Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type  asc Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
1608Installer and UpgraderBug ReportLowreserved characters cause database error after installa...Unconfirmed
0%
2.107.10.200903.03.2013 Task Description

the installer does not check for reserved characters when writing to flyspray.conf.php, causing parse_ini_file() to return an invalid database password.

1924Backend/CoreBug ReportLowBetter errors messages on email errorNew
0%
1.1 devel11.07.201406.03.2015 Task Description

When entering the wrong SMTP information and then adding a user through Multiple New Users page, the error message is bad. It just says 'this should never happen'. Instead, we need to detect that it is an SMTP authentication error and report that issue to the user more clearly.

2007Backend/CoreBug ReportLowtime on project overview activity timelinesNew
0%
18.07.201518.07.2015 Task Description

I find it irritating to have the oldest activity on the right side and newest activity on the left side of the small activity bars.

There is also no time scale description. This could be added by showin it on :hover to keep the simple appearance.

A complete new feature would be to replace the image generation by rendering the bars in the html in the same request, e.g by inline svg or canvas element. This would enable adding some interactivity with the activity bars..
A related feature request is FS#1991 (project progress)

2028Text RenderingBug ReportMediumupgrade dokuwiki 'plugin'New
0%
12.08.201520.08.2015 Task Description

I see php deprecation notices with php 5.6+ from the geshi syntax highlighter plugin of dokuwiki plugin sometimes. (seems to be go away on the second view, so probably not seen on cached views)

It can't be found easy with

grep -r preg_replace | grep '/e'

Because the preg_replace modifiers are added dynamic depending on the target programming language. At least in the version we have in flyspray.

2048Backend/CoreBug ReportLowerror when adding data containing national charactersUnconfirmed
0%
09.09.201509.09.2015 Task Description

this one is somehow tricky, it doesn't happens always but sometimes when fields or filenames contain national characters (I'm in Spain) flyspray returns an error looking like this one:

Query {INSERT INTO `flyspray_attachments` ( task_id, comment_id, file_name, file_type, file_size, orig_name, added_by, date_added) VALUES (?, ?, ?, ?, ?, ?, ?, ?)} with params {189,711,189_9c5d837bb10b7e0989a3c8be8d,application/pdf; charset=binary,736986,Guia de aplicación medidas difusicón y publicidad.pdf,4,1441827828} Failed! (Incorrect string value: '\xCC\x81n me...' for column 'orig_name' at row 1)

here we have a pdf named "Guia de aplicación medidas difusicón y publicidad.pdf" but I had this error also with titles or descriptions containing spanish letters...

2055Backend/CoreBug ReportLowMake the csv export table fields respect the user permi...New
0%
1.1 devel17.09.201517.09.2015 Task Description

Just moved issue #110 from https://github.com/Flyspray/flyspray/issues/110 to here for centralized task tracking.

Maybe just needs testing with current github master.

2058Backend/CoreBug ReportLowClosing of github.com 'Issues' featureNew
0%
24.09.201524.09.2015 Task Description

As discussed with the team some time ago, a consolidation of places where issues are discussed is wanted.

One of the results was, that we do not want people post issues to github.com Issues and instead use our own bugs.flyspray.org
and to prefer "to eat our own dogfood" and a have central place to handle tasks.

As a result we tried to reduce the open issueas on github.com. I was in the process of moving 2 of still 7 open issues there to bugs.flyspray.org when suddenly the Issues on github.com were closed. :-( Now the last 5 issues there are lost at the moment for me and the audience, which where mostly informations to interested users, not bugs.

I think just closing it without an easy accessible alternative is not the best solution.

At least we should wait until the oauth2 authentication for github users should be implemented and setup on bugs.flyspray.org , so people browsing github.com, finding Flyspray project just can
"Login with github"-feature on bugs.flyspray.org.

The blocker to do this: Currently there is missing an option to "connect" an oauth "Login with github"- Login with an existend flyspray userlogin.

So that one userid in flyspray can:

  • login with username and password
  • login with one or more of his social accounts (github, facebook, microsoft, g+) if they are enabled (would it restrict to github.com accounts for bugs.flyspray.org)
2071EmailBug ReportLowNew user e-mail validationConfirmed
0%
14.10.201514.10.2015 Task Description

On flyspray/index.php?do=admin&area=newuser I sucessfuly register user with email ;

I don’t recieve popup with message ‘You did’nt enter valid e-mail address’

After that on new page i receive error:

Completely unexpected exception: Address in mailbox given [;] does not comply with RFC 2822, 3.6.2.
This should never happend, please inform Flyspray Developers

2073Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNew
0%
17.10.201517.10.2015 Task Description

I wanted edit/fix the comment of an anonymous reporter, but the edit shows empty content on editing..

(here on closed, but non yet implemented  FS#218 )

2075NotificationsBug ReportHighToo spammy notifications under some circumstancesRequires testing
40%
1.019.10.201503.11.2015 Task Description

danoh on github wants to work on patch. Couldn’t find him here..

2078User InterfaceBug ReportMediumlayout of requested close on small displaysNew
0%
1.026.10.201529.10.2015 Task Description

currently absolute positioning overlapping deny button and not full visible

Possible better solution:

  • cssbased toggle
  • left:50%; width:300px;margin-left:-150px;margin-top:50px;
2119Backend/CoreBug ReportMediumfunction filter_input not always availableResearching
0%
15.04.201615.04.2016 Task Description

filter_input() is in extension “Filter”.

It is enabled by default since PHP5.2, see http://php.net/manual/en/migration52.new-extensions.php but not “always”, see https://groups.google.com/forum/?hl=de#!topic/flyspray/QM75BvwPqGM

filter_input() is only used at 1 section in Flyspray (since 2014 up to v1.0rc1) in includes/fix.inc.php
This is the commit https://github.com/Flyspray/flyspray/commit/40861911260812c99682fe3456350cb63bb243a9

How do we solve it? Several possibilities:

2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016 Task Description

My tests showed that the html accesskey feature is not well and consistent supported by current web browsers and is quite cumbersome to use.
And it seems it will not be better in future..

The only solution I see dropping that feature or replacing them with simple single-key-event javascript listeners, like it is currently done with keys o, j, k, n, and p.

accesskeys in Flyspray I talk about:

  • l (current SHIFT+ALT+l Firefox) login dialog / logout
  • a (current SHIFT+ALT+a Firefox) add new task
  • m (current SHIFT+ALT+m Firefox) my searches
  • t (current SHIFT+ALT+t Firefox) focus taskid search
  • e (current SHIFT+ALT+e + Enter Firefox) edit task
  • x or y? (current SHIFT+ALT+y Firefox) close task
  • s (current SHIFT+ALT+s Firefox) save task

Also related to Keyboard navigation: tabindex

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
0%
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
0%
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
0%
01.08.201601.08.2016 Task Description

Flyspray should show a warning, and maybe set the focus back to the field (only when it is a this-one-field-only-form.)

2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
0%
26.08.201626.08.2016 Task Description

The user preferences and the add new user screens both allow you to set the timezone offset of the user, however, we are only provided with whole hour offsets from GMT. This makes it impossible to select our timezone here in India, which is GMT+5:30 - IST(Indian Standard Time - Asia/Kolkata as per TZ Zoneinfo). In addition, there are also timezones in the GMT+x:45, which wouild also require to be handled. Note, this is totally independent of DST Changes, since some of the countries use DST(Like in Australia) and others do not(Like India).

Here is a link with more details of the same - http://www.timeanddate.com/time/time-zones-interesting.html

I will be trying to identify and fix the codebase to resolve this, and will hopefully have a patch to submit soon.

Regards
R. K. Rajeev

2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
0%
21.11.201621.11.2016 Task Description

When filing a task, it’s possible to submit the task without any information at all being added to the main body of the ticket. This leads to reports that are of no value because the user can simply add some vague title, hit submit, and then wonder why nothing happens other than someone closing it later as invalid.

The main body of the ticket should be considered a required field and should throw an error if nothing is in the box.

2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
0%
15.09.201715.09.2017 Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the formattext.inc file? Seems unlikley because it’s so old but can’t work out why nothing shows.
Alan

I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.

As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.

As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.

Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions.
But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).

2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018 Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
}
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018 Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2549User InterfaceBug ReportLowOauth register template always shows "Username already ...Unconfirmed
0%
06.05.201906.05.2019 Task Description

RC9 running on CentOS LAMP stack

Steps done to create the problem:
Set up google as an oauth provider.
Have a user click “Sign in with Google” in the login box.
User connects their account with Flyspray.
Google redirects the user back to Flyspray
The return screen (on flyspray) asks for a username.

Expected behavior:
No warning about duplicate username should be shown on initial page load since no username was entered yet

Experienced behavior:
A warning about the username being already taken is shown.

It appears there is no logic for showing or hiding that warning in register.oauth.tpl

(It would be great if flyspray was able to just use the email as a username to make the UX even better/simpler.)

2550EmailBug ReportLowException handling sending email notificationUnconfirmed
0%
06.05.201906.05.2019 Task Description

Someone reported this:

Today i tried to report an issue about xxx on the xxx (namely xxx) and the following error message has been displayed:
Completely unexpected exception: Expected response code 250 but got code “451”, with message “451 Error in writing spool file "
This should never happend, please inform Flyspray Developers
The issue itself has been created though.
2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019 Task Description

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

  • variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
  • variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
  • variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)

Backend deny

  • variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
  • variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
2560Backend/CoreBug ReportLowdo not allow close task with reason duplicate referenci...New
0%
peterdd29.07.201929.07.2019
2607AuthenticationBug ReportLowWhitespaces in email address fieldUnconfirmed
0%
03.05.202003.05.2020
2614EmailBug ReportCriticalConnection timed out #110Unconfirmed
0%
16.09.202016.09.2020
1734Backend/CoreBug ReportLowAdd Timezone Selection to Admin PanelMaybe
0%
2.0112.05.201207.03.2015
1749User InterfaceBug ReportLowSubmit form buttons on lower rightUnconfirmed
50%
117.06.201224.09.2015
1856Backend/CoreBug ReportMediumWrong timezonesResearching
0%
1327.03.201306.03.2015
1965Public RelationsBug ReportHighPR fixes for FS 1.0 on external sitesNew
0%
1.1 devel111.03.201524.07.2015
1977Backend/CoreBug ReportLowWeird URL after closing task with referenceUnconfirmed
0%
115.03.201518.03.2015
2057Backend/CoreBug ReportLowDo not resubmit forms on browser reload button or F5New
0%
122.09.201523.09.2015
2197Backend/CoreBug ReportHighChange Time for everyoneUnconfirmed
0%
121.08.201622.08.2016
2198User InterfaceBug ReportLowMulti-Select from tasklist offers options to those who ...Unconfirmed
0%
1122.08.201622.08.2016
2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016
2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016
2215Text RenderingBug ReportLowwrong output of Geshi syntax highlighting for xml codeNew
0%
117.10.201631.12.2017
2224GreekBug ReportVery LowSemicolon is a bad separatorUnconfirmed
0%
1124.10.201625.10.2016
2304Database QueriesBug ReportMediumGreek letters crash tagsConfirmed
0%
126.10.201626.10.2016
2317User InterfaceBug ReportMediumDate format wrongConfirmed
20%
1.1 devel122.11.201622.11.2016
2499User InterfaceBug ReportHighChange recaptcha from using file_get_contents to CurlUnconfirmed
0%
118.09.201802.11.2018
2527Backend/CoreBug ReportLowDatabase Check »Your mysql supports full utf-8 since 5....Unconfirmed
0%
105.01.201905.01.2019
2544EmailBug ReportLowError when registering new accountUnconfirmed
0%
123.03.201923.03.2019
2568DocumentationBug ReportMedium[MANUAL] a missing image in "Understanding Permissions:...Unconfirmed
0%
101.09.201902.09.2019
2588Backend/CoreBug ReportLowps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permi...Unconfirmed
0%
118.12.201928.12.2019
2608EmailBug ReportMediumNotification email sent although not requestedUnconfirmed
0%
105.05.202005.05.2020
1529Backend/CoreBug ReportLowInactivity-close doesn't work, bug is left openMaybe
0%
2.0207.01.200924.09.2015
1960Backend/CoreBug ReportMediumforeign key relations between versions and tasksNew
0%
209.03.201513.08.2015
Showing tasks 1 - 50 of 321 Page 1 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing