Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID  desc Category Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
 2576 User InterfaceBug ReportMedium Display problem when reopening a task Closed
100%
peterdd1.0125.09.201928.09.2019 Task Description

There is a display problem when reopening a task.

See the attached file please.

 2532 Backend/CoreBug ReportMedium spaces before or after a single word search gives too m ...Closed
100%
1.0111.01.201911.01.2019 Task Description

Spaces before or after a task search string gives too many results in the tasklist.

Example search strings:

test (space after word test)
 test
 test (space after word test)

Found this on bugs.archlinux.org, but also current 1.0-rc7 has this problem.

 2523 Backend/CoreBug ReportMedium tagname length not checked (was tags containing a comma ...Closed
100%
peterdd1.06101.11.201824.01.2019 Task Description

flyspray version: 1.0-rc6

How to reproduce:
Create a bug with tags (preferable with spaces)
Edit this bug
Change the spaces to ‘,’ Save

Expected behaviour:
Saves the tag with comma (even ; is the correct seperator).
It looks to me, that sanitisation of user input is missing here.

2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018 Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2490User InterfaceBug ReportMediumReset Password's Username field has maxlength of 20 - t...Confirmed
50%
1.0201.09.201810.09.2018 Task Description

I’ve set up an account with a username longer than 20 characters, but can’t reset the password because the
flyspray/index.php?do=lostpw
page username field has maxlength=”20” The maxlength for a new user registration seems to be 32 characters.

A related concern is that when setting up the default/admin user on first load of the system, I can use an email address as username (always my preference), but it’s actually not a valid username to create for others thereafter. Consider allowing ‘@’ character in usernames.

 2478 Installer and UpgraderFeature RequestLow password / real_name / jabber_id during installation Closed
100%
peterdd1.0210.08.201826.02.2019 Task Description

Why can’t I set my own password during installation? I thought I did, but it created a different password.

2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
 2452 Backend/CoreBug ReportHigh deprecated functions since PHP7.2 Closed
100%
peterdd1.0113.12.201716.07.2018 Task Description

Well, as everybody can see at the moment, someone (who? @floele ?) updated the server hosting bugs.flyspray.org to PHP7.2.x and now some ‘deprecated’-warnings are shown.
Edit: For example not working Flyspray 1.0-rc6 and older with the brand new PHP7.2:

  • shows deprecated info on top
  • shows deprecated info at every comment
  • tells task in work by other user when you want to save a task.
  • Uploaded files aren’t downloaded correct (open a downloaded image with a hexeditor for example to see)
  • probably also scheduler (cronjob/schedule.php and sending emails effected)
 2450 User InterfaceBug ReportLow Empty avatars appears like broken images Closed
100%
1.0129.10.201715.07.2018 Task Description

Hello,

I recently upgraded a very old version of flyspray, the avatars (and gravatar) are enabled, my profile includes an image which looks correctly (I had a problem with the transparency btw, so I used then a JPG version). But the users that doesn’t has avatar shows up like a broken image.

Example: http://bugs.elivecd.org/index.php?do=details&task_id=262&tasks=&due=33&status%5B0%5D=&order=dateopened&sort=asc&order2=lastedit&sort2=asc

Maybe when there’s no avatar for the users would be needed to show a generic image?

Thank you
Thanatermesis

 2326 Backend/CoreBug ReportLow Roadmap does not show future version Closed
100%
1.0412.01.201723.01.2017 Task Description

Let’s say you have multiple projects and decide to add a future version to admin → Version list to affect all projects.
When editing a task from a project and select that future version in “Due In Version” the Roadmap does not show the list of that “future version”.

Sorry for my English

 2310 Backend/CoreBug ReportMedium Default entry to project creates endless loop Closed
100%
1.0205.11.201607.02.2018 Task Description

I setup the default page to “roadmap” for a project, logged out, and it’s not possible to access the base url anymore. I chased the bug throughoutt the code and it seems that:

index.php calls scripts/roadmap.php at line 200:

if (!defined('NO_DO')) {
    require_once(BASEDIR . "/scripts/$do.php");
} 

and:

in scripts/roadmap.php, lines 11-13 redirect to base url:

if (!$proj->id) {
    Flyspray::show_error(25);
}
2221Installer and UpgraderInformationLowNotices on install with PHP7New
50%
1.0124.10.201624.10.2016 Task Description
Notice: Only variables should be assigned by reference in /*/setup/index.php on line 883 
Notice: Only variables should be assigned by reference in /*/setup/index.php on line 949
 2213 Backend/CoreBug ReportMedium fix warnings with PHP7 Closed
100%
1.017.10.201624.10.2016 Task Description

There are still some warnings about deprecated constructors when Flyspray runs with php7.

2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016 Task Description

When a anonymous user tries to display a ticket of a non public project (for example by entering a random ticket id), Flyspray exposes the title of the non public project in the header bar.

Edit by peterdd: also applies to project description

2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016 Task Description
Fatal error: Class 'League\OAuth2\Client\Provider\Github' not found in /html/bugs/includes/GithubProvider.php on line 11

I have downloaded this:
Precompiled with 3rd party libs for PHP5.6: flyspray-1.0-rc1_php56.tgz
and the file seems really dont exist.

 2195 Backend/CoreTODOHigh Release Flyspray 1.0-rc2/rc3/rc4 Closed
80%
peterdd1.015.08.201608.12.2016 Task Description
  1. Edit includes/class.flyspray.php on github.com and set the correct version for the release there (remove the ' dev’ from the version string), commit as new branch e.g. 1.0-rc2
  2. Prepare a new release on https://github.com/Flyspray/flyspray/releases , write a summary of changes since last release, choose the branch you created in the previous step, save as “draft”.
  3. “Release” the Flyspray source on github when satified with layout
  1. Run buildscripts for different php versions (see comments at FS#2040)
  2. Upload the created .zip and .tgz files to https://github.com/Flyspray/flyspray/releases
  3. Edit the https://github.com/Flyspray/flyspray.github.io/blob/master/_docs/download.md and link the source and packaged .zip and .tgz files
  4. Write a new article with a summary of highlights of changes since last release for the www.flyspray.org frontpage on https://github.com/Flyspray/flyspray.github.io/tree/master/_posts/News
  5. Important: If all is nice and shiny: Update the version string on www.flyspray.org https://github.com/Flyspray/flyspray.github.io/blob/master/version.txt so admins of flyspray get informed a new Flyspray release is available now. For instance change from 1.0-rc1 to 1.0-rc4 if you are releasing Flyspray 1.0-rc4. Must be the exact version you set in includes/class.flyspray.php .
 2189 Installer and UpgraderBug ReportMedium undefined constant ADODB_ASSOC_CASE_NATIVE Warning: Hea ...Closed
100%
1.0803.08.201615.07.2018 Task Description

I try to install flyspray-1.0-rc1 on a shared hoster (all-inkl.com).

Apache
PHP 5.3.28 note by peterdd: php version can be switched on all-inkl.com settings per subdomain from 5.2, 5.3,5.4, 5.5, 5.6 up to 7.0

MYSQL 5.3.28 note by peterdd: not mysqlnd 5.0.12-dev as phpinfo told from all-inkl.com???

During & after installation (or updating) i get the following error:

Use of undefined constant ADODB_ASSOC_CASE_NATIVE - assumed 'ADODB_ASSOC_CASE_NATIVE' in /www/htdocs/[userid]/flyspray/vendor/adodb/adodb-php/adodb.inc.php on line 3818
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/[userid]/flyspray/vendor/adodb/adodb-php/adodb.inc.php:4642) in /www/htdocs/[userid]/flyspray/includes/class.flyspray.php on line 835
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/[userid]/flyspray/vendor/adodb/adodb-php/adodb.inc.php:4642) in /www/htdocs/[userid]/flyspray/includes/class.flyspray.php on line 835
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/[userid]/flyspray/vendor/adodb/adodb-php/adodb.inc.php:4642) in /www/htdocs/[userid]/flyspray/includes/class.flyspray.php on line 835
Headers are already sent, this should not have happened. Please inform Flyspray developers.

The part before the last sentence is repeated numerous time. Sometimes the tracker is shown partially below the error message.

Cheers

2135Backend/CoreBug ReportHigh"Modify own tasks" does not function correctly when add...Confirmed
50%
1.013107.06.201622.08.2016 Task Description

“Oh, there are some incompatible properties set that must be resolved before moving this task to a different project.”

Oh, but I am not moving the task to a different project. Just trying to edit my own submission.

“Edit this task” → “Save details”

See attached screen capture.

 2133 User InterfaceBug ReportMedium Cannot register username containing "-_." characters (a ...Closed
100%
1.0207.06.201630.06.2016 Task Description

Tried to create user name: xxx-yyy, xxx.yyy or xxx_yyy. Name is highlighted in ‘red’ and no ‘Send code’ button. Is this supposed to be OK?

2121Backend/CoreBug ReportMedium'my assigned tasks' uses like %?% search instead of use...Confirmed
90%
1.0319.04.201603.02.2018 Task Description

Problem: https://github.com/Flyspray/flyspray/pull/552

The button ‘My assigned tasks’ should search only by userid, not in username or realname with the LIKE ‘%...%’ operator.

Currently the button is using the same as doing an advanced search filling the ‘Assigned To’ input field. (currently ‘dev’ param) But that search param searches in userid, username and realname.

Edit: Implemented simpler solution: if param is digitsonly, then search by userid, otherwise by username and realname if that param exists.

 2120 Backend/CoreBug ReportMedium anonymous task creation in restricted project not possi ...Closed
100%
peterdd1.0219.04.201601.08.2016 Task Description

with this general project settings for everyone (users and anon):

Project is active ('project_is_active'): yes
Allow anyone to view tasks of this project ('others_view'): no
Allow anyone to view roadmap of this project: no 
Allow anonymous users to open tasks: yes
  1. Project is not selectable from Project drop down list with this settings, but should.
  2. The can_view_project permission is currently a calculated value, currently using ‘others_view’ permission for guests.
  3. Review where can_view_project() permission is used to limit access.
  1. Evaluate if “Allow anonymous users to open tasks”- perm make can_view_project()-permission true is sufficient.
  2. Or just use the “Allow anonymous users to open tasks”- perm at the relevant places. (I tend to prefer this, because of very limited places.)
  1. TODO: Maybe move
Allow anyone to view tasks of this project: no
Allow anyone to view roadmap of this project: no 
Allow anonymous users to open tasks: yes

from ‘Preferences’ project settings tab to the ‘User Groups’ project settings tab. So everything permission related is at one place.

I think the problem is within index.php, put in with commit https://github.com/Flyspray/flyspray/commit/651f09801a35533205971cf322483a0e52ad0a1d

A anon user cannot pass behind this code lines:

// make sure people are not attempting to manually fiddle with projects they are not allowed to play with
if (Req::has('project') && Req::val('project') != 0 && !$user->can_view_project(Req::val('project'))) {
    Flyspray::show_error( L('nopermission') );
    exit;
}

But before just removing removing the “exit;” here, needs too review if anon users cannot trigger bad actions.

 2113 Backend/CoreBug ReportMedium invalid priority 'very high' (priority6, was 'flash' in ...Closed
100%
peterdd1.0203.04.201609.04.2016 Task Description

Hi,

my customer set priority “very high”.

(note by peterdd: currently “very high” is priority6, but it was “flash” in older versions. See https://github.com/Flyspray/flyspray/commit/34fd39f86190983584c608c0d6754d5959338d3d )

After that i want to edit task to make some changes, i can’t save task because error of invalid priority. Other priorities works.

Screenshot attached

 2102 Backend/CoreBug ReportMedium strict ordering of tags required  Closed
100%
1.0219.02.201626.01.2019 Task Description

When saving the tag list at admin and project area, the ordering of the tags must be recalculated.

So it is not more legal to have a list ordering like (0,0,0,1,3,4,7)

That should be recalculated and stored as (1,2,3,4,5,6, 7) (or 0,1,2,3,4,5,6)
currently in file includes/modify.inc.php

Why?

The SQL for the tasklist uses currently GROUP_CONCAT (and a equivalent syntax for postgres) that groups by list_tag.list_position.
Well, we could just ‘group by’ the tag_id too, but with list_position value we can show the most important tags first.

3 times, and that 3 result fields must be in the same order. (tag id, tag name, tag class field)

Also that sql-query part there needs a little modification, but first fix that strict ordering.

Alternative

Don’t use group_concat() or similiar for list_tag.tag_name or list_tag.class. Instead load an indexed array once per http request and only when needed.

For instance as function within class.flyspray.inc.php:

        /**
         * load all tags into array
         *
         * compared to listTags of class project, this preloads all tags in flyspray database
         * ideally maximal called once per http request, then using the array index for getting info
         *
         * @return array
         */
        public static function getAllTags()
        {
                global $db;
                $at=array();
                $res = $db->query('SELECT tag_id, project_id, list_position, tag_name, class, show_in_list FROM {list_tag}');
                while ($t = $db->fetchRow($res)){
                        $at[$t['tag_id']]=array(
                                'project_id'=>$t['project_id'],
                                'list_position'=>$t['list_position'],
                                'tag_name'=>$t['tag_name'],
                                'class'=>$t['class'],
                                'show_in_list'=>$t['show_in_list']
                        );
                }
                return $at;
        }

in scripts/index.php in function tpl_draw_cell():

function tpl_draw_cell($task, $colname, $format = "<td class='%s'>%s</td>") {
  global $fs, $db, $proj, $page, $user, $alltags;
...
  case 'summary':
...
    if($task['tagids']!=''){
                        # if global $alltags are yet undefined, preload the tags now.
                        if(!is_array($alltags)) {
                                $alltags=$fs->getAllTags();
...
 foreach($tagids as $tagid){
                                $tgs.='<i class="tag t'.$tagid
                                        .(isset($alltags[$tagid]['class']) ? ' ' .htmlspecialchars($alltags[$tagid]['class'], ENT_QUOTES, 'utf-8') : '').'" title="'.htmlspecialchars($alltags[$tagid]['tag_name'], ENT_QUOTES, 'utf-8').'"></i>';
                        }
2089Backend/CoreBug ReportMediumadding same taskid as subtask or related task should be...New
50%
1.0207.11.201518.11.2016 Task Description

Both is a bit illogical, but both is currently possible! ;-)

1 ←- 1

So when setting the parent task id checked for creating loops is needed:

Loop with 2 tasks: 1 ←- 2 ←- 1

Loop with 3 tasks: 1 ←- 2 ←- 3 ←- 1
Loop with n tasks: 1 ←- ... ←- n < – 1

As I think there are currently no recursive reads that could lead to an endless loop, but should be kept in mind when someone wants to programm rendering a gantt chart.
E.g. by limiting the depth of subtasks for example.

 2080 User InterfaceFeature RequestMedium Unfinished UI for task list secondary sort setting Closed
100%
peterdd1.0129.10.201512.11.2015 Task Description

In the Look and Feel settings for a project, there’s a grayed out setting that says:

[[defaultorderby2]] (not implemented yet)

For a proper release this should be either implemented or removed from the UI.

It would be great to have this implemented, because without it I can’t seem to get the same good sorting I had in 0.9.9.6. In that version I had tasks sorted by severity and then newest open date first, but in 1.0-beta2 if I sort by severity I now get oldest open date first.

2078User InterfaceBug ReportMediumlayout of requested close on small displaysNew
0%
1.026.10.201529.10.2015
2075NotificationsBug ReportHighToo spammy notifications under some circumstancesRequires testing
40%
1.019.10.201503.11.2015
2074User InterfaceBug ReportMediumOpening tasks from tasklistNew
0%
1.0318.10.201518.07.2016
 2051 Backend/CoreBug ReportCritical During upgrade need to set reasonable defaults for any  ...Closed
100%
1.0612.09.201502.03.2016
2044Database QueriesBug ReportHighNeed set_charset for DB connect in config fileConfirmed
10%
1.019204.09.201506.06.2018
2040Installer and UpgraderInformationMediumFS1.0 Release buildsConfirmed
20%
1.0523.08.201517.04.2019
2039Installer and UpgraderTODOLowReview INSTALL, README, documentation files for release...New
30%
1.023.08.201509.04.2016
 2035 Backend/CoreBug ReportMedium permissions in project should overwrite those from glob ...Closed
100%
peterdd1.0320.08.201527.10.2015
 2027 User InterfaceBug ReportMedium missing abort button on 'edit comment' Closed
100%
1.012.08.201509.09.2015
 2026 Backend/CoreBug ReportMedium 'add a link' on comment broken Closed
100%
1.0112.08.201523.08.2015
 2015 NotificationsBug ReportMedium notification if category was changed Closed
100%
Jouni Ahto1.0122.07.201531.07.2015
 1996 User InterfaceBug ReportLow readd ajax_load.gif to CleanFS/ Closed
100%
Jordan MendlerPsychokiller18881.0204.06.201517.11.2015
1978User InterfaceBug ReportLowCompensate degraded usability due added token system an...Confirmed
50%
1.0516.03.201512.10.2015
 1963 Backend/CoreTODOLow Review/Test current source for 1.0 with .htaccess Rewr ...Closed
100%
Psychokiller18881.0311.03.201511.02.2016
 1954 EmailTODOHigh Change "No HTML in E-Mails" Option  Closed
100%
Jouni Ahtopeterdd1.01607.03.201523.04.2015
 1953 Backend/CoreBug ReportLow do form actions first, then build the anwser page Closed
100%
1.0207.03.201520.03.2015
 1952 Backend/CoreBug ReportMedium Funniest bug ever - shooting in the foot Closed
100%
peterdd1.007.03.201507.03.2015
 1951 User InterfaceFeature RequestLow Show profile image on user page Closed
100%
Psychokiller18881.007.03.201507.03.2015
1950User InterfaceTODOMediumSolve confusing Flyspray group settings vs Project grou...Confirmed
50%
1.0907.03.201511.11.2015
 1845 User InterfaceBug ReportLow Support for short user name Closed
100%
peterdd1.0112.03.201307.03.2015
 1841 User InterfaceBug ReportLow "created user" in event log leads to "This task does no ...Closed
100%
peterdd1.0105.03.201323.04.2015
 1822 Database QueriesFeature RequestMedium No voting for own tasks Closed
100%
1.02124.01.201306.03.2015
 1799 Backend/CoreBug ReportLow Default Sort Option Closed
100%
Psychokiller18881.0213.12.201210.03.2015
 1764 Backend/CoreBug ReportLow PostgreSQL: No activity graphs displayed Closed
100%
Jouni Ahto1.0113.08.201222.04.2015
 1591 Backend/CoreBug ReportLow PostgreSQL Advanced Search is Case-Sensitive; MySQL is  ...Closed
100%
Jouni Ahto1.0203.08.200919.03.2015
Showing tasks 1 - 50 of 52 Page 1 of 2

Available keyboard shortcuts

Tasklist

Task Details

Task Editing