/
ChangeLog
1409 lines (1299 loc) · 90.6 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Mantis ChangeLog
2004.08.xx - 0.19.0xx
- 0004186: [upgrade] Some upgrade scripts do not read table names from config (jlatour)
- 0004043: [email] Preference to exclude old bugnotes from notification (Bastian Pfennigschmidt)
- 0004279: [bugtracker] My View makes bad use of available space (tazza70)
- 0003689: [bugtracker] index.php is sending wrong HTTP header if not logged in (jlatour)
- 0004193: [bugtracker] Broaden the ldap features to work with Active Directory (alf)
- 0004133: [filters] "Summary stats are links to filters for view_all_bugs" feature is broken (jlatour)
- 0004268: [security] cross site scripting issue (jlatour)
- 0004267: [security] cross site scripting issue (jlatour)
- 0004266: [feature] Update project documentation file (Bastian Pfenningschmidt)
- 0004062: [security] Multiple Cross Site Scripting Vulnerabilities (vboctor)
- 0003371: [feature] CVS Integration - general source control integration implemented (vboctor)
- 0004137: [feature] Support a simple "view" URL (vboctor)
- 0004145: [feature] Mantis pages should have descriptive titles (vboctor)
- 0004185: [customization] Support custom menu options (vboctor)
- 0003975: [email] Realname vs username in email history (thraxisp)
- 0003880: [filters] Ordering doesnt take last_updated into account (narcissus)
- 0003928: [filters] 'Copy Issue' was not copying attachments (narcissus)
- 0003945: [filters] Give the ability to "Update Fixed in Version" in view_all_bug_page.php (narcissus)
- 0004073: [filters] Edit filter page now too wide. 'Apply filter' button is drawn off screen (narcissus)
- 0004093: [filters] Custom field values are a larger type size in view_all_bug_page (narcissus)
- 0004108: [filters] "Use Date Filters" in advanced filters (narcissus)
- 0004121: [filters] Filters saved while "All Projects" is the active project (narcissus)
- 0004125: [filters] In the advanced page, "any" should be selected by default for all search criteria (narcissus)
- 0004150: [filters] Custom field names are not localised in filters (vboctor)
- 0004183: [filters] HTML entities in search text (narcissus)
- 0004207: [filters] Mantis forgets user filter after logout (narcissus)
- 0004122: [relationships] Upgrade script seems to swap the duplicate relationship (masc)
- 0004146: [relationships] Summary doesn't unescape(?) characters (masc)
- 0004161: [relationships] Relations to private issues must only appear to user with appropriate access level (masc)
- 0004083: [sponsorships] Users without email address must not be able to sponsor issues (thraxisp)
- 0002861: [bugtracker] misleading 'copyright' at the pages' bottom (vboctor)
- 0003710: [bugtracker] time stats in summary to use resolved (thraxisp)
- 0003772: [bugtracker] Status updating should be different from bug updating (thraxisp)
- 0004031: [bugtracker] Hiding/removing fixed_in_versions (thraxisp)
- 0004138: [bugtracker] Add validation / notifications hooks for issue create/update/delete (thraxisp)
- 0004154: [bugtracker] "Product version" and "Fixed in Version" do not get updated on rename (vboctor)
- 0004160: [bugtracker] Javascript error in the issue view pages (vboctor)
- 0004175: [bugtracker] Links are not hyperlinked properly if containing '[' or ']' (vboctor)
- 0004182: [bugtracker] print_all_bug_page should show all issues matching current filter (vboctor)
- 0003970: [bugtracker] Reopen issue logic was broken for custom reopen statuses (thraxisp)
- 0004275: [bugtracker] Relationship warning is now missing when a bus is resolved/closed (thraxisp)
- 0004255: [localization] Wrong value of $g_language_auto_map (vboctor)
- 0004293: [localization] Lang variable names broken (thraxisp)
- 0003714: [upgrade] Please add in a way to transfer attachments from the database to disk (thraxisp)
- 0004078: [upgrade] Script to import the value of a custom field to a native field (thraxisp)
- 0003483: [upgrade] some admin users permissions not completly upgraded from 0.17.5 to 0.18.0 (thraxisp)
- 0003877: [email] Upgrade to PHPMailer 1.72 (vboctor)
- 0002220: [installation] usage of consistent naming schema for images (vboctor)
- 0003307: [installation] check.php always checks mail() rather than the config (thraxisp)
- 0004163: [other] Unreadable error messages in some languages (vboctor)
- 0004222: [sql] Should mantis_project_category_table.user_id be UNSIGNED? (vboctor)
- New Config: main_menu_custom_options (default empty) - Allow addition of custom menu options to main menu (vboctor)
- New Config: show_realname (default OFF) - show realname in all places instead of username (thraxisp)
- Updated German, French, Brazilian Portuguese, japanese_euc, japanese_sjis, Korean, Russian and japanese_utf8 language.
- Added Slovene language.
2004.07.20 - 0.19.0a2
This is the second alpha release for 0.19.0a, if there is not much issues with it then rc1 will probably follow. The main features in this release are issue relationships and simple workflow control. Also version handling was almost re-implemented to support released vs. future versions and also allow adding a description to versions.
- 0004018: [security] Real name field allows potentially dangerous HTML (int2str)
- 0004044: [security] Cross Site Scripting Vulnerability (int2str)
- 0003969: [feature] Issue Relationships Support (masc)
- 0003984: [feature] Support definining and enforcing custom workflow (thraxisp)
- 0004057: [feature] Add "notes" for versions (VictorBoctor)
- 0003974: [feature] Make Mantis issues searchable by Search Engine (int2str)
- 0004016: [feature] Automatic language selection based on browser preferences (int2str)
- 0004066: [feature] Support "future" versions and a description field (VictorBoctor)
- 0001210: [feature] Project Version could use some more details!!! (VictorBoctor)
- 0004120: [feature] Add issue id before summary in issue view pages (VictorBoctor)
- 0004104: [feature] Product Version Field in simple View (VictorBoctor)
- 0004118: [filters] Make filter display at top of View Issues collapsible (VictorBoctor)
- 0004071: [filters] advanced filtering with status=any fails (Narcissus)
- 0003804: [filters] Add ability to filter by view state (private/public) (Narcissus)
- 0003944: [filters] Give the ability to filter on : Fixed in Version value (Narcissus)
- 0003805: [filters] Add ability to filter on bugs monitored by a user (Narcissus)
- 0004027: [filters] Database query error in 0.19 alpha1 (Narcissus)
- 0004088: [filters] My View: Unassigned block shows assigned items (Narcissus)
- 0004021: [bugtracker] The filter section is duplicated on the print page (tazza70)
- 0003993: [bugtracker] String missing in strings_english.txt file (email title on updated bug) (VictorBoctor)
- 0003275: [bugtracker] Low priority is not marked in list of bugs (VictorBoctor)
- 0003996: [bugtracker] My View: how about monitored by me? (tazza70)
- 0004052: [bugtracker] Not all the buttons are marked as class="button" (VictorBoctor)
- 0004036: [bugtracker] Changelog should not display versions with no issues (VictorBoctor)
- 0004020: [bugtracker] Database field 'realname' not found after plain installation (VictorBoctor)
- 0004041: [sponsorships] Empty "Users sponsoring this issue" (VictorBoctor)
- 0004040: [sponsorships] Sponsorship timestamp is not displayed correctly in sponsorship list (VictorBoctor)
- 0004038: [sponsorships] Add icon to sponsorships to attract attention (VictorBoctor)
- 0004053: [localization] Italian - Missing $s_monitored_by (VictorBoctor)
- 0004014: [localization] Italian Version: Build Translated as Version (VictorBoctor)
- 0004017: [localization] Random translations popping up (int2str)
- 0004056: [custom fields] Displaying/Reporting Issue -> Application Warning - lang_exists() missing arg 2 (VictorBoctor)
- 0004081: [upgrade] mantis_upgrade_table.upgrade_id too small (VictorBoctor)
- 0004072: [webpage] Make sponsorships and relationships collapsible (int2str)
- 0004065: [other] Issues are not hyperlinked in Changelog if $g_bug_link_tag is not # (VictorBoctor)
- 0004064: [other] Links are not hyperlinked properly if containing '(' or ')' (VictorBoctor)
- 0004005: [other] signup for new account - invalid username generates crash (int2str)
- New Config: fallback_language (default 'english') - Fallback language for automatic language selection.
- New Config: status_enum_workflow (default disabled) - Defines the workflow to indicate what are the possible statuses based on the current one.
- Updated German, Italian, Russian, Czech and Brazilian Portuguese languages.
2004.07.07 - 0.19.0a1
This is an alpha version of 0.19.0, it is not recommended for production use. Users are encouraged to test it on a backup copy of their data and provide feedback to development team.
Users installing Mantis for the first time should sql/db_generate.sql to create the database, then run the http://www.example.com/mantis/admin and run the upgrade scripts. Already existing users will need to backup their database, then run upgrade.
* Enh #0000: Change of terminology, replaced "bug" with "issue" [first step in #2710].
* Enh #0000: Generate one email per user. Stage #2 (minor send mail optimization - used kept alive SMTP connection).
* Enh #0000: phpMailer 1.71 has been included to Mantis distribution, all the mails are sent now only by phpMailer.
* Enh #0000: Mass issue manipulation (move, delete, etc.) page now shows list of selected issues.
* Enh #2200: Add Version to simple bug pages.
* Enh #3152: Adding notes and documents to resolved bugs.
* Enh #3164: Added "fixed in version" field, set when resolving a bug.
* Enh #3300: Add global defaults for priotity and severity of new bugs.
* Enh #3302: Add global defaults for view state.
* Enh #3505: Add a Bugnote to a resolved bug.
* Enh #3519: Advanced filtering with multiple selections.
* Enh #3620: Redesigned filter interface.
* Enh #3633: Experimental support for MSSQL, PgSQL and other databases using ADODB.
* Enh #3638: The bugtracker should be able to produce a changelog.
* Enh #3662: Provide more config vars to control viewing/downloading/deleting bug attachments.
* Enh #3663: Remember filter settings for each project.
* Enh #3676: Use status threshold rather than hide resolved/closed in filter.
* Enh #3688: Add threshold for changing the bug/bugnote view status.
* Enh #3690: Request for directly setting reminders private.
* Enh #3713: Allow users to set severity levels along with email preferences.
* Enh #3735: New CSS class for HTML Form Buttons
* Enh #3739: Portal for viewing bug status lists and summaries after login.
* Enh #3765: Change title on bug details page to bug summary line.
* Enh #3801: Add "myself" meta filter options.
* Enh #3802: Auto-use filter selection on change.
* Enh #3808: Ability to sponsor (fund) a bug or feature request.
* Enh #3811: Allow private flag to be unset on resolved bugs.
* Enh #3841: Add real name ability to mantis.
* Enh #3867: Give the user control whether to open hyperlink in new or current window.
* Enh #3870: Support for custom functions which provides hooks for customizing behaviour.
* Enh #3881: Replace "Hide Status" with "Status" in advanced filter.
* Enh #3918: Allow restricting filter views to advanced or simple.
* Enh #3925: New bug group action: Copy.
* Fix #3094: Switching projects clears filter values.
* Fix #3159: Allow case of user name to be changed. Also fixed bug where database error was displayed when trying to create user "TeSt" when user "Test" already exists.
* Fix #3397: Delete notification should be off when deleting a project.
* Fix #3473: g_bug_resolved_status_threshold variable ignored.
* Fix #3504: project cookie not cleared at logout
* Fix #3567: Reminders can be added for a readonly bug.
* Fix #3578: Word 2000 reports "The dimensions after resizing are too small or too large." trying to open word document from Mantis
* Fix #3622: Tweak attachment SQL in print bug pages.
* Fix #3629: Duplicate Error ID.
* Fix #3641: 'Date submited' in reports is always '12-31-69'.
* Fix #3723: No ability to edit or even delete news is associated project was deleted.
* Fix #3781: Fixed external URL in admin/check.php
* Fix #3806: Timestamp in project management page (Version management section) isn't shown as configured
* Fix #3824: Private bug reports and bugnotes are sent out as notifications to everyone.
* Fix #3826: Allow case of project name to be changed.
* Fix #3837: Bugs can be edited after being closed.
* Fix #3840: Why strip the leading spaces from Description? (applied to all multi-line fields in issue + issue notes).
* Fix #3851: Ability to change the view status for a group of bugs
* Fix #3852: OK button in View Issues page is not localised
* Fix #3866: URLs that include bookmark are not hyperlinked correctly.
* Fix #3879: Empty entry in project select field can cause bugs to be moved to non-existing project.
* Fix #3886: Custom HTML page title not displayed.
* Fix #3920: Two missing graphs in advanced summary.
* Fix #3923: "By Developer" and "By Reporter" graphs rewritten to reduce SQL impact.
* Fix #3924: Graphs did not show query counts when flag was set.
* Fix #3937: Custom field filters now only show those values relevant to the selected project.
* Fix #3951: Add Bugnote - Link.
* Fix #3957: IIS had issues with serialised filters in redirects.
* Fix #4012: Problem with Custom Fields in Report.
* New Config: set_view_status_threshold (default REPORTER) - threshold needed to set the view status while reporting a bug / bugnote.
* New Config: change_view_status_threshold (default UPDATER) - threshold needed to update the view status while updating a bug / bugnote.
* New Config: view_handler_threshold (default VIEWER) - threshold needed to view the bug handler (now works for emails only).
* New Config: view_history_threshold (default VIEWER) - threshold needed to view the bug history (now works for emails only).
* New Config: view_attachments_threshold (default VIEWER). Access level needed to view bugs attachments. View means to see the file names sizes, and timestamps of the attachments.
* New Config: download_attachments_threshold (default VIEWER). Access level needed to download bug attachments.
* New Config: delete_attachments_threshold (default DEVELOPER). Access level needed to delete bug attachments.
* New Config: allow_view_own_attachments (default ON). Allow users to view attachments uploaded by themselves even if their access level is below view_attachments_threshold.
* New Config: allow_download_own_attachments (default ON). Allow users to download attachments uploaded by themselves even if their access level is below download_attachments_threshold.
* New Config: allow_delete_own_attachments (default OFF). Allow users to delete attachments uploaded by themselves even if their access level is below delete_attachments_threshold.
* New Config: default_bug_view_status (default VS_PUBLIC). Default view status for bugs.
* New Config: default_bugnote_view_status (default VS_PUBLIC). Default view status for bugnotes.
* New Config: default_reminder_view_status (default VS_PUBLIC). Default view status for reminders.
* New Config: stored_query_use_threshold (default REPORTER). Threshold needed to be able to use stored queries.
* New Config: stored_query_create_threshold (default DEVELOPER). Threshold needed to be able to create stored queries.
* New Config: stored_query_create_shared_threshold (default MANAGER). Threshold needed to be able to create shared stored queries.
* New Config: hide_status_default (default CLOSED). Default minimum status to hide in filters.
* New Config: enable_sponsorship (default OFF). Whether to enable/disable the whole issue sponsorship feature.
* New Config: sponsorship_currency (default US$). Currency used for all sponsorships.
* New Config: view_sponsorship_total_threshold (default VIEWER). Access level threshold needed to view the total sponsorship for an issue by all users.
* New Config: view_sponsorship_details_threshold (default VIEWER). Access level threshold needed to view the users sponsoring an issue and the sponsorship amount for each.
* New Config: sponsor_threshold (default REPORTER). Access level threshold needed to allow user to sponsor issues.
* New Config: handle_sponsored_bugs_threshold (default DEVELOPER). Access level required to be able to handle sponsored issues.
* New Config: assign_sponsored_bugs_threshold (default MANAGER). Access level required to be able to assign a sponsored issue to a user with access level greater or equal to 'handle_sponsored_bugs_threshold'.
* New Config: minimum_sponsorship_amount (default 5). Minimum sponsorship amount. If the user enters a value less than this, an error will be prompted.
* New Config: mantis_sponsorship_table (default mantis_sponsorship_table). Name of table containing issue sponsorship information.
* New Config: bug_readonly_status_threshold (default RESOLVED). Status threshold after which the issue is considered readonly.
* New Config: update_readonly_bug_threshold (default MANAGER). Status threshold after which the user is allowed to edit readonly issues.
* New Config: view_changelog_threshold (default VIEWER). Status threshold after which the user is allowed to view the changelog. The changelog will include private issues only if user has the approach access level.
* New Config: view_filters (default SIMPLE_DEFAULT) - Default filter view.
* New Config: default_home_page (default my view page): Default page after Login.
* New Config: my_view_bug_count (default 10): Number of bugs shown in each box.
* New Config: my_view_boxes: My view boxes to be shown and their order.
* Removed config option (use_phpMailer): phpMailer has always been used
* Removed config option (phpMailer_path): phpMailer has been included to Mantis distribution
* Removed config option (use_x_priority): phpMailer always puts X-Priority header
* Removed config option (hide_closed_default): Replaced by hide_status_default
* Languages: Updated German, Polish, Czech, Danish, Estonian, Japanese (EUC and SJIS), Serbian, Spanish, Italian, Brazilian Portuguese and Simplified Chinese localisations.
2004.05.12 - 0.18.3
* Sec #3660: Ability to execute arbitrary SQL statement if register_globals = ON.
* Sec #3661: A logged in user can download any bug attachment or project document.
* Enh #3262: CSV export does not export the category column.
* Enh #3264: CSV export should export the resolution.
* Enh #3287: Projectname on CSV export.
* Enh #3346: CSV extract should output more data, e.g., Date Submitted, other data that would allow better analysis of data trends.
* Fix #3259: Saving CSV file of bugs containning double quotes causes invalid csv.
* Fix #3635: status_resolved in email_api should be resolved.
* Fix #3646: Error in core/obsolete.php.
* Fix #3691: Parse error in Romanian localisation.
* Fix #3728: CSV export shows " instead of real quotes in bug title.
* Fix #3795: Resolve should not overwrite handler, if already set.
* Fix #0000: Re-generated the FAQ and fixed the hyperlinks (the contents of the FAQ may not be up to date)
2004.02.29 - 0.18.2
* Sec #3595: bug_view_page.php: restricted custom fields are shown.
* Sec #3596: print_bugnote_inc.php: private bugnotes are visible for not granted users (thanks to yarik123).
* Sec #3611: Mask passwords when printing detailed error information.
* Enh #1088: Formatting of text in bugnotes, description areas.
* Enh #1649: Replace 'Assign to Me' with 'Assign To:' and dropdown of developers.
* Enh #3362: Generic email notifications.
* Enh #3548: Support RSS for news syndication.
* Enh #3552: Improved layout of Summary page and added 'Reporter / Resolution', 'Developer / Resolution' and 'Reporter Effectiveness' reports. (thanks to Lincoln Maskey)
* Enh #3564: In anonymous mode, login should remember the current page.
* Enh #3609: Added new configuration variable $g_enable_project_documentation with default value ON to enable/disable project documentation feature.
* Fix #1479: Users receive foreign-language e-mail. Now it is used default language for all e-mails.
* Fix #3077: Inconsistency: "Assigned To" versus "Handler".
* Fix #3118: My Account: after update of password, wrong information is given.
* Fix #3135: Changing Print-Options does not work.
* Fix #3440: "Allowed File Types" is case sensitive (also applies to disallowed file types).
* Fix #3522: /news_update.php looks different from /main_page.php.
* Fix #3537: Rewriting custom values with 0 when updating a bug.
* Fix #3539: Simple view page shows advanced custom fields.
* Fix #3541: Link to documentation refers to old website.
* Fix #3568: Monitor deleted bugs? [monitor records are not deleted on bug deletion]
* Fix #3569: Wrong number of search results displayed
* Fix #3572: The summary_graph_imp_* pages have shortcut PHP tags.
* Fix #3577: Unselecting custom fields causes undesired break lines in Excel.
* Fix #3579: In the German localisation, $s_reset_request_msg was incorrectly terminated.
* Fix #3590: News displayed wrong in Firebird/Firefox.
* Fix #3594: Incorrect encoding for Turkish localization.
* Fix #3597: Custom fields names are not translated in email (thanks to yarik123).
* Fix #3598: Bug history: consuming custom fields or not?
* Fix #3602: Problems with Mantis 0.18.1 localization (partial fix).
* Languages: Added Lithuanian and Serbian localisations.
* Languages: Updated Chinese (simplified), Danish, French, German, Korean, Latvian, Norwegian, Portuguese, Spanish and Swedish localisations.
* Mantis website moved to http://www.mantisbt.org
2004.02.06 - 0.18.1
* Sec #3137: By default, every installation has an admin account with a known login cookie value. This value is now generated at installation time.
* Sec #3445: User see all information from all projects (if user has access to 0 projects)
* Enh #2811: Anonymous mode issues (auto login for anonymous users + other issues).
* Fix #2668: Proxy incorrectly presents cached output to other users.
* Fix #3028: Mailer produces errors if there are no recipients, and use_bcc is set to ON.
* Fix #3069: Proxy server incorrectly caches output of 'View All Bugs'
* Fix #3177: Switching project in advanced summary changes current page.
* Fix #3210: bug_view_advanced_page.php (and simple) doesn't show the project name.
* Fix #3324: Win32: Call to undefined function: getmxrr() [default to OFF].
* Fix #3396: Database upgrade scripts that tried to add a unique key failed if duplicate entries existed.
* Fix #3400: Reopen a 'closed' bug, the value of 'resolution' is 'reopen' and can't be changed (now resolution / duplicate id can be edited)
* Fix #3449: Database upgrade script fails to detect some existing columns.
* Fix #3450: Certain database upgrade scripts fail if table already exists.
* Fix #3467: Delete user ends up at user not found error.
* Fix #3475: Reopen bug to custom status possibility.
* Fix #3479: Reset account preferences of a user results in reset administrators (current) account.
* Fix #3493: Missing string $s_bug_deleted in German (and some other) translation
* Fix #3495: Warning even if administrator account is disabled.
* Fix #3501: No output for print_all_bug_page.php when status=closed, and Hide Status Closed is selected.
* Fix #3506: PHP error if "duplicate id" refers to a bug that does not exist.
* Fix #3525: Priority field incorrectly shown on Simple Report page.
* Fix #3526: Custom field regular expression doesn't prevent invalid bug entry.
* Fix #3530: Custom fields definitions are not validated.
* Opt #0000: Added an index on bug_id field in the mantis_bug_file_table.
* Opt #0000: Removed filtering code redundancy in print report pages (thanks to Lincoln Maskey)
* Languages: Updated Dutch localisation.
* Updated copyright to include 2004
2003.12.08 - 0.18.0
* Fix #3207: LDAP mail lookup was looking for the 'email' attribute instead of the 'mail' attribute.
* Enh #3335: Added Estonian Language (thanks to Villem Vannas).
* Fix #3310: Sorting of projects in menu bar.
* Fix #3330: "Required" fields on Account Profile page.
* Fix #3333: Support PHPMailer v1.7x.
* Fix #3334: Invalid links in bug reminder emails.
* Fix #3353: History not updated in bug deletion email.
* Fix #3389: Problems upgrading existing users to administrator.
* Fix #3417: Setting $g_manage_news_threshold to 'DEVELOPER' can't add new news.
* Fix #3421: Users except admin can 'see' the projects disabled on the project bar.
* Sec #0000: Various Cross-Site Scripting vulnerabilities fixed (thanks to Paul Richards).
* Languages: Updated French localisation.
2003.08.24 - 0.18.0rc1
* Enh #0000: New config option(user_login_valid_regex): regular expression used to validate new login names
* Enh #0000: Added error_proceed_url() to allow pages to give a url to proceed to after displaying the next error
* Enh #0000: Implemented parameterized error messages. Error strings are passed through sprintf() and are parameterized with the values given to error_parameters()
* Enh #0000: Allow spaces and hyphens in login names.
* Enh #0000: Optimized the database query in file_list_attachments() to improve performance of viewing bugs with large attachments.
* Enh #2377: Index user names in manage user page by letters (added config option default_manage_user_prefix).
* Enh #2517: Security Warnings [on login page if admin folder is accessible, administrator/root account enabled, or PLAIN passwords used].
* Enh #2981: Resolution in overview (show resolution in View Bugs page).
* Enh #3088: Show file attachment indicator on bug list page.
* Enh #3240: Show last login date in the main page.
* Enh #3242: Show bugnote add form before bugnotes to minimize the scroll needed to add a note.
* Enh #3244: Add bug status to the autogenerated bug view link tooltips.
* Enh #3272: Bugnote links in view_all_inc now are painted in a 'not visited' color when there are new notes.
* Security Fix #0000: All bugs were displayed if "All Projects" is selected and user has access to no projects.
* Fix #0000: Part of filenames with '-'s were being cut off.
* Fix #0000: Improved adherance to the XHTML standard.
* Fix #0000: A bug in the handling of the case where a user who does not have access to a private project, but has access level >= private_project_threshold.
* Fix #0000: Problem in filtering on reporter = 'any' in the print pages.
* Fix #2992: Unable to attach files to bugs on Windows servers with magic quotes ON.
* Fix #2999: Only administrators to can (to private) projects.
* Fix #3027: History summary a little bit too wide in emails.
* Fix #3064: View bug buttons in vertical column
* Fix #3072: Attached file should be opened up in a new browser window.
* Fix #3076: Bug reports are added to the "wrong" project.
* Fix #3079: Error when using phpMailer.
* Fix #3080: Project menu bar shows extra links.
* Fix #3089: Hide link to Profiles management on account page based on access level.
* Fix #3092: Problem changing printing prefs.
* Fix #3097: App Error 700 in project_api.php when viewing certain bugs.
* Fix #3108: No custom fields are shown in the details, if you are in "All Projects"
* Fix #3109: Error when adding protected users.
* Fix #3110: "Print reports" preview in explorer is not possible unless you select "Display selected only"
* Fix #3111: Bug links in bugnotes do not contain the FQDN as they do in the full reference.
* Fix #3115: manage_proj_cat_edit_page.php uses the wrong project id.
* Fix #3120: Missing "Assign To" field on "Report Bug" screen.
* Fix #3121: When creating a bug that has custom fields, the values for the custom fields are not sent out in the email.
* Fix #3124: view_bugs: a reporter has the drop-down box of actions, but doesn't have the checkboxes.
* Fix #3132: Email for feedback does not contain the last bugnote
* Fix #3140: attachment.png is corrupt in CVS.
* Fix #3143: Show a padlock instead of "p".
* Fix #3155: Field 'date_added' (for attachments) not correctly printed in print_bug_page.php.
* Fix #3175: Login fails when saved password is PLAIN and login_method is not PLAIN.
* Fix #3186: $t_protocol not set right (PHP 4.3.0/Netscape Enterprise 6.1/Linux installation with Mozilla client).
* Fix #3218: Version vs. Product version confusing (renamed Version to OS Version in advanced pages - English language).
* Fix #3219: Unnecesary DISTINCT SQL function call made the view_all_bugs query fail with older MySQL releases.
* Fix #3214: Private projects links get replaced by public project links.
* Fix #3225: Row with the "private" checkbox hasn't got a colspan of 6.
* Fix #3231: Redirect problem when user clicks on a bug link while not logged in.
* Fix #3230: German translation [corrections].
* Fix #3232: Signup or password reset emails were not being sent if email notifications were turned off
* Fix #3252: Category not selected on update if "&" is used in category name.
* Fix #3266: Possible patches against CVS (Not all changes were applied, see bug for details)
* Enh #3276: Add bugnote numbering and the ability to link to bugnotes directly using configured tags like with buglinks
* Fix #3292: Exporting csv results in "cannot modify header" error.
* Fix #3295: $g_limit_reporters doesn't work.
* Fix #3306: PHP error if unable to connect to database.
* Languages: Updated Italian, German, Spanish, Slovak, Swedish, French and Dutch localisations.
* Languages: Synchronised localisation files with English localisation.
* Added Mantis FAQ to documentation folder.
* Mantis Manual is now available online at http://mantisbt.sourceforge.net/manual/
2003.03.22 - 0.18.0a4
* Check whether other forms of compression are enabled before we turn on ob_gzhandler() in our output handler. This should hopefully avoid problems people have had with blank pages resulting from compression problems.
* Remove "show source" functionality which was a security hole and of little use
* Languages: Updated Italian and Dutch localisations.
* Languages: Added Slovak localisation.
* Languages: Synchronised localisation files with English localisation.
* Languages: Changed code page of Czech translation.
* Enhancement: Added bug summary by project on summary page (#1759).
* Enhancement: Reduced number of SQL queries on summary page (#3046).
* Enhancement: Field names in bug history are now localized.
* Enhancement: g_use_iis default value is now based on auto-detection of IIS servers. Before it was defaulted to OFF.
* Fix: 'Display selected only' on print bugs page fixed.
* Fix: 'Hide resolved' now also works for report printing and export.
* Fix: Do not call custom_field_set_value() in bug report and bug update if user has no write access.
* Fix: Printing context in case of errors is not working properly (a lot of notices are generated).
* Fix #2626: $g_primary_table_tags is documented and in config files but never used
* Fix #2839: 'Join incorrect in print_reporter_options and print_assign_to_option_list'
* Fix #2902: Project name is not printed on bug list report.
* Fix #2953: 'View all bugs page empty'. We now disabled compression if zlib isn't available to php. See notes in the config_defaults_inc.php for information on enabling zlib on Windows.
* Fix #3011: 'Hide resolved' flag is now preserved when re-sorting bug list.
* Fix #3019: Application Error 200 after updating a bug.
* Fix #3020: Error when deleting a bug with bugnotes.
* Fix #3021: Error when using phpMailer.
* Fix #3022: Add user to project form lists disabled users.
* Fix #3047: Manually assigned developers cannot resolve in All Projects view.
* Fix #3050: Setting Assigned To to null causes Status to change to assigned
* Fix #3055: (Non-email) URLs containing '@' characters are now linked correctly.
* Fix #3058: Clicking on view_all_bug_page.php results in 'file download' popup.
* Fix #3062: category, version option lists (and custom fields/reporter/assign to) populated from current project rather than bug category.
2003.02.26 - 0.18.0a3
* Behaviour change: allow bug IDs to get replaced when they are preceeded by any character that is not a letter, a number, or an underscore instead of requiring them to be preceeded by whitespace
* Enhancement: Added "Hide resolved" functionality to bug list page.
* Enhancement: When an enumeration is not found, display @<enumid>@ instead of @null@.
* Enhancement: Added file type icons next to project documents and bug file attachments. Also provided a set of standard icons.
* Enhancement: Added a section to the bug view pages that lists the users that are monitoring the current bug.
* Enhancement: Improved the layout of the "Send a reminder" form.
* Fix: META redirects were not XHTML-compliant
* Fix: $g_lang_current was not available to custom_strings_inc.php
* Fix: reduced the executed number of queries throughout the interface
* Fix: improved handling of bad cookies (you now get a chance to log in again)
* Fix: Added the removal of invalid history entries that were added due to escaping errors to the string escaping fixes.
* Fix: Improve speed of actions that trigger email sends by reducing the number of queries by 200x (20,000%). Queries when sending emails are now linear to the number of users receiving the email instead of the number of users in the system.
* Fix: error deleting bug files fixed
* Fix: display logical filename rather than file system filename for project documents in project document edit page.
* Fix #838: Show attached images as images instead of links.
* Fix #2075: Mantis does not correctly display images when they are clicked ( $g_file_upload_method = DATABASE ).
* Fix #2939: Confusing file names for uploaded project documents.
* Fix #2940: Error when uploading document with no upload path.
* Fix #2944: Project files are not deleted when project is deleted.
* Fix #2953: View all bugs page empty (temporary fix by disabling compression when running on an IIS server).
* Fix #2954: Bgcolor attribute on TD in view_all_bug_page (moved to TR) [optimisation]
* Fix #2956: db_insert_id() did not use mysql_insert_id(), but executed another query (which is probably slower)
* Fix #2961: A disabled project can not be the currently selected project
* Fix #2964: proj_doc_add.php is empty if document file already exists
* Fix #2967: Make bugnotes visible while updating bugs (updating, resolving, and closing)
* Fix #2968: Add query counts to action pages.
* Fix #2969: Bug not found error when deleting a bugnote.
* Fix #2970: Sending a reminder sends two notifications.
* Fix #2974: Message "APPLICATION WARNING #300" on main page.
* Fix #2975: 'date modified' column of bug history in email is to tight.
* Fix #2976: Incorrect handling of URLs.
* Fix #2978: URLs not hyperlinked in news_add page.
* Fix #2980: Escaping fixes are not applied to the bug history table.
* Fix #2982: Having email_set_category set to EMAIL_CATEGORY_PROJECT_CATEGORY erased various mail headers.
* Fix #2989: Allow managers to manage bugnotes.
* Fix #2992: Unable to attach files to bugs (or documents to projects) [applicable to Windows servers]
* Fix #2993: Read/Write access levels not checked in custom fields.
* Fix #2997: 'Trouble assigning a user to a project from the Manage Account'
* Fix #3001: Users cannot delete/edit their own bugnotes.
* Fix #3005: custom_field_api.php does not work with PHP 4.0.6.
* DB Upgrade: Added "id" primary key to bug history table (needed for #2980).
* Languages: Updated German localisation.
* Languages: Synchronised localisations with English
* Changed config option (default_notify_flags): remove 'admin', 'manager', and 'threshold' categories and add 'threshold_min' and 'threshold_max'
* New config option (bugnote_allow_user_edit_delete): controls whether users are allowed to edit or delete their own bugnotes.
* New config option (email_receive_own): controls whether users receive emails for changes they make
* New config option (display_project_padding): controls the level of padding on project ids
* New config option (display_bug_padding): controls the level of padding on bug ids
* New config option (display_bugnote_padding): controls the level of padding on bugnote ids
* New config option (file_type_icons): provides mapping between file extensions and icons to be used for file types.
* New config option (show_monitor_list_threshold): threshold needed to view the list of users monitoring a bug.
* New config option (document_files_prefix): prefix to be used for file system names for documents uploaded to projects (eg: doc-001-myprojdoc.zip when using prefix 'doc').
* New config option (preview_attachments_inline_max_size): Configure the maximum size for an attachment to be viewed inline. (needed by #838)
* Removed config option (bugnote_include_file): Used file path directly since there is no reason to make it configurable.
* Removed config option (bugnote_view_include_file): Used file path directly since there is no reason to make it configurable.
* Removed config option (bugnote_add_include_file): Used file path directly since there is no reason to make it configurable.
* Removed config option (history_include_file): Used file path directly since there is no reason to make it configurable.
* Removed config option (print_bugnote_include_file): Used file path directly since there is no reason to make it configurable.
* Removed config option (view_all_include_file): Used file path directly since there is no reason to make it configurable.
* Removed config option (bug_view_inc): Used file path directly since there is no reason to make it configurable.
* Removed config option (bug_file_upload_inc): Used file path directly since there is no reason to make it configurable.
2003.02.19 - 0.18.0a2
* Behaviour change: Project documentation is now sorted by title
* Enhancement: Project name is shown in print_bug_page
* Fix: #2938: 'Double quotes not handled correctly in manage_custom_field_edit_page'
* Fix: handle special characters correctly in the rest of the manage_custom_field_* pages
* Fix: #2937: 'Double quotes not handled correctly in version names'
* Fix: #2936: 'SYSTEM WARNING: ob_gzhandler() used twice'
* Fix: #2941: Checking that project upload path exists and is writable to webserver
* Fix: #2943: Document title should be mandatory
* Fix: #2949: News title and body should be mandatory.
* Fix: #2952: Email address of news poster always visible.
* Fix: at various places, the currently selected project (as specified by the cookie) was used instead of i.e. a bug's project
* Fix: lang_api did not load the user's preferred language
* Fix: obscure error when database connect failed
* Fix: error when deleting news items
* Fix: we no longer execute thousands of queries in view_all_bug_page when there are a lot of users in the database
* Fix: the sort direction in 'View all bugs' was passed directly to the query
* New config option (mail_priority): if use_x_priority is set to ON, what should the value of X-Priority be? The default is 3 (instead of 0 in previous version, which was misinterpreted by some MTAs)
* New config option (long_process_timeout): the number of seconds to give long executing pages (like database upgrades) to complete before aborting them (defaults to 0 which is unlimited)
* New config option (private_project_threshold): threshold needed to get into private project automatically
* Removed config option (mail_send_crlf): having this option off (default) violated RFC 822bis and there shouldn't be any server which required it to be set to off
* Languages: Updated Dutch, French, German and Italian localisations.
* Languages: Synchronized localisation files with the English localisation.
* Security enhancement: it is now impossible to 'fill in' forgotten language strings using GET/POST/COOKIE variables
2003.02.16 - 0.18.0a1
This release contains literally hundreds, if not thousands, of changes.
Upcoming releases will hopefully follow a *much* quicker release cycle now
that we are back on track.
This marks the first release of Mantis with a completely refactored API
library. All the API files are in the core/ directory should you wish to
examine them in more detail. The process of cleaning up the APIs and making
sure all the pages use them is still not quite complete, but we are getting
close
Listing every individual change would be unproductive but the key ones are
listed or summarized below:
* Behaviour change: made 'normal' the default priority for new bugs
* Behaviour change: Merged default/config_inc1.php and default/config_inc2.php in config_inc.php in the main directory
* Behaviour change: Removed f_ prefix from POST and GET field names
* Changed config options (*_color): now use $g_status_colors['<status color>'] array. For example, $g_new_color is replaced with $g_status_colors['new'].
* Changed config options (default_advanced_report, default_advanced_view, default_advanced_update): now ON/OFF instead of BOTH/SIMPLE/ADVANCED (they never worked the other way anyway)
* Changed config options (login_method): the constant CRYPT_FULL_SALT is now deprecated and should be replaced with CRYPT, which behaves exactly the same, or MD5
* Code cleanup: added validation checks for all inputs that are passed on to database queries
* Code cleanup: db_prepare_string(), db_prepare_int(), and db_prepare_bool() to be called on data before it goes into the database
* Code cleanup: modified input-checked variables to be prefixed by $c_
* Code cleanup: Moved admin_* scripts into admin/ directory
* Code cleanup: Moved core_* files into core/ directory, which can be moved out of the webroot
* Code cleanup: Replaced '/' with DIRECTORY_SEPARATOR throughout to make things cross-platform
* Code cleanup: Rewrote large parts of Mantis to improve security
* Copyright transfered by Kenzaburo Ito to 'Mantis Group', consisting of all of Mantis developers, as of 2002. All files have had their copyright notices changed to reflect this.
* Enhancement: added a button to copy categories from another project, in addition to the current 'copy to'
* Enhancement: added a direct link, with a small icon, on each bug row, so that users on a selected project can switch directly to the update bug page (simple/advanced depending on user preferences).
* Enhancement: added a remove link next to the edit link in the project categories and project versions to allow deleting without going into edit.
* Enhancement: added announcement flag to news. Announcements are always kept at the top of the news page.
* Enhancement: admin_check script moved to admin/check.php and rewritten to be more complete
* Enhancement: added javascript autofocus to the login page
* Enhancement: added javascript autofocus to the report bug pages
* Enhancement: added links from the counters of bugs reported and assigned to logged in user to their corresponding filtered view
* Enhancement: added support for custom_constants_inc.php, if this file is found in main directory it gets included after constants_inc.php. It is useful to define constants for custom enumerations.
* Enhancement: added support for custom_strings_inc.php, if this file is found in main directory it gets included after lang/strings_xxxx.php to allow overriding of strings without modifying the language files. $g_active_language can be used to check the active language.
* Enhancement: added support for modifying the reporter of a bug
* Enhancement: Added Word2k and Excel export in print_all_bug_page.php. Users can choose the bugs to display/print, and the fields to export with the 'Printing Options' link.
* Enhancement: Administrators can now modify the preferences for all users that are not protected. Protected users need to be unprotected first.
* Enhancement: allow managers to update project information, change project user list, add/edit/delete categories and versions
* Enhancement: auto-assign bugs when a default user is specified for the category and a bug is not pre-assigned
* Enhancement: automatic defaults for $g_path and $g_absolute_path rather than dummy values. This should avoid the need of redefining these values in config_inc.php and also support multiple domains.
* Enhancement: bugs can be marked private
* Enhancement: bug change history
* Enhancement: caching of much DB data to prevent multiple requests for the same information
* Enhancement: Cleaned up file uploading with better error messages and hiding file upload when it's disabled in PHP
* Enhancement: confirm a lot of destructive actions before performing them
* Enhancement: email_api.php sends a content-type header in emails
* Enhancement: enter a bugnote when you update a bug
* Enhancement: html_api.php prints a META-tag defining the charset
* Enhancement: improved the behaviour of sorting the tables of users and projects in 'Manage'
* Enhancement: in the view all bugs page, when 'All Projects' is selected, the project name is now displayed in smaller font over the category
* Enhancement: include tabindexes in the form fields on the bug reporting pages
* Enhancement: look in environment variable MANTIS_CONFIG to find a config file to load after config_inc.php (useful for vhosts)
* Enhancement: make br, hr, li, img, selected, checked, and other html elements XHTML compliant
* Enhancement: more visual graph pages in summary_page.php. Caution, old versions of JPGraph may cause problems, use v1.6.3 or above if you can.
* Enhancement: news can now be made private
* Enhancement: offer multiple group bug actions in view_all_bug_page.php
* Enhancement: private bugnotes. At present these bugnotes are omitted from sent emails, a future release will put private bugnotes in emails to those who should see them.
* Enhancement: provide a notification when a bug is deleted
* Enhancement: reminder feature to let you send a message about a bug to a list of users
* Enhancement: reworked BCTimer class to be more useful for debugging
* Enhancement: send Bug History in e-mails
* Enhancement: added new database upgrade system to allow you to easily apply database schema changes when upgrading.
* Enhancement: support uploading attachments to an FTP server (so now there is DISK, DATABASE, and FTP). Recently uploaded/downloaded attachments are cached at the web server.
* Enhancement: User names are now auto-generated for accounts that no longer exists. The user names are prefixed by the string given in the config option prefix_for_deleted_users.
* Enhancement: user_api.php, login.php and login_page.php send the user back to the referring page after login
* Enhancement: warn the user if his browser does not support cookies, either because it's too old or because it was disabled
* Enhancement: you can add multiple categories in one step. This is done by separating category names by the pipe character '|'. For example to add category 'A' and 'B', add 'A|B'.
* Enhancement: you can monitor bugs even when not reporter or handler
* Enhancement: support for custom fields.
* Enhancement: you can now change the password encryption method by simply changing the configuration option - Mantis will change your passwords automatically as people login
* Fix: Account pruning now also removes profiles, preferences and such.
* Fix: all string files use single quotes instead of double quotes
* Fix: bug that let you change your username to that of an already existing user
* Fix: bug where upload paths with \'s in them kept getting escaped over and over
* Fix: defects with updating project categories and versions
* Fix: deleting the current project no longer gives an error (#2808)
* Fix: email address validation should be much more RFC 822 compliant (#2819)
* Fix: Made 'light grey' the default color for 'closed'
* Fix: make form elements standards compliant
* Fix: prevent an unauthorized user from deleting a bug by modifying the URL
* Fix: print_api.php escapes double quotes in text fields, instead of replacing them by single quotes
* Fix: problem deleting bugnotes
* Fix: problem in core_API.php where constants were used before declaration
* Fix: problem in email_api.php where an email could be sent to nobody at all, in rare cases
* Fix: problem in manage_proj_update.php which gave a warning when editing projects with empty upload file paths
* Fix: problem with ambiguous column names in queries when using the text search or applying filters
* Fix: problem with print_assign_to_option_list() not selecting the current user
* Fix: quoted various text values retrieved from a database and used in a database query.
* Fix: Removed special status of 'closed' concerning colors. 'View all bugs' will use the configured background color.
* Fix: Removed str_pad() we can use str_pad() from PHP4 now
* Fix: replace & in URLs with & to conform with standards
* Fix: use single quotes whenever possible if double quotes were unnecessary
* Fix: Use supervariables ($_SERVER, $_REQUEST, etc.) in PHP >= 4.1.0, since the old variables are deprecated
* Fix: when viewing all bugs for all projects you no longer see bugs from disabled projects
* Fix: Disabled user accounts no longer receive notification emails.
* Languages: Added $s_charset to all localization files.
* Languages: Added Chinese Simplified translation.
* Languages: Removed French2 localization (out of date, without HTML entities. Replaced by new French localization).
* Languages: removed HTML entities from all localization files
* Languages: Updated comments in all localization files to point to correct file names.
* Languages: Updated Hungarian, Russian, Romanian, German, Danish, Norwegian and Dutch localizations.
* New APIs: see all the files in core/ ending with _api
* New config option (allow_blank_email): allow blank email addresses (ie none specified)
* New config option (allow_reporter_close): allow reporters to close the bugs they reported
* New config option (allow_reporter_reopen): allows reporters to reopen closed bugs that they reported if they are unhappy with the resolution (defaults to ON) (see issue #2108)
* New config option (auto_set_status_to_assigned): automatically set the status to ASSIGNED when an issue is assigned. Default is ON.
* New config option (bug_reminder_threshold): the access level required to send reminders
* New config option (bug_resolved_status_threshold): To mark the status threshold for marking bugs as readonly. Default is RESOLVED.
* New config option (compress_html): optional compression of html output
* New config option (create_project_threshold): provide a threshold for users who can create projects
* New config option (custom_field_edit_after_create): new option to control whether a user is directed to edit a custom field after creating it
* New config option (custom_field_link_threshold): provide a threshold for users who can link and unlink custom fields but not delte, create, or modify them
* New config option (custom_headers): contains a list of headers to prepend to each outgoing HTTP response. This can be used for P3P policy headers among other things (see issue #2649)
* New config option (debug_email): allows debugging e-mail messages during development by only sending them to the specified e-mail while including the original to, cc, bcc in the message body (currently supported only when phpmailer is used).
* New config option (default_notify_flags and notify_flags): these replace $g_notify_developers_on_new, $g_notify_on_new_threshold, and $g_notify_admin_on_new. The old flags are no longer supported. The new ones provide full control on who should be notified on each event/action.
* New config option (delete_bugnote_threshold): the access level required to delete a bug
* New config option (delete_project_threshold): provide a threshold for users who can delete projects
* New config option (email_set_category): make Mantis set the category of the e-mail sent (via mail()/phpMailer). This is useful in organising e-mails better using clients like Microsoft Outlook.
* New config option (handle_bug_threshold): the access level required for a user to appear in the assign to list and be able to handle bugs
* New config option (history_default_visible): whether bug history should be visible by default or only when requested.
* New config option (html_make_links): Replaces allow_href_tags. When true, convert text links in strings into actual anchor tags.
* New config option (html_valid_tags): Replaces allow_html_tags and html_tags. Set it to a string containing a comma-separated list of tag names that should be allowed in messages.
* New config option (limit_email_domain): only allow emails in the given domain
* New config option (manage_custom_fields_threshold): controls who may make changes to custom fields
* New config option (manage_news_threshold): threshold needed to manage news postings
* New config option (manage_user_threshold): access level required to modify/create/delete users
* New config option (notify_admin_on_new): enable/disable notifications to admins on arrival of new bugs
* New config option (notify_on_new_threshold): the access level above which users will be notified of new bugs
* New config option (project_user_threshold): access level required to add/remove users to/from a project
* New config option (reminder_recipents_monitor_bug): To automatically add recipients of bug reminders to the monitor list of the defect. This is done if the access level is greater than or equal to monitor threshold and the recipient is not the handler or the reporter.
* New config option (show_detailed_errors):
* New config option (show_notices):
* New config option (show_project_menu_bar): adds a menu bar with all the projects as links
* New config option (show_queries_count and show_queries_list): track the executed queries and display their total count, unique queries count, and the actual list of queries executed
* New config option (show_warnings):
* New config option (smtp_password): password to use when connection to an smtp server with phpMailer
* New config option (smtp_username): username to use when connection to an smtp server with phpMailer
* New config option (store_reminders): controls whether to store sent reminders as a bugnote
* New config option (summary_category_include_project): display "[project] category" rather than "category" only in summary for "All Projects"
* New config option (update_bug_threshold): the access level required to update a bug
* New config option (upload_project_file_threshold, upload_bug_file_threshold, allow_reporter_upload): control what users may upload what kinds of files
* New config option (view_attachments_threshold): the access level required to view attachments. This is useful when there is a need to share the knowledge about the defects, but to secure customer data.
* New config option (view_summary_threshold): the access level required for viewing the summary page
* New file (obsolete.php): checks for obsolete variables and tells the operator
* Removed config option (allow_href_tags): see new option html_make_links
* Removed config option (allow_html_tags): see new option html_valid_tags
* Removed config option (html_tags): see new option html_valid_tags
* Removed config option (register_globals): just check the actual value of the PHP config variable
* Removed config option (php): this variable containing the file extensions (php3 of php) was only used in config, so do a search and replace if you need it
* Renamed config option: allow_bug_delete_access_level to delete_bug_threshold
* Renamed config option: bug_move_access_level to move_bug_threshold
* Renamed file: manage_create_new_user.php to manage_user_create.php
* Renamed file: manage_create_new_user_page.php to manage_user_create_page.php
* Renamed file: report_add.php to bug_add.php
* Renamed file: report_bug_advanced_page.php to bug_add_advanced_page.php
* Renamed file: report_bug_page.php to bug_add_page.php
* Security fix: Mantis no longer relies on register_globals being turned on
2002.08.23 - 0.17.5
* Corrected bug_delete.php and bug_delete_page.php, which ignored the $g_allow_bug_delete_access_level setting.
* Corrected bug_close.php and bug_close_page.php, which ignored the $g_close_bug_threshold setting.
* Corrected bug_reopen.php and bug_reopen_page.php, which ignored the $g_reopen_bug_threshold setting.
* Fixed problems in bug_update_advanced_page.php, bug_update_page.php, view_bug_advanced_page.php and view_bug_page.php which allowed users to view private bugs. It does that icky logout thing again, which will be replaced with a nice message in 0.18.0.
* Fixed a problem in view_all_bug_page.php which allowed users to see public bugs in private projects when all projects were marked private.
2002.08.19 - 0.17.4a
* Fixed the fix of the ambigious column problem
* Fixed the 'second line of defense' against the arbitrary-code-execution vulnerability
2002.08.18 - 0.17.4
* This is a maintenance release. It patches up several vulnerabilities in 0.17.3. No features have been added.
* Fixed a problem in config_inc2.php, which would allow a malicious user to execute arbitrary code and view any local file available to the webserver-user.
* Fixed a problem in summary_graph_functions.php, which just allowed a malicious user to execute arbitrary code.
* Fixed a problem in print_all_bug_page.php, which allowed reporters to see bugs they hadn't reported, even when $g_limit_reporters is set to ON.
* Fixed a problem in view_all_bug_page.php, which allowed any user to see the summaries of public bugs in private projects, by manipulation of the project cookie.
* Modified admin_check.php to prevent use by spammers.
* Modified the database upgrade script to prevent someone from accidentally or intentionally running the scripts on an updated database.
* Fixed a problem in core_user_API.php, which probably caused the infinite-redirect problem in Mozilla/Opera browsers.
* Fixed a problem with ambigious columns in view_all_bug_page.php
2002.05.19 - 0.17.3
* Bumped version number.
* Fixed problem with CSV not downloading.
* Fixed no colors when using non-English languages (temporary fix).
* Fixed bug_close to add bugnote.
* Fixed file uploads to not show up for VIEWERS.
* Modified core_API.php to always turn magic_quotes_runtime OFF.
* Modified disk uploads to use the file_download.php script.
* Modified bugnote last_modified query slightly.
* Modified reporter and assign_to option lists.
* Updated PHP and MySQL requirements.
* Updated Norwegian, Russian, Danish and Dutch translations.
* Added die to print_header_redirect().
* Added russian_koi8 translation.
* Added HTTP_POST_FILES to core_API.php.
* Added check for empty bugnotes.
* Removed view_csv_export_inc.php (unused).
* Removed print_user_option_list() (unused).
* Closed a security problem in account_update.php.
2002.05.12 - 0.17.2
* Fixed error in set_project where setting a project would result in a loop.
* Fixed account profiles to check for blank inputs.
* Fixed some problems with BASIC_AUTH.
* Fixed problems with documentation links.
* Fixed a few documentation errors in configuration.html.
* Fixed bug_update to no longer cut off steps_to_reproduce if it has quotation marks.
* Fixed # bug links in emails.
* Fixed bugnote update to redirect properly after update.
* Fixed bugnote update to check for proper access.
* Fixed bug_file_upload_inc to user $g_max_file_size.
* Fixed CSV exporting to not have SPAN tags.
* Fixed CSV export MIME type.
* Fixed potential variable warning in main_page.
* Fixed signup to detect empty usernames.
* Fixed user creation to detect empty usernames.
* Fixed bug file upload error. Error message was misreported.
* Fixed project doc upload error. Error message was misreported.
* Fixed problem with bottom page menu not displaying when turned on.
* Fixed warning message on report. Warning: Undefined variable: f_file_name ...
* Fixed edit bugnote to allow the correct users to edit and update.
* Fixed g_limit_reporters to work properly for project users.
* Modified accounts so that protected accounts are not accessible by the user.
* Modified report page formating.
* Modified file size reports to show up as bytes.
* Modified email string padding and line separation characters.
* Modified account page to show default and current project access levels.
* Modified news posting to properly limit project lists for non Administrators.
* Modified reset password functionality to use g_send_reset_password to determine whether a password is set to blank or emailed to the user.
* Modified color legend is now generated form the $g_status_enum_string variable.
* Modified print_enum_string_option_list() to work better.
* Modified bug_update_advanced to allow for more fields to be updated.
* Modified email subject links to match standard Mantis email format.
* Modified view bug pages to show bug status via color.
* Modified more pages to show bug status via color.
* Modified setcookie() to use paths.
* Modified fopen() to open with rb instead of r.
* Modified language files to use long php tags.
* Modified tr bgcolor elements and moved them into td bgcolor blocks to help MacOS IE color table cells properly.
* Modified view_all_bug_page to use view_all_set as a pure script to set cookies.
* Modified g_hide_user_email to be g_show_user_email and have different usage modes.
* Modified phpmailer AddAddress in email sending to allow for multiple to recipients.
* Modified project user adding to use a multi-select list box.
* Modified get_enum_string to use the g_ enum string value instead of the s_ enum string value.
* Modified br tags to be new xml style tags.
* Modified time stats in summary to use CLOSED instead of resolved.
* Modified setcookie() to use g_cookie_path when unsetting.
* Modified set_project.php to avoid double refresh when using IIS.
* Modified project user module behavior.
* Modified delete file attachments to chmod( 0775 ) so write permissions are granted.
* Modified get_view_redirect_url() call on bug_assign.php to handle redirects better.
* Modified search to look in bugnotes.
* Modified is_duplicate_category(). Reversed the arguments.
* Modified to use core_project_API.php.
* Modified to use core_version_API.php.
* Modified print_all_bug_page.php to seach bugnotes.
* Modified print_reporter and assign_to option_lists() to display lists properly.
* Added Hungarian translation.
* Added Japanese translation.
* Added Czech translation.
* Added g_bug_link_tag to let users customize how to create bug links.
* Added a "jump to bugnotes" quicklink at the top of the view bug pages.
* Added a global option to control what access levels can delete bugs.
* Added g_bug_move_access_level to control what access level can move bugs to other projects.
* Added extra link after a bug report to go directly to the new bug.
* Added g_close_bug_threshold for closing a bug.
* Added print report link to view all bug page.
* Added g_allowed_files and g_disallowed_files to control what files types may be uploaded.
* Added user to project multi-select listbox in manage section.
* Added list of projects a user is assigned to to the account page.
* Added print bug view.
* Added jump to bug form.
* Added core_proj_user_API.php.
* Added make_lf_crlf() to remove bare line feeds.
* Added g_strip_bare_lf to toggle use of make_lf_crlf().
* Added priority reporting on the report form for developers.
* Added project category copy.
* Added CRYPT_FULL_SALT authentication.
* Added page timer.
* Added mt_srand() call in core_API.php.
* Added g_register_globals global for installations where register_globals is Off.
* Removed access_min and access threshold concepts from the user and project management.
* Removed extra "echo" in news archive page.
* Removed proj_user_delete_page.php.
* Removed dependency on s_ enum strings. Use g_ enum strings instead.
* Updated Copyright to 2002.
* Added $g_use_javascript to default/config_inc1.php (SC)
2002.03.15 - 0.17.1
* Fixed missing closing span tag in view_bug_*page.php.
* Fixed advanced summaries (jpgraph) for general statistics for all projects.
* Fixed small problem in all localization files (for $s_reset_request_msg).
* Fixed summary stats for developers when they are assigned with "developer" rights at a project and do not have default profile >="developer".
* Fixed reporter poplist filter in buglist when users are assigned >="reporter" at a project and do not have default profile >="reporter".
* Fixed summary page for "All projects" option
* Fixed printable buglist for "All projects" option
* Fixed document links (ChangeLog, README, etc.)
* Fixed problem where portuguese_brazil localization did not appear correctly.
* Fixed several minor CSS class consistency issues.
* Fixed file download links to use rawurlencode().
* Fixed admin_check.php to check for Windows style \.
* Fixed file dates to display correctly.
* Fixed bug update button to go to proper simple or advanced page.
* Fixed a problem where users could not report bugs if uploading was disabled.
* Fixed a minor problem in the print_reporters_option_list().
* Fixed more CSS issues.
* Fixed file uploads to not allow duplicate files when using DISK.
* Fixed file upload switch with break statements.
* Fixed print_assign_to_option_list() to accurately reflect settings.
* Fixed print_reporter_option_list() to accurately reflect settings.
* Fixed the access level checks to be more accurate.
* Fixed summary by category to work when categories have single quotes.
* Removed site_settings link in print_manage_doc_menu().
* Removed action confirmations in Account pages.
* Removed action confirmations in Bug/Bugnote pages.
* Removed action confirmations in Login/Logout pages.
* Removed some action confirmations in Manage pages.
* Removed some action confirmations in News pages.
* Removed some action confirmations in Project Doc pages.
* Removed action confirmation in set_project page.
* Removed $g_quick_proceed. It is no longer used.
* Renamed doc/CONFIGURATION to doc/CUSTOMIZATION.
* Modified edit user links to use the username instead of the [edit] link.
* Modified edit project links to use the project name instead of the [edit] link.
* Modified default/config_inc1.php to have more more css global variables.
* Modified wordwrap to use built-in php function if available.
* Modified bug_assign and bug_close to use g_quick_proceed.
* Modified bug_resolve to use only one form.
* Modified bug_close to allow a bugnote to be added when closing.
* Modified bug_reopen to allow a bugnote to be added when reopening.
* Added project name as supplementary info next to bug id in buglist for "All projects" option
* Added Basic Authentication patch.
* Added CSV Export patch.
* Added Anonymous Login patch.
* Added CVS linking patch.
* Added g_hide_closed_default for filter defaults.
* Added g_show_bug_project_links to toggle project links in All Project mode.
* Added mime_encode() to process the email subject text.
* Added blank category check when adding project category.
* Added blank version check when adding project version.
2002.01.23 - 0.17.0
* Fixed potential problems with proxies and HTTP_REFERER not being properly sent.
* Fixed bugnote editing to be unavailable when bug is resolved or closed.
* Fixed viewing bugs to automatically switch projects if you view a bug from another project (often done through a link).
* Fixed file uploads to report an error when a blank file is uploaded.
* Fixed database and file to no longer use TIMESTAMPS.
* Fixed password reset to blank to work for other encryption types.
* Fixed admin_upgrade.php to honor the $g_php global.
* Fixed access checks to see if viewer has permission to view the bug.
* Fixed project list drop down to work even if project user list is empty.
* Fixed advaced summary compatibility with the latest JPGraph release (1.4)
* Modified many files for extensive use of CSS.
* Modified BLOB field to LONGBLOB.
* Modified bug action buttons to be more consistent.
* Modified version string to be longer.
* Modified html functions to consolidate code.
* Modified confirm messages to consolidate localization strings.
* Modified comments to use one # instead of ### (save space)
* Modified alternate_colors() to have default parameters.
* Modified all files to use < ? p h p instead of < ?
* Modified error messages to use $MANTIS_ERROR array.
* Modified code to update last_updated/last_modified fields for bugs, bugnotes, and news.
* Modified core_API.php and config_inc.php to use a default/ directory in
addition to a config_inc.php placed in the root directory.
* Added view by page feature.
* Added edit new link in news update page.
* Added file upload into database.
* Added a link to Mantis at the bottom of the pages.
* Added support for date_order field for version.
* Added delete file capability.
* Added view all projects capability.
* Added support to move bugs from one project to another.
* Added email check to admin_check.php3
* Added a check to make sure the cookie_string really is unique.
* Added a check for a duplciate user in the manage create user page.
* Added Romanian translation.
* Added g_allow_account_delete global to prevent self account deletion.
* Added file upload check to see if directory exists.
* Removed site_settings pages.
* Removed unused cookie variables.
* Removed sql_to_unix_time() function. Unecessary with removal of TIMESTAMPS.
* Removed menu_inc.php file and related variable. Moved this into print_menu().
* Removed print_mantis_version(). Moved it into print_foooter().
* Removed some unused code.
* Removed get_project_name() function. Replaced with a more general get_project_field().
* Renamed g_store_file_to to g_file_upload_method.
* Renamed files to .php
* Removed admin_cookiecheck.php3
* Moved documents into doc/ subdirectory.
* Moved language files into lang/ subdirectory.
2001.12.01 - 0.16.1
* Fixed SQL error when reporting bug in a private project.
* Fixed problem where upgrade scripts were not executed for 0.16.0 upgrade.
* Fixed problem with $g_limit_reporters limiting all users instead of just reporters and below
* Modified admin_check.php3 to be more informative and useful.
* Modified upgrade script to preserve timestamp fields.
* Modified db_generate to enable projects by default.
* Modified account_page.php3 to remove EOF usage.
* Updated upgrade script to be more informative.
* Updated French localization.
* Added $g_allow_close_immediately to toggle "close immediately" option when resolving a bug.
2001.11.27 - 0.16.0
* Fixed minor HTML errors in core_html_API.php.
* Fixed the view, report, and update pages to honor the forces advanced/simple modes.
* Fixed problem with extra br tags being inserted in project descriptions
* Fixed table names in the proj_doc_* pages to use variables instead of hardcoded names.
* Fixed table names in bug_file_add.php3, report_add.php3, view_bug_advanced_page.php3, view_bug_page.php3 to use variables instead of hardcoded names.
* Fixed a problem with bug updates making the status hard to deal with.
* Fixed the emailing method to honor the private access threshold.
* Fixed problem where reporters could assign bugs in advanced report page.
* Fixed problem where not all proj_doc* pages had the top of page include.
* Modified the mantis_bug_table.build field to be a VARCHAR(32).
* Modified the mantis_bug_table.votes field to be an INT(4).
* Modified the mantis_bug_table.os_build field to a VARCHAR(32).
* Modified the mantis_user_profile_table.os_build field to a VARCHAR(32).
* Modified the mantis_user_pref_table.language field to a VARCHAR(32).
* Modified config_inc.php to properly support all localized langauges.
* Updated Korean localization.
* Updated Polish localization.
* Updated Spanish localization.
* Updated TROUBLESHOOTING file.
* Added file_type field to mantis_bug_file_table and mantis_project_file_table.
* Added LDAP login support.
* Added ability to limit reporters to see only their bugs. Security will need to be tightened later.
* Added a legend for the status colors.
* Added a empty string check before the AddBCC function when buidling the bcc list
* Added a check to automatically add the trailing slash to the file path.
2001.11.04 - 0.15.12
* Added Swedish localization
* Added print bugs feature
* Fixed error where MD5 wasn't actually being used.
* Fixed problem with the same password being generated over and over.
* Fixed problem with the same cookie being generated over and over.
2001.10.28 - 0.15.11
* Modified advanced report's "assign to" drop down to sort alphabetically
* Modified bug_update script to send emails and behave better
* Modified file upload size down to 60 to help out page layout in Netscape
* Modified view_all_bug_page refresh to include f_offset
* Fixed the post-report forms to redirect properly even if a proxy clears the HTTP_REFERER
* Added g_use_iis global to workaround an IIS bug with header/Location calls
2001.10.28 - 0.15.10
* Fixed problem with not being able to uncheck "hide closed" bugs filter checkbox
* Fixed error with warnings on sending email
* Fixed problem with being kicked out when editing bugnote
2001.10.27 - 0.15.9
* Fixed problem with warning on view filters.
2001.10.26 - 0.15.8
* Fixed problem with $g_manage_cookie not being unset on logout
* Fixed error in db_upgrade.sql ( nul; should be null; )
* Fixed serveral localization errors
* Fixed email to only send to devlopers and higher for a given project
* Fixed potential security hole with uploaded file permissions
* Added ALT fields to IMG tags
* Added edit bugnote capability
* Added Polish localization
* Added Russian localization
* Added umask call to prevent uploaded files from being executed remotely.
* Added Plain Text authentication
* Added MD5 authentication
* Added option to view priority as text
* Updated Italian localization
* Updated Korean localization
* Updated Spanish localization
* Modified User section so users with automatic access are listed
* Modified view all filters to consolidate functionality
* Modified view all filters to remember sort field and order
* Modified authentication system to no longer require crypt()
* Modified email formatting to work better with other languages
* Modified set project to clear view filters when changing projects
* Modified the report_bug pages to properly honor $g_show_report
* Removed email_bug_info_to_address()
* Removed print_handler_option_list()
* Removed view_all_assigned/unassigned/report_bug_page and associated variables.
2001.08.28 - 0.15.7
* Fixed problem with account prefs not being updated.
2001.08.27 - 0.15.6
* Fixed potential security hole with file uploads. Users can potentially
copy files on server to be available via the browser. This requires
PHP 3.0.17 and higher. Please consider disabling file uploads to disk
if you cannot upgrade versions.