Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited  desc
2202Installer and UpgraderBug ReportHighUnable to upgradeUnconfirmed
310.09.201611.10.2016 Task Description

I tried to upgrade from to 1-0-rc1 but I end in an infinite redirection loop

I tried to use the github version, to change the domain name (hosted in dreamhost), to use/not-use the .htaccess, upgraded the version of php from 5.5 to 5.6, to change all the settings in the flyspray.conf.php file, but still having the error after to perform the Upgrade task and removing the setup dir

Used the prepacked dependencies since i cannot install them in this server


2208Backend/CoreInformationLowSeverity "medium" by defaultSuspended
2127.09.201629.09.2016 Task Description

Where i can change severity and priority by default?
I want change severity to “Medium” by default for group Basic
I cant find this option in the Flyspray settings.

2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
1.0123.09.201629.09.2016 Task Description

When a anonymous user tries to display a ticket of a non public project (for example by entering a random ticket id), Flyspray exposes the title of the non public project in the header bar.

Edit by peterdd: also applies to project description

2203Backend/CoreInformationLowlanguage files are in folder lang. But i can't change l...Unconfirmed
121.09.201621.09.2016 Task Description

In Admins Toolbox (Project preferences) i choose language de. The file exists in folder lang. But only english is shown. the same for french and so on. No really changes.

2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
1.0107.09.201609.09.2016 Task Description
Fatal error: Class 'League\OAuth2\Client\Provider\Github' not found in /html/bugs/includes/GithubProvider.php on line 11

I have downloaded this:
Precompiled with 3rd party libs for PHP5.6: flyspray-1.0-rc1_php56.tgz
and the file seems really dont exist.

2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
26.08.201626.08.2016 Task Description

The user preferences and the add new user screens both allow you to set the timezone offset of the user, however, we are only provided with whole hour offsets from GMT. This makes it impossible to select our timezone here in India, which is GMT+5:30 - IST(Indian Standard Time - Asia/Kolkata as per TZ Zoneinfo). In addition, there are also timezones in the GMT+x:45, which wouild also require to be handled. Note, this is totally independent of DST Changes, since some of the countries use DST(Like in Australia) and others do not(Like India).

Here is a link with more details of the same -

I will be trying to identify and fix the codebase to resolve this, and will hopefully have a patch to submit soon.

R. K. Rajeev

2198User InterfaceBug ReportLowMulti-Select from tasklist offers options to those who ...Unconfirmed
1122.08.201622.08.2016 Task Description

When viewing a project via the tasklist, there are a series of checkboxes available. If a user in a group with “modify own tasks” checks a box on a ticket - no matter who actually owns it - they are given a list of options to change it with.

This should not happen. The checkboxes should only be available from the tasklist if the user can actually edit the tickets they’d be next to.


2197Backend/CoreBug ReportHighChange Time for everyoneUnconfirmed
121.08.201622.08.2016 Task Description

Flyspray does not recover the time set in php.ini. On display, the system has two hour delay.

2135Backend/CoreBug ReportHigh"Modify own tasks" does not function correctly when add...Confirmed
1.013107.06.201622.08.2016 Task Description

“Oh, there are some incompatible properties set that must be resolved before moving this task to a different project.”

Oh, but I am not moving the task to a different project. Just trying to edit my own submission.

“Edit this task” → “Save details”

See attached screen capture.

1673Backend/CoreBug ReportHighOnly white screen after upgrade to 1.0 - reasonsConfirmed
1.1 devel31412.01.201117.08.2016 Task Description

After I upgraded to version 1.0 (the upgrade was successful), flyspray only shows a white page (and the source in firefox shows, that the page is completely white).

Please help us finding the roots of these bugs!

Please report what you were exactly doing before this happend, report us your steps made, the used php version, used OS version, and such information.

We think most cases of that “white screen” are relying on the third party vendor libraries behavior we use.
When a library detects an error, sometimes they just call die() or exit; of php, but suppress error messages. So the script just stopped not giving any output to browser.

The dev versions from github use composer for installing the required libraries. We will package them on the final release together and make sure most cases of “white screen” are fixed.

2122Backend/CoreBug ReportMediumopen_basedir restrictions for FS_CACHE_DIR not respecte...Suspended
422.04.201616.08.2016 Task Description

Edit by peterdd: renamed task summary

Affected versions: at least Flyspray 0.9.9(.7/*?) up to Flyspray 1.0 RC1

Original report: Title ‘Problem regarding 0.9.7 (1.0) to 1.0 RC-1 update’

I tried to update BT from modified version (database in original state) 0.9.7 to 1.0 RC-1 but I got strange error.

PHP is 5.6.

I try to use:
Precompiled with 3rd party libs for PHP5.6

and was doing as was written on upgrade procedure.

Strange is that “D:\SShopBT\includes\class.flyspray.php” there are errors regarding writtable path... Because the path is correct and all other Joomla and Wordpress web sites are working correctly..

After upgrade web site do not work att all. Login not working - just get error. So I must reverse (use backup) database and files.

Server is Windows Server and IIS (Internet Information Services)..

Complete error was (also seen in screenshot):

Warning: is_writable(): open_basedir restriction in effect. File(C:\PHP-temp) is not within the allowed path(s): (D:\) in D:\SShopBT\includes\class.flyspray.php on line 1162 
Warning: is_writable(): open_basedir restriction in effect. File(C:\PHP-temp) is not within the allowed path(s): (D:\) in D:\SShopBT\includes\class.flyspray.php on line 1164 
Warning: is_dir(): open_basedir restriction in effect. File(C:\Windows\TEMP\e865fa2fdfc11dbb32cc6262d247e766) is not within the allowed path(s): (D:\) in D:\SShopBT\includes\ on line 82 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\header.php on line 14 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\header.php on line 15 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\header.php on line 16 
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\includes\class.flyspray.php on line 893 
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\includes\class.flyspray.php on line 893 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\index.php on line 93 
Warning: Cannot modify header information - headers already sent by (output started at D:\SShopBT\includes\class.flyspray.php:1162) in D:\SShopBT\index.php on line 94 Headers are already sent, this should not have happened. Please inform Flyspray developers.
2193User InterfaceFeature RequestLowEdit a comment while seeing task details and other comm...New
07.08.201608.08.2016 Task Description

If someone with ‘edit comment’-permission wants to edit a comment, the edit comment form is shown on an extra page.

This is not optimal, because the editor cannot see task details or the other comments while modifying the comment.

Possible Solutions

  • with javascript is enabled: Stay on the ‘task detail’-page, just the comment changes from a ‘view’ layout to ‘edit’ layout, similiar to the quickedit-feature (like in FS1.0).
  • when javascript is disabled: The ‘edit comment’-page shows task details (check permissions) and other comments too, but maybe a bit narrow, so ‘visible focus’ is on editing the comment.
2052Text RenderingFeature RequestLowAdd Markdown syntax option for task descriptionsUnconfirmed
216.09.201508.08.2016 Task Description

“Markdown is a lightweight markup language with plain text formatting syntax designed so that it can be converted to HTML and many other formats using a tool by the same name.[6][7] Markdown is often used to format readme files, for writing messages in online discussion forums, and to create rich text using a plain text editor.” -

2009User InterfaceFeature RequestLowEdit task flowNew
2.0118.07.201507.08.2016 Task Description

Currently only a small portion of adjustements on a task is available in the “edit task” view.

To add or modify stuff in the current tab sections (comments, related tasks, notifications, effort tracking,..)
a user must go from edit task to view task page.

This not optimal for work flow.

To solve this quite much changes are needed. Because currently they are different http requests each with its own checks and request anwsers.

2190Backend/CoreFeature RequestLowenable move of a closed clask to other project without ...Researching
06.08.201606.08.2016 Task Description

Problem: By replacing just the project_id of the closed task it is possible the task then has invalid field values within the target project.

Possible scenarios:

  1. Ignore invalid values within the target project
    • Pro: Easy to do, an immidiatly revert back to the old project would “heal” the task properties.
    • Contra: may effect accuracy and reliability of other parts like searching, listing, statistic calculations
  2. Silent change task field values to valid field values of the target project if necessary
    • Pro: relative easy to do
    • Contra: a bit loss of information, little side effects
  3. allow user to modify the fields that must be changed so that every field of the task has valid values within the target project
    • Pro: accuracy
    • Contra: a bit loss of information(fallback to default values) if there are no similiar field values selectable within the project
  4. allow user to modify the fields, fields or field select values that do not exists in target project will be automatically created.
    • Pro: accuracy
    • Contra: target project may be cluttered with too many fields/field values
  5. ???
2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
01.08.201601.08.2016 Task Description

Flyspray should show a warning, and maybe set the focus back to the field (only when it is a this-one-field-only-form.)

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2136User InterfaceBug ReportMediumAfter updating user properties as admin - return to wro...Confirmed
308.06.201623.07.2016 Task Description

Logged in as admin, modify a users group membership. After clicking update, you are returned to your logged-in profile (admin in this case). It should re-display the user’s profile you are editing.

The ‘back’ button will return to updated page.

1236User InterfaceFeature RequestLowMark Issue As Verified or UnverifiableUnconfirmed
3409.04.200718.07.2016 Task Description

Currently, the Vote functionality provides users a way to say "this issue is important to me". In addition to that functionality, it would be great for users to have a "Verify" ability on open issues; it would provide users a way to say "yes, this happens to me as well".

A "Verified" label would fit nicely right under "Votes", to the right of the label would be "Yes | No", each option being a link. After clicking Yes or No, or if unable to specify (lack of permissions), the text would display "Yes - # | No - # (% verification)" where '%' is the result of ((Yes/(Yes+No))*100).

This feature should not show up on all issues, though. It does not make sense to "verify" a feature request or todo item, for example. When defining task types, the administrator would specify if a type was "Verifiable" by checking a box in a column next to "Show".

If implemented, two great, mini extra features would be:

  1. The ability for the administrator to set the number of "Yes" verifications an issue would need before it was elevated to the next priority, severity, or both (specified by the administrator).
  2. The ability for the administrator to set the number of "No" verifications an issue would need before it was lowered to the previous priority, severity, or both (specified by the administrator).

Both settings should have an option to be incremental (priority / status increased every x verifications) or not (increases once, no matter how many verifications are received); an "Incremental" checkbox would do nicely. Also, a little "Enabled" checkbox next to both settings would be clearer than having zero act as the disable mechanism.

As with voting, a permission should exist to enable or disable this option for a user group. For larger projects, moderators tasked with verifying bugs could be given the permission whereas smaller projects may leave verifications up to the community.

Lastly, a way to send a notification once the number of "Yes" verifications reached a certain value would also be a great addition.

2074User InterfaceBug ReportMediumOpening tasks from tasklistNew
1.0318.10.201518.07.2016 Task Description

Removing table on row click made it impossible to open a task’ details if you do not display the task id and summary on the task list, because now those two cells are the only clickable items to open a task, instead of the entire line being the hyperlink

1849Backend/CoreFeature RequestHighInstaller OverhaulPlanned
1.1 devel515.03.201315.07.2016 Task Description

The application installer needs an overhaul, all strict notices fixed and the associated dependant tasks resolved.

2108User InterfaceFeature RequestMediumSupport local language when install FlysprayConfirmed
3103.03.201615.07.2016 Task Description

Please show install page as local language, Thank you.

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

1753Backend/CoreFeature RequestMediumUsergroup Restriction: Only View SummaryConfirmed
1.1 devel4220.06.201227.06.2016 Task Description

I was really impressed with Flyspray and about to use it as our bug tracker, but then I discovered quite a big problem. You can't restrict users from seeing full task details.

I would really love the ability to let them only see the summary. My reason being is that I'm needing a bug tracker for my game, and bugs reported can be easily abused, and will be abused, if people can just read bug reports and see how to replicate them.

The reason I don't like just unchecking the "View Tasks" option, is because they wont be able to see if there is already a task about the bug, so we would just get flooded with duplicate reports on the same bugs.

2138User InterfaceFeature RequestVery LowOverhaul dokuwiki editor buttonbarNew
17.06.201617.06.2016 Task Description

Rethink the current sets of buttons and their functionality.

Maybe a mousover hint/cheatsheet of available dokuwiki syntax is more helpful in writing fast and efficient.

  • buttongroup links http,email,ftp
  • buttongroup code, code php: why a single button for php? maybe a cheatsheet or subselect for choosing a language (read directory plugins/dokuwiki/inc/geshi for that). Or even better: Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages
  • I miss a blockquote- or cite-tag for citation, which is more semantic than bold, italic, underline buttons. Update: It is the > character followed by text!
  • Show a cheatsheet (by mouseover?) of dokuwiki smileys as defined at plugins/dokuwiki/conf , update to current config of dokuwiki, facepalm for instance is missing
8-) 8-O 8-o :-( :-) =) :-/ :-\ :-? :-D :-P :-o :-O :-x :-X :-| ;-) ^_^ :?: :!: LOL FIXME DELETEME

8-) icon_cool.gif 8-O icon_eek.gif 8-o icon_eek.gif :-( icon_sad.gif :-) icon_smile.gif =) icon_smile2.gif :-/ icon_doubt.gif :-\ icon_doubt2.gif :-? icon_confused.gif :-D icon_biggrin.gif :-P icon_razz.gif :-o icon_surprised.gif :-O icon_surprised.gif :-x icon_silenced.gif :-X icon_silenced.gif :-| icon_neutral.gif ;-) icon_wink.gif ^_^ icon_fun.gif (not working as first character on a line, bug?) :?: icon_question.gif :!: icon_exclaim.gif LOL icon_lol.gif FIXME fixme.gif DELETEME delete.gif

2139User InterfaceFeature RequestVery LowAdd project setting of popular used programming languag...New
1.1 devel17.06.201617.06.2016
2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
2111Installer and UpgraderBug ReportMediumUpon trying to install flyspray release, setup says I'm...Planned
1980User InterfaceFeature RequestMediumTasklist - PDF ExportMaybe
2127User InterfaceFeature RequestLowoverhaul task detail page layoutNew
1820Backend/CoreFeature RequestLowMerge comments, history, and detailsNew
2126User InterfaceFeature RequestLowdynamic meta description (was: Change page title)Confirmed
1.1 devel217.05.201617.05.2016
2124User InterfaceFeature RequestVery LowDefault avatar can't be restoredConfirmed
2119Backend/CoreBug ReportMediumfunction filter_input not always availableResearching
2116EmailBug ReportMediumError with email notificationUnconfirmed
2112APIBug ReportMediumAssigned tickets aren't editable for lower privileged u...Unconfirmed
2039Installer and UpgraderTODOLowReview INSTALL, README, documentation files for release...New
1882EmailBug ReportMediumError with email notificationPlanned
2049Backend/CoreFeature RequestMediumDisplay login page or customizable page to anonymous us...Unconfirmed
1985Database QueriesFeature RequestVery LowFor developers - testing with huge flyspray data setsNew
2065User InterfaceFeature RequestMediumOne click signup (with facebook, twitter , Google, yaho...Unconfirmed
2097User InterfaceBug ReportMediumUrl incorrect for view attachementUnconfirmed
2105Backend/CoreFeature RequestMediumcountermeasures for 'add task anonymous' spamNew
2101Backend/CoreBug ReportLowMobile view GUI bugConfirmed
1737JavascriptTODOLowJavascript OverhaulNew
1.1 devel6125.05.201224.02.2016
1973Backend/CoreTODOLowurl rewritePlanned
1.1 devel214.03.201511.02.2016
1982Backend/CoreBug ReportLowdouble entries in assignees listNew
1.1 devel320.03.201511.02.2016
1751Backend/CoreFeature RequestMediumDefault to show all in Event LogConfirmed
1.1 devel1120.06.201209.02.2016
2096Backend/CoreFeature RequestVery LowAdd an option to force httpsMaybe
2094EmailBug ReportHighAfter Upgrade All Users Receive Notifications for All T...Unconfirmed
Showing tasks 151 - 200 of 316 Page 4 of 7

Available keyboard shortcuts


Task Details

Task Editing