterfaceBug ReportHighMissing GUI controlsUnconfirmed
2322User InterfaceFeature RequestMediumMention SystemNew
2435Backend/CoreInformationLowMax attach a fileUnconfirmed
2644Backend/CoreFeature RequestMediummark specific task as spam and punish user account who ...New
1236User InterfaceFeature RequestLowMark Issue As Verified or UnverifiableUnconfirmed
2551AuthenticationInformationLowLDAP/AD integrationUnconfirmed
2203Backend/CoreInformationLowlanguage files are in folder lang. But i can't change l...Unconfirmed
2554User InterfaceTODOLowkeyboard shortcuts help box should adapt to current pag...New
2656Backend/CoreFeature RequestLowkeep link parameters for new task if not yet logged inNew
2143TranslationsTODOVery Lowjscalendar: week start should be monday, ISO 8601Confirmed
2038Backend/CoreBug ReportLowJscalendar must be replaced with something elseNew
1999XMPP/JabberFeature RequestMediumjabber xmpp configurationNew
2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
Showing tasks 51 - 100 of 315 Page 2 of 7

Available keyboard shortcuts


Task Details

Task Editing