|
2078 | User Interface | Bug Report | Medium | layout of requested close on small displays | New | |
| 1.0 | | 26.10.2015 | 29.10.2015 |
Task Description
currently absolute positioning overlapping deny button and not full visible
Possible better solution:
cssbased toggle
left:50%; width:300px;margin-left:-150px;margin-top:50px;
|
|
2089 | Backend/Core | Bug Report | Medium | adding same taskid as subtask or related task should be... | New | |
| 1.0 | | 07.11.2015 | 18.11.2016 |
Task Description
Both is a bit illogical, but both is currently possible!
1 ←- 1
So when setting the parent task id checked for creating loops is needed:
Loop with 2 tasks: 1 ←- 2 ←- 1
Loop with 3 tasks: 1 ←- 2 ←- 3 ←- 1 Loop with n tasks: 1 ←- ... ←- n < – 1
As I think there are currently no recursive reads that could lead to an endless loop, but should be kept in mind when someone wants to programm rendering a gantt chart. E.g. by limiting the depth of subtasks for example.
|
|
2104 | Backend/Core | Bug Report | Low | filtering by one user on tasks with multiple assignees ... | New | |
| | | 26.02.2016 | 15.06.2020 |
Task Description
If you have a tasklist with tasks that have multiple assignees in a task and you search just by one of the assignees, the resulting tasklist shows only this user in the assignees column.
Expected: all assignees of the tasks are shown.
|
|
2137 | Backend/Core | Bug Report | Low | feature accesskey bad implemented by web browsers | New | |
| | | 15.06.2016 | 15.06.2016 |
Task Description
My tests showed that the html accesskey feature is not well and consistent supported by current web browsers and is quite cumbersome to use. And it seems it will not be better in future..
The only solution I see dropping that feature or replacing them with simple single-key-event javascript listeners, like it is currently done with keys o, j, k, n, and p.
accesskeys in Flyspray I talk about:
l (current SHIFT+ALT+l Firefox) login dialog / logout
a (current SHIFT+ALT+a Firefox) add new task
m (current SHIFT+ALT+m Firefox) my searches
t (current SHIFT+ALT+t Firefox) focus taskid search
e (current SHIFT+ALT+e + Enter Firefox) edit task
x or y? (current SHIFT+ALT+y Firefox) close task
s (current SHIFT+ALT+s Firefox) save task
Also related to Keyboard navigation: tabindex
|
|
2188 | Backend/Core | Bug Report | Very Low | It should not possible to relate a task to itself | New | |
| | | 01.08.2016 | 01.08.2016 |
Task Description
Flyspray should show a warning, and maybe set the focus back to the field (only when it is a this-one-field-only-form.)
|
|
2215 | Text Rendering | Bug Report | Low | wrong output of Geshi syntax highlighting for xml code | New | |
| | | 17.10.2016 | 31.12.2017 |
Task Description
Geshi 1.0.8.17 from https://github.com/easybook/geshi is quite slow at the current integration of Flyspray v1.0-rc3 on the first run. (But any further read uses the cache.)
But it produces garbled output for xml code highlighting:
Example without xml, just format as preformatted code:
<table>blabla</table>
Or as php syntax highlighting (even if it doesn’t contain a real php-tag ):
<table>blabla</table>
Example with xml choosen as language:
blabla
The table tag is stripped away instead of converting the tag for output inside code/pre tags (by converting the < and > chars). Maybe just a configuration issue?
|
|
2332 | Backend/Core | Bug Report | Medium | CSV export filename filtering | New | |
| | | 24.01.2017 | 24.01.2017 |
Task Description
The filename for the csv export is build based on project name and current date.
Due different handling of web browsers, the appropriate http header should send the filename in ascii and also provide them as utf-8 for web browsers who can handle that.
Related RFC5987
|
|
2436 | Backend/Core | Bug Report | Low | dokuwiki renderer creates nonunique html-id for h1,h2,h... | New | |
| | | 02.08.2017 | 02.08.2017 |
Task Description
The dokuwiki renderer automatic creates for each h(1-6) tag an html id attribute, but doesn’t ensure that this:
is not used by Flyspray templates
is unique across all tasks (tasklist summary/description mouseover!), id must be unique on a webpage.
Example: id=”footer” and id=”title” are used by the default CleanFS template for example.
title
title
title
id=”title2”
The original intention I think is to make dokuwiki content each h-section linkable, for instance by a “table of contents” at top of a wiki content page. This is currently not used by the dokuwiki integrated in Flyspray, but could be in future.
Possible solution
Add the task_id to the generated id h(1-6) tags, for instance “d1234_footer” “d1234_title”
d - like description
(t1234 used for tags/labels id currently)
|
|
2441 | Backend/Core | Bug Report | Medium | refactor dokuwiki image tags | New | |
| | | 15.09.2017 | 15.09.2017 |
Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the formattext.inc file? Seems unlikley because it’s so old but can’t work out why nothing shows.
Alan
I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.
As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.
As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.
Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions. But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).
|
|
2453 | Backend/Core | Bug Report | Medium | validate category before storing a new task | New | |
| 1.0 | | 14.12.2017 | 14.12.2017 |
Task Description
Currently the category_id is not checked if the value is legal for the project when a new task is created.
If invalid category_id is sent, deny creating task and show error message and show filled form again.
If no category_id is sent (or empty string) and category select is enabled:
or
implement feature request FS#2451 and show that user should select a category.
|
|
2454 | Backend/Core | Bug Report | Low | PHP warning in admin edit user area | New | |
| | | 15.01.2018 | 15.01.2018 |
Task Description
Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.
Probably related to scripts/admin.php
$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
$id = Req::val('user_id');
}
|
|
2491 | Backend/Core | Bug Report | Low | group member links if project manager but not admin | New | |
| 1.0 | | 01.09.2018 | 01.09.2018 |
Task Description
When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8 the links in the list of users of that group are
index.php?do=admin&area=users&user_id=12345
instead of linking to the users page
index.php?do=user&area=users&id=12345
and a redirect follows with Error #4: You don’t have administrative rights.
|
|
2559 | Backend/Core | Bug Report | Low | a duplicate close accepted even when missing comment/ r... | New | |
peterdd | | | 29.07.2019 | 29.07.2019 |
Task Description
Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.
The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.
Possible solutions
Frontend hints
variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)
Backend deny
variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
|
|
2560 | Backend/Core | Bug Report | Low | do not allow close task with reason duplicate referenci... | New | |
peterdd | | | 29.07.2019 | 29.07.2019 |
Task Description
So closing a task
FS#1
with
reason: duplicate
and close comment
FS#1
referencing to self should be detected to avoid such user mistakes.
|
|
2621 | Backend/Core | Bug Report | Medium | php notice/warning when reopening in some circumstances | New | |
peterdd | 1.0 | | 27.11.2020 | 27.11.2020 |
Task Description
Reopening a task triggers a PHP notice with PHP7.4 under some circumstances. Reopening a task triggers a PHP warning with PHP8.0 under some circumstances.
Reproduce:
Create task
Close task directly without setting a completion percentage
Reopen the task
Notice: Trying to access array offset on value of type bool in /***/includes/modify.inc.php on line 684
Notice: Trying to access array offset on value of type bool in /***/includes/modify.inc.php on line 686
Notice: Trying to access array offset on value of type bool in /***/includes/modify.inc.php on line 686
|
|
1608 | Installer and Upgrader | Bug Report | Low | reserved characters cause database error after installa... | Unconfirmed | |
| 2.1 | | 07.10.2009 | 03.03.2013 |
Task Description
the installer does not check for reserved characters when writing to flyspray.conf.php, causing parse_ini_file() to return an invalid database password.
|
|
1749 | User Interface | Bug Report | Low | Submit form buttons on lower right | Unconfirmed | |
| | | 17.06.2012 | 24.09.2015 |
Task Description
Any form should have its submit button directly below and to the right of the form.
This is most egregious on the New Task page where you have to scroll back up to the top right to submit.
|
|
1977 | Backend/Core | Bug Report | Low | Weird URL after closing task with reference | Unconfirmed | |
| | | 15.03.2015 | 18.03.2015 |
Task Description
On Mac OS Safari:
I just closed a task and wrote the following into the comment for closing:
"See also F.S.#.14" (of course without the points). When I then click the link in the comment box (below the task details) I'm redirected to: "http:/flyspray.stefan-herz%0Aog.tld/index.php?do=details&task_id=%0A14". No matter if #14 is closed or not. It worked with Firefox.
Any suggestions?
|
|
1988 | Installer and Upgrader | Bug Report | Medium | Password Field for Admin | Unconfirmed | |
| | | 02.04.2015 | 12.05.2015 |
Task Description
The installer requests a password for the admin account, and provides a default one.
Because this field is not type=”password”, the browser caches this data for any field named “admin_password”
This also applies to future installations of the software.
I have marked this as critical as this can pose a security hazard. A different implementation would be allowing entry of password, or in the case of wanting to provide a default one, have two password fields prepopulated, and a text one prepopulated so that it can be viewed by the end user.
|
|
2042 | Backend/Core | Bug Report | Medium | function absoluteURI not using basedir and force_basedi... | Unconfirmed | |
| | 1 | 04.09.2015 | 01.10.2015 |
Task Description
public static function absoluteURI($url = null, $protocol = null, $port = null) in class Flyspray
not using basedir and force_basedir from configuration file
its problem because my web-server inside have port 7777 and outside 80 (nginx and PHP-FPM)
please fix it
|
|
2048 | Backend/Core | Bug Report | Low | error when adding data containing national characters | Unconfirmed | |
| | | 09.09.2015 | 09.09.2015 |
Task Description
this one is somehow tricky, it doesn't happens always but sometimes when fields or filenames contain national characters (I'm in Spain) flyspray returns an error looking like this one:
Query {INSERT INTO `flyspray_attachments` ( task_id, comment_id, file_name, file_type, file_size, orig_name, added_by, date_added) VALUES (?, ?, ?, ?, ?, ?, ?, ?)} with params {189,711,189_9c5d837bb10b7e0989a3c8be8d,application/pdf; charset=binary,736986,Guia de aplicación medidas difusicón y publicidad.pdf,4,1441827828} Failed! (Incorrect string value: '\xCC\x81n me...' for column 'orig_name' at row 1)
here we have a pdf named "Guia de aplicación medidas difusicón y publicidad.pdf" but I had this error also with titles or descriptions containing spanish letters...
|
|
2086 | Backend/Core | Bug Report | High | Basic User can see all Projects and Tasks | Unconfirmed | |
| | | 03.11.2015 | 26.01.2017 |
Task Description
Since Update to Flyspray 1.0 Beta2 all users can see every task in every project.
The rights were set up correctly in Flyspray 1.0 Alpha and worked just fine.
|
|
2094 | Email | Bug Report | High | After Upgrade All Users Receive Notifications for All T... | Unconfirmed | |
| | 1 | 06.01.2016 | 13.01.2016 |
Task Description
I upgraded from 0.9.9 to 1.0-beta2 a few hours ago. I received an error about oauth during the upgrade (didn’t think to take a screenshot). In any case, the upgrade otherwise seemed to go smoothly. When I subsequently closed a few tasks people who weren’t assigned to receive notifications for those tasks, even old consultants whose account I had disabled years ago, received the email notification. I also received lots of bounced emails from accounts whose email addresses were no longer existant.
Has anyone else experienced this? I’ve gone into the database and null’d out the email addresses of old accounts to prevent further spam. Not only did it notify everyone who had an account (active or disabled) but it put their email address in the To: field for all to see.
|
|
2097 | User Interface | Bug Report | Medium | Url incorrect for view attachement | Unconfirmed | |
| | 1 | 16.01.2016 | 02.03.2016 |
Task Description
I’m using URL rewriting…
If I click on the link, the picture doesn’t appear.
https://flyspray.xxx.fr/task/27?getfile=8
It’s ok in task history. The right URL is
https://flyspray.xxx.fr/?getfile=8
.
|
|
2112 | API | Bug Report | Medium | Assigned tickets aren't editable for lower privileged u... | Unconfirmed | |
| | | 31.03.2016 | 11.04.2016 |
Task Description
An assigned ticket can't be edited by a lower privileged user.
Steps to reproduce:
One Project, Two Users. User A is Admin, User B is Basic
A creates a Task.
A take ownership of the Task. (it’s important to do this AFTER saving the task. You cannot assign User A if you are A in this moment. Maybe another Bug...!?)
Now B is allowed to take ownershop too. B click now “Add me to assignees”.
Now B can edit the task.
If B click “save”, the task can’t be saved, because some fields haven’t the correct values (esp: state is now “unconfirmed”). Many error messages said, that unexpected values exist
Some weird moments:
Why can B edit a task? He have no rights to edit tasks...
If B are Basic and have “edit own Task”-Right too, this bug also exist.
|
|
2116 | Email | Bug Report | Medium | Error with email notification | Unconfirmed | |
| | | 08.04.2016 | 15.04.2016 | |
|
2142 | Backend/Core | Bug Report | Low | Post-authenticate redirect does not make use of baseurl... | Unconfirmed | |
| | | 28.06.2016 | 01.08.2016 | |
|
2160 | Backend/Core | Bug Report | Low | Cannot "accept" PM close request if already closed | Unconfirmed | |
| | | 14.07.2016 | 14.07.2016 | |
|
2197 | Backend/Core | Bug Report | High | Change Time for everyone | Unconfirmed | |
| | | 21.08.2016 | 22.08.2016 | |
|
2198 | User Interface | Bug Report | Low | Multi-Select from tasklist offers options to those who ... | Unconfirmed | |
| | 1 | 22.08.2016 | 22.08.2016 | |
|
2200 | User Interface | Bug Report | Medium | Incomplete list of timezones available in the user pref... | Unconfirmed | |
| | | 26.08.2016 | 26.08.2016 | |
|
2201 | API | Bug Report | High | I got Fatal Error on the Github OAuth | Unconfirmed | |
| 1.0 | | 07.09.2016 | 09.09.2016 | |
|
2202 | Installer and Upgrader | Bug Report | High | Unable to upgrade | Unconfirmed | |
| | | 10.09.2016 | 11.10.2016 | |
|
2223 | Greek | Bug Report | Very Low | Some strings need splitting or replacement | Unconfirmed | |
| | 1 | 24.10.2016 | 25.10.2016 | |
|
2224 | Greek | Bug Report | Very Low | Semicolon is a bad separator | Unconfirmed | |
| | 1 | 24.10.2016 | 25.10.2016 | |
|
2309 | User Interface | Bug Report | Low | PHP noticed displayed on default "All Projects" page. | Unconfirmed | |
| | | 02.11.2016 | 26.11.2016 | |
|
2315 | Backend/Core | Bug Report | Low | Filing a new task is possible with no details in the ma... | Unconfirmed | |
| | | 21.11.2016 | 21.11.2016 | |
|
2330 | Backend/Core | Bug Report | Low | PHP Notice: Undefined offset: 0 in scripts/index.php o... | Unconfirmed | |
| | | 23.01.2017 | 30.01.2017 | |
|
2336 | Backend/Core | Bug Report | High | Captcha validation always fail on registration | Unconfirmed | |
| | | 01.02.2017 | 21.07.2018 | |
|
2338 | Backend/Core | Bug Report | Medium | Export tasks to csv has issues | Unconfirmed | |
| | | 02.02.2017 | 12.03.2019 | |
|
2343 | Email | Bug Report | Medium | Notification mail | Unconfirmed | |
| | | 14.02.2017 | 15.02.2017 | |
|
2344 | Notifications | Bug Report | Low | Admins still get noticed for new users even with the op... | Unconfirmed | |
| | | 16.02.2017 | 24.03.2017 | |
|
2345 | Text Rendering | Bug Report | Low | <hr> should be in allowed tags | Unconfirmed | |
| | | 20.02.2017 | 23.02.2017 | |
|
2448 | Backend/Core | Bug Report | Low | error message in eventlog reports | Unconfirmed | |
| | | 26.10.2017 | 29.10.2017 | |
|
2449 | Backend/Core | Bug Report | Low | Unexepted exception on smtp gmail send | Unconfirmed | |
| | | 29.10.2017 | 10.01.2018 | |
|
2456 | User Interface | Bug Report | High | Missing GUI controls | Unconfirmed | |
| | | 09.02.2018 | 10.02.2018 | |
|
2499 | User Interface | Bug Report | High | Change recaptcha from using file_get_contents to Curl | Unconfirmed | |
| | | 18.09.2018 | 02.11.2018 | |
|
2527 | Backend/Core | Bug Report | Low | Database Check »Your mysql supports full utf-8 since 5.... | Unconfirmed | |
| | | 05.01.2019 | 05.01.2019 | |
|
2544 | Email | Bug Report | Low | Error when registering new account | Unconfirmed | |
| | | 23.03.2019 | 23.03.2019 | |
|
2549 | User Interface | Bug Report | Low | Oauth register template always shows "Username already ... | Unconfirmed | |
| | | 06.05.2019 | 06.05.2019 | |