Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version   desc Opened Last Edited
2582Backend/CoreInformationLowHow to reach internal windows share (was: Internal URL)Unconfirmed
0%
304.11.201905.11.2019 Task Description

I have installed flyspray on an internal server and have problems with the renaming of internal links.

For example:
I want to put this link in the comment section.
\\192.168.200.5\Folder\example.docx

it shows the link correct,
but when you hover over the link it shows:
file://192.168.200.5/Folder/example.docx

And on clicking on it, of course I can´t access the file, because it´s trying to open an external link.
I dont want it to be renamed from ‘\’ to ‘/’.

Can somebody help me please.

I tryed to find it in the sourcecodes, but I have almost no experience in PHP.

Thank you!

2585User InterfaceTODOMediumUpgrade CKEditor to 4.13.0New
0%
peterdd02.12.201903.12.2019 Task Description

To fix some other open tasks, an update of the CKEditor4 files is probably the best way.

Starting with CKEditor4 ‘Basic’ preset, evaluate every additional Plugin before adding them to the config.

Because the selection of plugins starts with the ‘Basic’ preset, some configs are disabled in the resulting config.sys like the ‘Strike’ button or the Copy/Paste functionality.

I am also evaluating the possibilities to make some of the options configurable within the Flyspray configuration. It is probably required to analyze if a setting applies to only CKEditor syntax or would be also by used for installs using dokuwiki syntax/engine.

I can also imagine enable/disable features based on Flyspray user permissions. (but that requires not only CKEditor config, but also server side changes like HTMLpurifier settings.)

Languages

Just choose all languages available in the CKBuilder.

Probably we need to adjust the CKEditor to use the users Flyspray language settings too. I changed my language to french in a test install but the CKEditor still shows german user interface. (probably detected by browser http request headers)

Compare that the used language abbreviations work together between files in lang/ of Flyspray and that of CKEditors. (Flyspray: lang/pt_br.php vs. CKEditor: js/ckeditor/lang/pt-br.js)

Theme selection

Probably use a CKEditor source maintained Moona-Lisa or Moona as these are easier to modify their color themes like auto light/dark mode browser detection or base colors that match the theme.

Moona Color currently has issues and not maintained by CKEditor guys.

Plugins

The previous contained CKEditor 4.4.7 probably hat the standard preset used.

Following I keep track of plugins we should add to the basic preset. This list is growing/edited until the final config that ships with Flyspray is found.

Mentions

This would enable choosing a user by their username, like @peterdd.

Requires writing an extra php file for retrieving a matching list of users, that respects current user permissions and status of users (like not fetch disabled users).
This extra php file could be also used for the editor textareas with a dokuwiki toolbar.

Auto Grow

This is just a promising usability improvement. No scrollbars needed when writing longer texts.

Turns just typed urls like https://www.flyspray.org into real links (like dokuwiki does it when rendered on page.)

Baloon Toolbar

This just sound like a promising usability improvement. Not tried yet. Only add when there is use case (other plugins usability profit from it) for Flyspray.

Blockquote

Probably required because existing Flyspray installs had it too and citing a comment/text snippet should be also able.

Code Snippet

Probably requires deeper look how secure integrate with server side cleanup (HTMLpurifier).

Format

h1-h6 and other tags. Probably required as previous Flyspray versions used that too. (TODO: What happens to old content with h1-h6 tags when editing with a CKEditor without the Format plugin?)

Also configure it to accept only tags useful for within Flyspray. (see also server side configuration of HTMLPurifier)

Remove Format

Existing Flysprays had this too and probably a good thing when the user can cleanup their word/whateverwhere pasted stuff cleaned before HTMLpurifier does it server side too with maybe surprises to the end user.

Show Blocks

Gives the user some confidence on command if his current editing has the right/intended structure.

Well, that missing is one of the reasons why I hated WYSIWYG or wannabe WYSIWYG editors in the past. Uncertainty by the end user, and pain for the admin/webmaster when he sees the garbage stored in the database (endless spans and other garbage tags partly wrong nested by just pasting from Word documents.)
(little bug in CKEditor 4.13.0: doesn’t expand the area with plugin Auto Grow enabled)

Source Editing Area

Useful for people that can read HTML or are responsible to fix things.

2586Backend/CoreTODOLowPHP7.4New
0%
peterdd1.0-rc1012.12.201912.12.2019 Task Description

PHP 7.4 is out now and a few things should be done to make Flyspray work well with it.
Nothing really breaks, but a view deprecation warnings should be fixed.

Flyspray source itself: Just a few new notices, most are yet fixed in the master branch.

Watching the PHP7.4 compatibility of dependencies defined by composer.json:

  • ADOdb/ADODb: 5.20.15 should be OK for Flyspray
  • swiftmailer/swiftmailer: We still use 5.* branch, so either do quickfix for a notice in a fork or upgrade/rewrite our integration to the 6.* branch.
  • ezyang/htmlpurifier: 4.12 OK
  • thephpleague/oauth2-client: unknown, we still use 0.13, last real source change was Nov 2018, to upgrade requires rewrite of integration into Flyspray and there is low demand for OAuth2.
  • dapphp/securimage: seems to be OK
  • jamiebicknell/sparkline: OK, but probably obsolete for us in future due
    • still annoying problems with our github/travis tests (problem of travis, not sparkline itself)
    • better solution (interactive hover infos, scales, screen size adaptive) by Flyspray source planned
2587Backend/CoreTODOMediumdisplay_errors=1 should not set in release candidateUnconfirmed
0%
18.12.201918.12.2019 Task Description

display_errors = 1 should not set in include/fix.inc.php for releases or releases candidate, because with this it is not possibele to disable the error reporting globaly.

The problem is, if I want to enable full error reporting to logfile via “error_log=…” in php.ini, then the error will also full reported to user. Full error reporting is a hig risk for security.

Did you installed an official release or did you used an inoffical docker?!
flyspray-1.0-rc9

Steps done to create the problem:
Create a file php.in in base directory with follow contens:
error_reporting = E_ALL | E_STRICT
log_errors = On
display_errors = Off
error_log = /var/log/php-flyspray-errors.log

Expected behavior:
Errors only to log file

Experienced behavior:
All errors goes also to user.
The option “display_errors = Off” has no effect.

2588Backend/CoreBug ReportLowps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permi...Unconfirmed
0%
118.12.201928.12.2019 Task Description

Sometimes comes this message with a lot of backtrace log.
If you are reporting a bug please provide as much information as possible to help understand and reproduce the problem:

Did you installed an official release or did you used an inoffical docker?!
Official download flyspray-1.0-rc9

mysqlnd 5.0.12-dev
Linux 64bit
PHP Version 7.2.25

Steps done to create the problem:
Wait some weeke and edit a ID.

Experienced behavior:

[18-Dec-2019 13:19:41 Europe/Berlin] PHP Notice:  session_start(): ps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permission denied (13) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 13:19:41 Europe/Berlin] PHP Warning:  session_start(): Cannot send session cache limiter - headers already sent (output started at/var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 96
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 97
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 76
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 80
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 82
2589User InterfaceBug ReportLowTime zone in user settings is confusingUnconfirmed
0%
228.12.201928.12.2019 Task Description

Hello,

When registering and when later editing users settings it’s possible to specify “Time zone” but the way it’s implemented is confusing. What I see is a drop-down list with GMT[+-]:digit: and this is an odd way to set the timezone for multiple reasons:

1. “GMT” is a word without universally accepted and defined meaning these days, see https://www.ucolick.org/~sla/leapsecs/timescales.html#GMT ;

2. Often time zone specification needs to include the rules when (if ever) to apply DST and what abbreviation is to be used in different cases. See TZ description on https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03 .

Taking these two points into account I can’t see how to meaningfully use this feature.

TIA for looking into it.

Showing tasks 301 - 306 of 306 Page 7 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing