Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category  asc Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016 Task Description
Fatal error: Class 'League\OAuth2\Client\Provider\Github' not found in /html/bugs/includes/GithubProvider.php on line 11

I have downloaded this:
Precompiled with 3rd party libs for PHP5.6: flyspray-1.0-rc1_php56.tgz
and the file seems really dont exist.

2112APIBug ReportMediumAssigned tickets aren't editable for lower privileged u...Unconfirmed
0%
231.03.201611.04.2016 Task Description

An assigned ticket can't be edited by a lower privileged user.

Steps to reproduce:

  • One Project, Two Users. User A is Admin, User B is Basic
  • A creates a Task.
  • A take ownership of the Task. (it’s important to do this AFTER saving the task. You cannot assign User A if you are A in this moment. Maybe another Bug...!?)
  • Now B is allowed to take ownershop too. B click now “Add me to assignees”.
  • Now B can edit the task.
  • If B click “save”, the task can’t be saved, because some fields haven’t the correct values (esp: state is now “unconfirmed”). Many error messages said, that unexpected values exist

Some weird moments:

  • Why can B edit a task? He have no rights to edit tasks...
  • If B are Basic and have “edit own Task”-Right too, this bug also exist.
1987APIFeature RequestMediumREST API to get metrics from flyspray projectsUnconfirmed
0%
229.03.201506.10.2015 Task Description

I need metrics for flyspray projects about a rest api. For example the count of issues for status, priority. I want use this values for my code analysis system http://www.sonarqube.org/ and other internal tools. It is possible to create a rest api with user authorization and only for metrics data?

2551AuthenticationInformationLowLDAP/AD integrationUnconfirmed
0%
315.05.201904.09.2019 Task Description

Hi

Please advise if there are known issues when integrating Flyspray with Active Directory using LDAP.

2209AuthenticationFeature RequestMediumTLS support for LDAPUnconfirmed
0%
109.10.201604.09.2019 Task Description

It would be helpful to have communication with LDAP via TLS

2107AuthenticationFeature RequestLowSupport CAS Server AuthenticateUnconfirmed
0%
202.03.201604.09.2019 Task Description

Please support Central Authentication Service, thank you.

1487AuthenticationFeature RequestLowLDAP(Active Directory) AuthenticationPlanned
40%
1.1 devel101121.05.200804.09.2019 Task Description

I have done a very quick bit of work to bring ldap (through active directory) authentication to flyspray for our implementation in the office. I hope it will be of use to others. There is a readme.txt inside talking through the process and the patch to apply. My plan is to expand on this and make it part of the setup process but this will take a bit longer.

2578Backend/CoreInformationLowGet glowing and Clear skin by Derma vi creamUnconfirmed
0%
22.10.201922.10.2019 Task Description

Derma VI Cream is a wonderful event in the therapeutic world. Supervisors have ensured that it is the one-stop answer for each and every skin issue relating to age similarly as sensibility. It offers every one of you round security from any skin trickery starting from sullying to UV bars. In like manner, by giving you hydration and drenched, it keeps your skin baby like and supple. It is stunning enough to with no assistance treat all your skin issues in a way so they remain away everlastingly back. Issues like skin hanging, wrinkles, dark circles and tanning, etc will be away for forever.

2575Backend/CoreFeature RequestLowability to view and reset Flyspray default settingsNew
0%
19.09.201919.09.2019 Task Description

Motivation

Over the years the count of possible Flyspray configuration options has grown. Meanwhile there are ~60 global Flyspray settings stored in the prefs database table in contrast to only 14 entries of the 0.9.7 (not 0.9.9.7!) version from around 2005. But each configuration setting might add a little to the feeling of overwhelming when there are too much switches, buttons, checkboxes and probability of a misconfiguration raises due misunderstood or overseen settings.

But Flyspray still aims to be easy to use and work with while being accurate and customizable.

Proposal

Having a way to view the description and default value of each option would probably give people administrating a Flyspray installation a better understanding of each setting and confidence in making good decisions for their use case.

With the flyspray-install.xml file within the setup folder we yet have an elegant solution that is waiting to unlock its power!

Unfortunately the setup/ folder requires (until now at least) to be removed after install or upgrade. So we need a way to keep the flyspray-install.xml of the installed version. A trivial way would be to copy it to the include/ directory after any install or upgrade, but also other solutions could be.

Keeping the flyspray-install.xml could making following features easier:

  • Reading default value of prefs setting. That could be shown for example as css title attribute /tooltip for each setting in the matching admin forms.
  • Reading default value and field description of any table field using the descr feature of ADOdb xmlschema03.
  • Comparing the real database structure with the table structures in flyspray-install.xml . This could be useful if someone extended or fiddled with database/tables to compare with official Flyspray releases. Or for developers to compare if an database upgrade went well and as intended.
  • Having the description of a setting or database field contained within the flyspray-install.xml is good at one place and the information is not spread around like in an external manual/wiki that maybe get unmaintained, not in sync with the application or get even lost over the years.
  • Using the xml format makes a migration easier (in a broader context, to Flyspray or away from Flyspray)
  • Using the descr tag could be used to hold information which field(s) of a database table is/are foreign key field(s) pointing to primary key field(s) of another table, even if ADODB xmlschema03 does not support it yet. Would generating database schema diagram directly from flyspray-install.xml possible. (instead of manually painting it that gets outdated when structure changes)

Things to take care:

  • ADOdb and xmlschema03 does not handle table comments and field comments yet. The descr tag so is there only used when looking into the .xml file, but it does not appear in the real database schema. To make this happen, there is a good portion of contribution to the ADOdB project required (making pull request, but also get them reviewed, tested, accepted and released with a ADOdb stable release)
  • ADOdb xmlschema03 does not define or handle foreign key constraints. Adding that would require a substantial amount of constribution to get it working reliable for all supported databases that could use foreign key constraints.
  • limits of table comment length, field comment length depend on database type and database version
2573Backend/CoreTODOLowadd rel nofollow,ugc,.. settingsNew
20%
peterdd114.09.201915.09.2019 Task Description
  1. Find a good configuration name just reuse relnofollow as used by dokuwiki
  2. Find a good translation keyword for that config relnofollow
  3. Find a good translation keyword for config description (title attribute)

Goes into prefs table as it is sitewide configuration.

As first implementation a simple checkbox should be ok. Should be on the tab with other spam handling stuff like captcha configuration.

Is enabled by default (1).
Adapt setup xml files, upgrade procedure.


	
2561Backend/CoreFeature RequestMediumability to limit assignee permissions (was:User without...Confirmed
0%
705.08.201908.08.2019 Task Description

I gave a role the following privileges:

  • view own tasks
  • modify own tasks
  • view comments
  • add comments

A user with the assigned role can still modify the task descriptions and task details. (I want that user to only be able to add comments.)
I think there is a bug.
Is there a fix or walk around?
Thx

2560Backend/CoreBug ReportLowdo not allow close task with reason duplicate referenci...New
0%
peterdd29.07.201929.07.2019 Task Description

So closing a task

FS#1

with

reason: duplicate

and close comment

FS#1

referencing to self should be detected to avoid such user mistakes.

2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019 Task Description

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

  • variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
  • variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
  • variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)

Backend deny

  • variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
  • variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
2536Backend/CoreFeature RequestMediumstore session in Flyspray databaseNew
0%
221.01.201915.03.2019 Task Description

Currently the sessions are stored by the webservers default settings.

Having this sessions under control by Flyspray by storing it in the database has following advantages:

  1. Allows handling of all sessions of a user by Flyspray.
  2. Providing a session management for each user. The user can see on which devices he is currently logged in and could also force a logout on selective devices.
  3. A forced logoff of all or some user sessions is easy implementable for admins.
  4. Statistics about how many users and who is logged in. (user status: hide always, online, offline, do not disturb, ..)
  5. Could make onpage-notifications easier to implement.
  6. .. ?

Disadvantages:

  1. A potential unknown security bug in Flyspray that could lead to reading a session db table could leak informations like who is currently online/active and make further attacks more focused or makes session takeover easier.
  2. .. ?
2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
0%
216.01.201921.01.2019 Task Description

When a Flyspray installation allows user self registration and has public but also more private projects, this feature could make the required configuration more clear:

In this case, keep the number of global user groups as low as possible and the global user group for basic or just registered users has only the ‘can login’ permission and nothing more.
Because that only would be useless for new registered users, adding them also to a basic user group of a public project could be useful.

So my suggestion is:

A new optional global setting: Something like ‘default project user group’ (store 2 values: a project_id and a group_id). Validity of that setting must be checked during any user registration, so that project must exists now and at later time as also that project user group within that project. (’Checks’ of admin prefs)

So it would be like this for a new registered userA:

  1. userA is in a basic default global user group: only login permission to handle his account registration (login, logout, user preferences, password forgotten)
  2. userA is in project X default user group: some basic permissions you want allow for every (new) registered user in project X
  3. project Y: all ‘allow anyone ...’-settings are unchecked, userA not in any user group of project Y

The setting is probably best put below the ‘Default global group for new users’ setting in the global admin prefs tab #userregistration as

Either: A dropdown list with all public projects with an existing user group and dependend on the selection the available basic project groups are loaded by ajax as a select list too.

Or: Only one dropdown list that contains a list of public projects with possible project user groups. Would not require extra ajax calls and is maybe enough because we could exclude project groups that have project manager permission or such configuration nobody would allow new registered users.

no default project user group
public projectA - simple user groupA1
public projectA - simple user groupA2
public projectB - simple user groupB
public projectC - simple user groupC

This idea could be enhanced further (put the new user to multiple public projects when he registers or let user choose from public allowed projects during registration process), but lets start simple.

2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
0%
816.01.201918.01.2019 Task Description

I would like to restrict certain projects from view from normal users (Basic group.) I couldn’t find out a way to do it. I could restrict them from viewing tasks, which is good, but it would be nice to hide the project entirely from the Overview screen.

2527Backend/CoreBug ReportLowDatabase Check »Your mysql supports full utf-8 since 5....Unconfirmed
0%
105.01.201905.01.2019 Task Description

Steps done to create the problem:
Access /index.php?do=admin&area=checks with a MySQL Version >= 5.5.3

Expected behavior:
Flyspray tests for character set and displays »Your mysql supports full utf-8 since 5.5.3. You are using x.x.x and flyspray tables could be upgraded.« when database schema or one table isn’t set to utf8mb4 character set.

Experienced behavior:
Flyspray always shows this note, even though character set is correct.

As far as I can tell from the source, a query gets executed to the database (and if I do that manually the result is “utf8mb4, utf8mb4_unicode_ci” for my database), but the result doesn’t get checket, the note is always shown (line 123)

2522Backend/CoreFeature RequestLowemail vs username login issuesResearching
0%
431.10.201802.11.2018 Task Description

So, I’ve been away from Flyspray for more than a few years. When I tried to login to the Flyspray here, I was unable to login, because I don’t remember my username, and I was unable to retrieve my username, because there’s no function for that. I was *also* unable to re-register the same email address. SO, having an account system that requires both unique usernames and unique email addresses, but has no way of retrieving one from the other, doesn’t work out so well.

Suggestion: either use email as username, or add a function to retrieve username (perhaps along with password retrieval . . password retrieval would then have to take username -or- email, probably)

2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018 Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2484Backend/CoreInformationLowIncrease min. version of PHP requirementUnconfirmed
0%
10.08.201810.08.2018 Task Description

Then you can gracefully drop support of old MySQL extension AND drop the need for password compat, since BCRYPT and password_hash are built into PHP from version 5.5 onwards

2482Backend/CoreInformationLowProtect issues by defaultUnconfirmed
0%
110.08.201810.08.2018 Task Description

I get that your project is public and you want people visiting this site to see what issues you’re working on, but most people probably don’t want their bugs list open to the public;

Can this be protected/private by default?

2481Backend/CoreInformationLowMove to MVCUnconfirmed
0%
10.08.201810.08.2018 Task Description

That way you can just protect the setup routes after installation, etc.

And have a much less cumbersome .htaccess file.

And take sensitive files outside of the server path and not risk letting them get out in the public

2480Backend/CoreInformationLowBetter file organizationUnconfirmed
0%
110.08.201810.08.2018 Task Description

Save public files inside public or public_html directories, and non-public files outside of those directories;

config file

vendor directory

setup logic

etc

This goes onto another question/point - why are you deleting files from the vendor directory? It happens during composer install, and again after installation? Those files will just get put back if the user ever runs composer install again...

2479Backend/CoreInformationLowUser table seems really complexUnconfirmed
0%
110.08.201810.08.2018 Task Description

why not store all the user preferences in preferences or user_prefernces? Then users can just be simple username, email, password?

2477Backend/CoreInformationLowold style MySQL extension is abandoned ..Unconfirmed
0%
110.08.201810.08.2018 Task Description

the old php mysql extension is long ago reached its demise, why bother supporting it?

I also see in the database connector that your supporting MySQL/PDO - why not settle on that? If the queries aren’t MySQL specific, it becomes easier to support other DB’s, etc.

2476Backend/CoreInformationLowGuzzle/Guzzle is abandoned, should use library that's s...Unconfirmed
0%
110.08.201810.08.2018 Task Description

(Working on a network monitoring system that really needs a ticketing system, saw this and since I speak PHP, thought it would be a good place to start... I just installed and am sharing my notes, do with them what you will!)

2466Backend/CoreInformationLowHow to run under httpsUnconfirmed
0%
1303.06.201802.12.2018 Task Description

I have changed the htaccess.dist into .htaccess and modified to force https.
However, despite having https activated on my site I cannot get Flyspray running, it’s waiting forever.When I abort I get a page without makeup. I have all other applications like cms and wiki running under https, so it is something I have not done in the flyspray configs obviously (as this site is running https too). But could you give me a hint?

I installed flyspray in a subdirectory, if that is something to know about...

regards, Albert

2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018 Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
}
2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
2451Backend/CoreFeature RequestLowMod: blank Category - user must chose before pressing A...Confirmed
0%
208.12.201714.12.2017 Task Description

Hello Peter,

I am interested in making the following mod:

When posting a new task, category should be blank by default, in order for the user that opens a new task to select that specific category.
If he doesn’t select any task, when pressing Add this task button, FlySpray should display an error message saying that the Category hasn’t been specified.

Do you think this mod can be made with the current version?
If so, do you mind if you help me a bit with the things that need to be modified?

Thanks!

2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018 Task Description

On creating task we got error on event which must send e-mail via “google mail”.

I hoped that in rc6 this will be solved but not. This error was the same on rc4.

2448Backend/CoreBug ReportLowerror message in eventlog reportsUnconfirmed
0%
226.10.201729.10.2017 Task Description

The last version of Flyspray is simply amazing! it works like a charm :)

This is a small bug report in the eventlog page, that shows this message:

Notice: unserialize(): Error at offset 237 of 808 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88 Notice: unserialize(): Error at offset 229 of 796 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88

There’s a small screenshot: http://main.elivecd.org/ss/display.php?image=e-59f2541a445543.02125094.jpg

Thank you!
Thanatermesis

2447Backend/CoreFeature RequestMediumAllow notifications when a new task is createdUnconfirmed
0%
226.10.201729.10.2017 Task Description

The only (only!) feature that I have missing in Flyspray is an option to receive email notifications when a new task is created

I think that this could be in the profile of the user, and/or in the main configurations as “send a notification to the -group- (admins?) when a new task is created”

Thanks a lot! flyspray r00lz after all these years, never failed, no bugs, no hacks, fast and efficient! :)

A Happy user.

2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
0%
15.09.201715.09.2017 Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the formattext.inc file? Seems unlikley because it’s so old but can’t work out why nothing shows.
Alan

I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.

As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.

As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.

Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions.
But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).

2440Backend/CoreFeature RequestLowOption to disable tag featureNew
0%
15.09.201715.09.2017 Task Description

There is a wish on the Flyspray mailing list:

Is there a way of hiding the TAGS input field from the Add New Task form?
Alan

If it is just hiding on that form, there are several options to achieve this (from simple to complex)

A) Hide by CSS

Add that rule to themes/CleanFS/theme.css CSS file:

#edit_tags{display:none;}

B) Hide by CSS (better)

Add a rule to a custom_*.css, for instance themes/CleanFS/custom_mytheme.css

#edit_tags{display:none;}

and choose custom_mytheme.css in your project settings.

D) Edit themes/CleanFS/templates/newtask.tpl directly

and remove the whole div-tag with id=”edit_tags” (all between ‘<div id=”edit_tags>”’ and its closing ‘</div>’ (not recommended)

E) Use a custom template

  1. Create a folder in themes/, for instances themes/mynotagtheme/
  2. Only copy themes/CleanFS/templates/newtask.tpl to themes/mynotagtheme/templates/newtask.tpl
  3. Make the changes to that newtask.tpl like in B) (custom theme not overwritten by Flyspray Updates if you keep or backup your themes/mynotagtheme/ folders, but requires review if something has changed within themes/CleanFS/templates/newtask.tpl between version updates)
  4. Choose your mynotagtheme as project theme. All other files fall back to default themes/CleanFS/

(not tested, but thats the way it should work with current Flyspray 1.0-rc5)

D) Nag or caress someone

to finish tag feature for Flyspray with options/permissions to turn it off per project or project group or something like that.

This would effect not only that newtask form but all places where that options should kick in (listing tags in tasklist, tasklist filters etc)

2439Backend/CoreFeature RequestLowClone a ProjectNew
0%
15.09.201715.09.2017 Task Description

There is a request for cloning a project on Flyspray mailing list:

Would be a very welcome features to have Project Templates for repetitive workflow. Any idea if its in the pipeline?
Thanks

Well, not yet.

The question is, how exactly you want that project clone.

Do you want just a rough copy of the project table entry?
Thats quite easy and can even be done without programming or writing a line of SQL just by using PHPMyAdmin (or similiar Tools for PostgreSQL) and copy a row of the project table for example.
See yellow marked project table on the right of the attached dbschema screenshot.

The other extreme is copying every project depending list table entries to new ones.
This sure requires some programming, but not too hard to add this to Flyspray. (all yellow marked tables in the attached dbschema screenshot.

I attach a rough form mockup how could this could look like.

Possible solution

  1. add a new file scripts/ folder for instance copyproject.php (check admin permission)
  2. add a template file to themes/CleanFS/templates/copyproject.tpl
  3. Set a link to that clone form page somewhere, for example on the toplevel page of a project (see screenshot)
  4. Handle the adminuser (or add a clonepermission for that project manager usergroup) submitted form careful and savely either by includes/modify.inc.php (or like scripts/copyproject.php to keep it seperate from core)

The link to the clone form looks then ?project=123&do=copyproject

2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017 Task Description

The dokuwiki renderer automatic creates for each h(1-6) tag an html id attribute, but doesn’t ensure that this:

  • is not used by Flyspray templates
  • is unique across all tasks (tasklist summary/description mouseover!), id must be unique on a webpage.

Example: id=”footer” and id=”title” are used by the default CleanFS template for example.

id=”footer”

title

id=”title”

title

id=”title1”

title

id=”title2”

The original intention I think is to make dokuwiki content each h-section linkable, for instance by a “table of contents” at top of a wiki content page.
This is currently not used by the dokuwiki integrated in Flyspray, but could be in future.

Possible solution

Add the task_id to the generated id h(1-6) tags, for instance “d1234_footer” “d1234_title”

d - like description

(t1234 used for tags/labels id currently)

2435Backend/CoreInformationLowMax attach a fileUnconfirmed
0%
118.07.201718.07.2017 Task Description

Hello,

Can you tell me which file to modify to increase the size of the attachments? Currently limited to 2mb. I would like to authorize 4mb

Thank you

Julia LECLERC

2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017 Task Description

So, there would be great option if we can set permission to users to see and post only in specific opened projects in bug tracker.

Idea is, that user has all right to all projects, but in some cases we want that user can see only projects which is allowed and also to publish new tasks to only allowed projects.

In that case tasks overiew is locked and user must be logged in to see opened tasks.

2429Backend/CoreInformationLowMy tasks URLUnconfirmed
0%
109.03.201720.03.2017 Task Description

Hey peterdd,

I was wondering: is there a standard URL for “My tasks”? I have an internal website and I would like to create a menu with a few submenus (Add task and My tasks) that link to FlySpray. However if I place the URL for My Tasks (being logged in with my user account), and copy this link to the menu, all others that click the submenu My Tasks, are seeing the tasks that where opened by me or where I am assigned, not that user that is connected on Flyspray with his account on his PC.

So that’s why I am asking for a generic URL of My Tasks, so I can place it on this middle-site?

Thanks

2427Backend/CoreFeature RequestLowallow hotlinking (direct links) to uploaded filesUnconfirmed
0%
207.03.201709.03.2017 Task Description

Currently all attached files get renamed (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f”) and they could be downloaded only throught the php script (”/index.php?getfile=1234”) which requires that user must be logged in to view the file.
It is not very convenient when you need to show a file to some person who is on mobile phone at the moment or using not a work computer. Also sometimes you might need to share a file with anyone without having them to register at your bug tracker.

I suggest you to add a checkbox like “create a direct link” when uploading a file, which will save the file with original name and extension but adding some random generated prefix (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f.screenshot331.png”).

However this poses a high security risk so there should be a list of allowed file extensions (e.g. “jpg,png,txt,pdf,doc,zip”) - only these files could be saved with the original extension. This list should be accessible by the main administrator only, thus the safest option would be storing it inside the “flyspray.conf.php”.

2346Backend/CoreFeature RequestLowCustom css inheritanceUnconfirmed
0%
220.02.201723.02.2017 Task Description

If i set up a custom css in the main FS settings the style doesn’t get applied to all nested projects. I have to set the css to all projects explicitly to get the stylings work on all project pages.
Wouldn’t it be a good idea to first load the css set in the main dialog and after that load an additional css specified in the sub project? Then it would be possible to specify general stylings for all projects and project based stylings also.

2338Backend/CoreBug ReportMediumExport tasks to csv has issuesUnconfirmed
50%
202.02.201712.03.2019 Task Description

You cannot select the fields for export to csv. This means that the commentfield (edit: you mean task description, right?) is always exported too. As this commentfield task description (?) could contain quotes, comma’s etc (like people inserting copies of emails on an issue) it corrupts the output file and the file cannot be read by excel.

2336Backend/CoreBug ReportHighCaptcha validation always fail on registrationUnconfirmed
0%
1301.02.201721.07.2018 Task Description

Correct or wrong code return false!

The results of Securimage Test Script on my server

This script will test your PHP installation to see if Securimage will run on your server.

Session Functionality: Yes!
GD Support: Yes!
GD Version: bundled (2.1.0 compatible)
imageftbbox function: Yes!
TTF Support (FreeType): Yes!
JPEG Support: Yes!
PNG Support: Yes!
GIF Read Support: Yes!
GIF Create Support: Yes!
SQLite Support: Yes!
SQLite is available. If you choose to use it, Securimage can support users who do not accept cookies.
MySQL Support: Yes!
MySQL is available. If you choose to use it, Securimage can support users who do not accept cookies by storing codes in MySQL.
PostgreSQL Support: No
No PostgreSQL support.
LAME MP3 Support: No
LAME was not found, audio will work in WAV format, but not MP3. See Securimage HTML5 audio documentation for info.
Your server meets the requirements for using Securimage!

on modify.inc.php line:754 got

if( !Post::isAlnum('captcha_code') || !$image->check(Post::val('captcha_code'))) {
if( true == false || false == false ) {
2335Backend/CoreInformationLowPDF Attachment does NOT View/Open in New Window/TabUnconfirmed
0%
127.01.201727.01.2017 Task Description

if a pdf is attached with commentit needs either be forced as download or open target _blank

2333Backend/CoreInformationLowSet Default View on Login?Unconfirmed
0%
326.01.201727.01.2017 Task Description

I can’t see an option to set the default view after login. It always defaults to tasklist view when it would be useful to show the overview by default on login.

2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017 Task Description

The filename for the csv export is build based on project name and current date.

Due different handling of web browsers, the appropriate http header should send the filename in ascii and also provide them as utf-8 for web browsers who can handle that.

Related RFC5987

2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017 Task Description

Pretty minor, but seems to show up regularly enough in our logs. The line in question:

$outfile = str_replace(' ', '_', $tasks[0]['project_title']).'_'.date("Y-m-d").'.csv';
2328Backend/CoreFeature RequestMediumAdd [key] support for each project instead of FS#Unconfirmed
0%
1120.01.201710.02.2017 Task Description

Adding key support for each project instead of using the prefix FS#<task_id>

Let the administrator choose the key for project.

What’s a project key?
It prefixes each task in the project

2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017 Task Description

We have some private Tasks in our FS-bugtracker to hide them from normal reporters. But we also have some external beta-testers in a betatesters-group and they should be able to see (and check) the private tasks without giving them a project manager status. So it would be good, if there is a switch in the group option to give specific groups the right to see private tasks.

Showing tasks 1 - 50 of 300 Page 1 of 61 - 2 - 3 - 4 - 5 - Last >>

Available keyboard shortcuts

Tasklist

Task Details

Task Editing