View Issue Details

IDProjectCategoryView StatusLast Update
0015453mantisbtsecuritypublic2014-09-23 18:05
ReporterTomRAssigned Todregad 
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.2.12 
Target Version1.2.15Fixed in Version1.2.15 
Summary0015453: CVE-2013-1930: Close button is shown on webpage despite 'close' is not a valid status by workflow
Description

It seems that te 'Close' button does not respect the workflow status.

In my opinion the 'Close' button should only be visible ( or active ) when 'close' is a valid status ( by workflow )

TagsNo tags attached.

Relationships

related to 0015721 closedgrangeway Functionality to consider porting to master-2.0.x 

Activities

dregad

dregad

2013-02-01 03:18

developer   ~0035004

Could you post your current config to facilitate issue reproduction ?

TomR

TomR

2013-02-05 16:26

reporter   ~0035043

Posted my config_inc.php

However Workflow is done on a per project base ( and this installations has about 150 projects ).

But be sure that even when status 'closed' is not a valid status ( by workflow for the project ), the close button is shown.

TomR

TomR

2013-02-05 16:27

reporter  

config_inc.php (76,022 bytes)
<?php
# MantisBT - a php based bugtracking system

# MantisBT is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.

	/**
	 * Default Configuration Variables
	 *
	 * This file should not be changed. If you want to override any of the values
	 * defined here, define them in a file called config_inc.php, which will
	 * be loaded after this file.
	 *
	 * In general a value of OFF means the feature is disabled and ON means the
	 * feature is enabled.  Any other cases will have an explanation.
	 *
	 * For more details see http://www.mantisbt.org/docs/master-1.2.x/
	 *
	 * @package MantisBT
	 * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
	 * @copyright Copyright (C) 2002 - 2012  MantisBT Team - mantisbt-dev@lists.sourceforge.net
	 * @link http://www.mantisbt.org
	 */

	/******************************
	 * MantisBT Database Settings *
	 ******************************/

	/**
	 * hostname should be either a hostname or connection string to supply to adodb.
	 * For example, if you would like to connect to a database server on the local machine,
	 * set hostname to 'localhost'
	 * If you need to supply a port to connect to, set hostname as 'localhost:3306'.
	 * @global string $g_hostname
	 */
	$g_hostname				= 'localhost';
	/**
	 * User name to use for connecting to the database. The user needs to have read/write access to the MantisBT database.
	 * The default user name is "root".
	 * @global string $g_db_username
	 */
	$g_db_username			= '<db_usename>';
	/**
	 * Password for the specified user name. The default password is empty.
	 * @global string $g_db_password
	 */
	$g_db_password			= '<password>';
	 /**
	  * Name of database that contains MantisBT tables.
	  * The default database name is "bugtracker".
	  * @global string $g_database_name
	  */
	$g_database_name		= '<db>';

	/**
	 * path to your installation as seen from the web browser
	 * requires trailing /
	 * @global string $g_path
	 */
	$g_path	= 'http://<subdomain>.<domain>.nl/';

	/**************
	 * Web Server *
	 **************/

	/**
	 * Session key name.  Should be unique between multiple installations to prevent conflicts.
	 * @global string $g_session_key
	 */
	$g_session_key = '<session_key>';

	/**
	 * Session save path.  If false, uses default value as set by session handler.
	 * @global bool $g_session_save_path
	 */
	$g_session_save_path = false;

	/**
	 * Session validation
	 * WARNING: Disabling this could be a potential security risk!!
	 * @global int $g_session_validation
	 */
	$g_session_validation = ON;

	/**
	 * Form security validation.
	 * This protects against Cross-Site Request Forgery, but some proxy servers may
	 * not correctly work with this option enabled because they cache pages incorrectly.
	 * WARNING: Disabling this IS a security risk!!
	 */
	$g_form_security_validation = OFF;

	/****************************
	 * Signup and Lost Password *
	 ****************************/

	/**
	 * allow users to signup for their own accounts.
	 * Mail settings must be correctly configured in order for this to work
	 * @global int $g_allow_signup
	 */
	$g_allow_signup			= OFF;

	/**
	 * Max. attempts to login using a wrong password before lock the account.
	 * When locked, it's required to reset the password (lost password)
	 * Value resets to zero at each successfully login
	 * Set to OFF to disable this control
	 * @global int $g_max_failed_login_count
	 */
	$g_max_failed_login_count = 10;

	/**
	 * String used to generate the confirm_hash for the 'lost password' feature and captcha code for 'signup'
	 * ATTENTION: CHANGE IT TO WHATEVER VALUE YOU PREFER
	 * @global int $g_password_confirm_hash_magic_string
	 * @todo randomize + admin check
	 */
	$g_password_confirm_hash_magic_string = '<password_confirm_hash_magic_string>';
	/**
	 * Max. simultaneous requests of 'lost password'
	 * When this value is reached, it's no longer possible to request new password reset
	 * Value resets to zero at each successfully login
	 * @global int $g_max_lost_password_in_progress_count
	 */
	$g_max_lost_password_in_progress_count = 5;

	/**
	 * absolute path (with trailing slash!) to folder which contains your TrueType-Font files
	 * used to create the captcha image and since 0.19.3 for the Relationship Graphs
	 * @global string $g_system_font_folder
	 */
	$g_system_font_folder	= '/usr/share/fonts/bitstream-vera/';

	/***************************
	 * MantisBT Email Settings *
	 ***************************/

	/**
	 * the sender name, part of 'From: ' header in emails
	 * @global string $g_from_name
	 */
	$g_from_name			= '<from_name>';

	/**
	 * the return address for bounced mail
	 * @global string $g_return_path_email
	 */

	 
	/**
	 * Allow email notification.
	 * Set to ON to enable email notifications, OFF to disable them. Note that
	 * disabling email notifications has no effect on emails generated as part
	 * of the user signup process. When set to OFF, the password reset feature
	 * is disabled. Additionally, notifications of administrators updating
	 * accounts are not sent to users.
	 * @global int $g_enable_email_notification
	 */
	$g_enable_email_notification	= ON;

	/**
	 * The following two config options allow you to control who should get email
	 * notifications on different actions/statuses.  The first option (default_notify_flags)
	 * sets the default values for different user categories.  The user categories
	 * are:
	 *
	 *      'reporter': the reporter of the bug
	 *       'handler': the handler of the bug
	 *       'monitor': users who are monitoring a bug
	 *      'bugnotes': users who have added a bugnote to the bug
	 *      'explicit': users who are explicitly specified by the code based on the action (e.g. user added to monitor list).
	 * 'threshold_max': all users with access <= max
	 * 'threshold_min': ..and with access >= min
	 *
	 * The second config option (notify_flags) sets overrides for specific actions/statuses.
	 * If a user category is not listed for an action, the default from the config
	 * option above is used.  The possible actions are:
	 *
	 *             'new': a new bug has been added
 	 *           'owner': a bug has been assigned to a new owner
	 *        'reopened': a bug has been reopened
 	 *         'deleted': a bug has been deleted
	 *         'updated': a bug has been updated
	 *         'bugnote': a bugnote has been added to a bug
	 *         'sponsor': sponsorship has changed on this bug
	 *        'relation': a relationship has changed on this bug
	 *         'monitor': an issue is monitored.
	 *        '<status>': eg: 'resolved', 'closed', 'feedback', 'acknowledged', ...etc.
	 *                     this list corresponds to $g_status_enum_string
	 *
	 * If you wanted to have all developers get notified of new bugs you might add
	 * the following lines to your config file:
	 *
	 * $g_notify_flags['new']['threshold_min'] = DEVELOPER;
	 * $g_notify_flags['new']['threshold_max'] = DEVELOPER;
	 *
	 * You might want to do something similar so all managers are notified when a
	 * bug is closed.  If you didn't want reporters to be notified when a bug is
	 * closed (only when it is resolved) you would use:
	 *
	 * $g_notify_flags['closed']['reporter'] = OFF;
	 *
	 * @global array $g_default_notify_flags
	 */

	$g_default_notify_flags	= array('reporter'	=> ON,
									'handler'	=> ON,
									'monitor'	=> ON,
									'bugnotes'	=> ON,
									'explicit'  => ON,
									'threshold_min'	=> MANAGER,
									'threshold_max' => MANAGER);

	/**
	 * We don't need to send these notifications on new bugs
	 * (see above for info on this config option)
	 * @todo (though I'm not sure they need to be turned off anymore
	 *      - there just won't be anyone in those categories)
	 *      I guess it serves as an example and a placeholder for this
	 *      config option
	 * @see $g_default_notify_flags
	 * @global array $g_notify_flags
	 */
	$g_notify_flags['new']	= array('bugnotes'	=> OFF,
									'monitor'	=> OFF);

	$g_notify_flags['monitor'] = array(	'reporter'	=> OFF,
										'handler'	=> OFF,
										'monitor'	=> OFF,
										'bugnotes'	=> OFF,
										'explicit'  => ON,
										'threshold_min'	=> NOBODY,
										'threshold_max' => NOBODY);

	/**
	 * set to OFF to disable email check
	 * @global int $g_check_mx_record
	 */
	$g_check_mx_record		= ON; # Not supported on Windows
	/**
	 * if ON, allow the user to omit an email field
	 * note if you allow users to create their own accounts, they
	 * must specify an email at that point, no matter what the value
	 * of this option is.  Otherwise they wouldn't get their passwords.
	 * @global int $g_allow_blank_email
	 */
	$g_allow_blank_email	= OFF;
	/**
	 * This specifies the access level that is needed to see realnames on user view page
	 * @global int $g_show_user_realname_threshold
	 */
	$g_show_user_realname_threshold = VIEWER;

	/**
	 * If use_x_priority is set to ON, what should the value be?
	 * Urgent = 1, Not Urgent = 5, Disable = 0
	 * Note: some MTAs interpret X-Priority = 0 to mean 'Very Urgent'
	 * @global int $g_mail_priority
	 */
	$g_mail_priority		= 3;

	/**
	 * select the method to mail by:
	 * PHPMAILER_METHOD_MAIL - mail()
	 * PHPMAILER_METHOD_SENDMAIL - sendmail
	 * PHPMAILER_METHOD_SMTP - SMTP
	 * @global int $g_phpMailer_method
	 */
	$g_phpMailer_method		= PHPMAILER_METHOD_SMTP;

	/**
	 * It is recommended to use a cronjob or a scheduler task to send emails.
	 * The cronjob should typically run every 5 minutes.  If no cronjob is used,
	 * then user will have to wait for emails to be sent after performing an action
	 * which triggers notifications.  This slows user performance.
	 * @global int $g_email_send_using_cronjob
	 */
	$g_email_send_using_cronjob = OFF;

	/**
	 * Specify whether e-mails should be sent with the category set or not.  This is tested
	 * with Microsoft Outlook.  More testing for this feature + other formats will be added
	 * in the future.
	 * OFF, EMAIL_CATEGORY_PROJECT_CATEGORY (format: [Project] Category)
	 * @global int $g_email_set_category
	 */
	$g_email_set_category		= ON;

	/**
	 * email separator and padding
	 * @global string $g_email_separator1
	 */
	$g_email_separator1		= str_pad('', 70, '_');
	/**
	 * email separator and padding
	 * @global string $g_email_separator2
	 */
	$g_email_separator2		= str_pad('', 70, '_');
	/**
	 * email separator and padding
	 * @global int $g_email_padding_length
	 */
	$g_email_padding_length	= 28;

	/***************************
	 * MantisBT Version String *
	 ***************************/


	/******************************
	 * MantisBT Language Settings *
	 ******************************/

	/**
	 * If the language is set to 'auto', the actual
	 * language is determined by the user agent (web browser)
	 * language preference.
	 * @global string $g_default_language
	 */
	$g_default_language		= 'dutch';

	/**
	 * list the choices that the users are allowed to choose
	 * @global array $g_language_choices_arr
	 */
	$g_language_choices_arr	= array(

		'dutch',
		'english',

	);

	/**
	 * Browser language mapping for 'auto' language selection
	 * @global array $g_language_auto_map
	 */
	$g_language_auto_map = array(
		'nl-be, nl' => 'dutch',
		'en-us, en-gb, en-au, en' => 'english',
	);

	/**
	 * Fallback for automatic language selection
	 * @global string $g_fallback_language
	 */
	$g_fallback_language	= 'english';

	/*****************************
	 * MantisBT Display Settings *
	 *****************************/

	/**
	 * browser window title
	 * @global string $g_window_title
	 */
	$g_window_title			= '<window_title>';

	/**
	 * title at top of html page (empty by default, since there is a logo now)
	 * @global string $g_page_title
	 */
	$g_page_title			= '<page_title>';

	/**
	 * Favicon image
	 * @global string $g_favicon_image
	 */
	$g_favicon_image		= 'images/favicon.ico';

	/**
	 * Logo
	 * @global string $g_logo_image
	 */
	$g_logo_image			= 'images/<my>_logo.gif';

	/**
	 * Logo URL link
	 * @global string $g_logo_url
	 */
	$g_logo_url				= '%default_home_page%';

	/**
	 * Specifies whether to enable support for project documents or not.
	 * This feature is deprecated and is expected to be moved to a plugin
	 * in the future.
	 * @global int $g_enable_project_documentation
	 */
	$g_enable_project_documentation	= OFF;

	/**
	 * Define the priority level at which a bug becomes significant.
	 * Significant bugs are displayed with emphasis. Set this value to -1 to
	 * disable the feature.
	 * @global int $g_priority_significant_threshold
	 */
	$g_priority_significant_threshold = HIGH;

	/**
	 * Define the severity level at which a bug becomes significant.
	 * Significant bugs are displayed with emphasis. Set this value to -1 to
	 * disable the feature.
	 * @global int $g_severity_significant_threshold
	 */
	$g_severity_significant_threshold = MAJOR;

	/**
	 * The default columns to be included in the View Issues Page.
	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
	 * Also each user can configure their own columns using My Account -> Manage Columns
	 * Some of the columns specified here can be removed automatically if they conflict with other configuration.
	 * Or if the current user doesn't have the necessary access level to view them.
	 * For example, sponsorship_total will be removed if sponsorships are disabled.
	 * To include custom field 'xyz', include the column name as 'custom_xyz'.
	 *
	 * Standard Column Names (i.e. names to choose from):
	 * selection, edit, id, project_id, reporter_id, handler_id, priority, reproducibility, projection, eta,
	 * resolution, fixed_in_version, view_state, os, os_build, build (for product build), platform, version, date_submitted, attachment,
	 * category, sponsorship_total, severity, status, last_updated, summary, bugnotes_count, description,
	 * steps_to_reproduce, additional_information
	 *
	 * @global array $g_view_issues_page_columns
	 */
	$g_view_issues_page_columns = array ( 'selection', 'edit', 'priority', 'id', 'sponsorship_total', 'bugnotes_count', 'attachment_count', 'date_submitted', 'category_id', 'severity', 'status', 'last_updated', 'view_state', 'summary' );

	/**
	 * The default columns to be included in the Print Issues Page.
	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
	 * Also each user can configure their own columns using My Account -> Manage Columns
	 * @global array $g_print_issues_page_columns
	 */
	$g_print_issues_page_columns = array ( 'selection', 'priority', 'id', 'sponsorship_total', 'bugnotes_count', 'attachment_count', 'category_id', 'severity', 'status', 'last_updated', 'summary' );

	/**
	 * The default columns to be included in the CSV export.
	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
	 * Also each user can configure their own columns using My Account -> Manage Columns
	 * @global array $g_csv_columns
	 */
	$g_csv_columns = array ( 'id', 'project_id', 'reporter_id', 'handler_id', 'priority', 'severity', 'reproducibility', 'version', 'projection', 'category_id', 'date_submitted', 'eta', 'os', 'os_build', 'platform', 'view_state', 'last_updated', 'summary', 'status', 'resolution', 'fixed_in_version' );

	/**
	 * The default columns to be included in the Excel export.
	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
	 * Also each user can configure their own columns using My Account -> Manage Columns
	 * @global array $g_excel_columns
	 */
	$g_excel_columns = array ( 'id', 'project_id', 'reporter_id', 'handler_id', 'priority', 'severity', 'reproducibility', 'version', 'projection', 'category_id', 'date_submitted', 'eta', 'os', 'os_build', 'platform', 'view_state', 'last_updated', 'summary', 'status', 'resolution', 'fixed_in_version' );

	/**
	 * show projects when in All Projects mode
	 * @global int $g_show_bug_project_links
	 */
	$g_show_bug_project_links	= ON;

	/**
	 * Position of the status colour legend, can be: POSITION_*
	 * see constant_inc.php. (*: TOP , BOTTOM , or BOTH)
	 * @global int $g_status_legend_position
	 */
	$g_status_legend_position	= STATUS_LEGEND_POSITION_BOTTOM;

	/**
	 * Show a legend with percentage of bug status
	 * x% of all bugs are new, y% of all bugs are assigned and so on.
	 * If set to ON it will printed below the status colour legend.
	 * @global int $g_status_percentage_legend
	 */
	$g_status_percentage_legend = ON;

	/**
	 * Position of action buttons when viewing issues.
	 * Can be: POSITION_TOP, POSITION_BOTTOM, or POSITION_BOTH.
	 * @global int $g_action_button_position
	 */
	$g_action_button_position = POSITION_BOTH;

	/**
	 * show product versions in create, view and update screens
	 * ON forces display even if none are defined
	 * OFF suppresses display
	 * AUTO suppresses the display if there are no versions defined for the project
	 * @global int $g_show_product_version
	 */
	$g_show_product_version = OFF;

	/**
	 * show users with their real name or not
	 * @global int $g_show_realname
	 */
	$g_show_realname = ON;

	/**
	 * sorting for names in dropdown lists. If turned on, "Jane Doe" will be sorted with the "D"s
	 * @global int $g_sort_by_last_name
	 */
	$g_sort_by_last_name = ON;

	/**
	 * Show user avatar
	 * the current implementation is based on http://www.gravatar.com
	 * users will need to register there the same address used in
	 * this MantisBT installation to have their avatar shown
	 * Please note: upon registration or avatar change, it takes some time for
	 * the updated gravatar images to show on sites
	 * @global int $g_show_avatar
	 */
	$g_show_avatar = ON;

	/**
	 * Only users above this threshold will have their avatar shown
	 * @global int $g_show_avatar_threshold
	 */
	$g_show_avatar_threshold = VIEWER;

	/**************************
	 * MantisBT Time Settings *
	 **************************/

	/**************************
	 * MantisBT Date Settings *
	 **************************/

	/**
	 * date format strings defaults to ISO 8601 formatting
	 * go to http://www.php.net/manual/en/function.date.php
	 * for detailed instructions on date formatting
	 * @global string $g_short_date_format
	 */
	$g_short_date_format    = 'd-m-Y';

	/**
	 * date format strings defaults to ISO 8601 formatting
	 * go to http://www.php.net/manual/en/function.date.php
	 * for detailed instructions on date formatting
	 * @global string $g_normal_date_format
	 */
	$g_normal_date_format   = 'd-m-Y H:i';

	/**
	 * date format strings defaults to ISO 8601 formatting
	 * go to http://www.php.net/manual/en/function.date.php
	 * for detailed instructions on date formatting
	 * @global string $g_complete_date_format
	 */
	$g_complete_date_format = 'd-m-Y H:i T';

	/**
	 * jscalendar date format string
	 * go to http://www.php.net/manual/en/function.date.php
	 * for detailed instructions on date formatting
	 * @global string $g_calendar_js_date_format
	 */
	$g_calendar_js_date_format   = '\%d-\%m-\%Y \%H:\%M';

	/**
	 * jscalendar date format string
	 * go to http://www.php.net/manual/en/function.date.php
	 * for detailed instructions on date formatting
	 * @global string $g_calendar_date_format
	 */
	$g_calendar_date_format   = 'd-m-Y H:i';

	/**************************
	 * MantisBT TimeZone Settings *
	 **************************/

	/**************************
	 * MantisBT News Settings *
	 **************************/

	/********************************
	 * MantisBT Default Preferences *
	 ********************************/

	/**
	 * signup default
	 * look in constant_inc.php for values
	 * @global int $g_default_new_account_access_level
	 */
	$g_default_new_account_access_level	= REPORTER;

	/**
	 * Default Bug View Status (VS_PUBLIC or VS_PRIVATE)
	 * @global int $g_default_bug_view_status
	 */
	$g_default_bug_view_status = VS_PUBLIC;

	/**
	 * Default value for steps to reproduce field.
	 * @global string $g_default_bug_steps_to_reproduce
	 */
	$g_default_bug_steps_to_reproduce = '';

	/**
	 * Default value for addition information field.
	 * @global string $g_default_bug_additional_info
	 */
	$g_default_bug_additional_info = '';

	/**
	 * Default Bugnote View Status (VS_PUBLIC or VS_PRIVATE)
	 * @global int $g_default_bugnote_view_status
	 */
	$g_default_bugnote_view_status = VS_PUBLIC;

	/**
	 * Default bug resolution when reporting a new bug
	 * @global int $g_default_bug_resolution
	 */
	$g_default_bug_resolution = OPEN;

	/**
	 * Default bug severity when reporting a new bug
	 * @global int $g_default_bug_severity
	 */
	$g_default_bug_severity = TRIVIAL;

	/**
	 * Default bug priority when reporting a new bug
	 * @global int $g_default_bug_priority
	 */
	$g_default_bug_priority = NORMAL;

	/**
	 * Default bug reproducibility when reporting a new bug
	 * @global int $g_default_bug_reproducibility
	 */
	$g_default_bug_reproducibility = REPRODUCIBILITY_EMPTY;

	/**
	 * Default bug projection when reporting a new bug
	 * @global int $g_default_bug_projection
	 */
	$g_default_bug_projection = PROJECTION_NONE;

	/**
	 * Default bug ETA when reporting a new bug
	 * @global int $g_default_bug_eta
	 */
	$g_default_bug_eta = ETA_NONE;

	/**
	 *
	 * @global int $g_default_limit_view
	 */
	$g_default_limit_view	= 100;

	/**
	 *
	 * @global int $g_default_show_changed
	 */
	$g_default_show_changed	= 24;

	/**
	 *
	 * @global int $g_hide_status_default
	 */
	$g_hide_status_default 	= CLOSED;

	/**
	 *
	 * @global string $g_show_sticky_issues
	 */
	$g_show_sticky_issues   = OFF;

	/**
	 * make sure people aren't refreshing too often
	 * in minutes
	 * @global int $g_min_refresh_delay
	 */
	$g_min_refresh_delay	= 10;

	/**
	 * in minutes
	 * @global int $g_default_refresh_delay
	 */
	$g_default_refresh_delay		= 30;

	/**
	 * in seconds
	 * @global int $g_default_redirect_delay
	 */
	$g_default_redirect_delay		= 0;

	/**
	 *
	 * @global string $g_default_bugnote_order
	 */
	$g_default_bugnote_order		= 'DESC';

	/**
	 *
	 * @global int $g_default_email_on_new
	 */
	$g_default_email_on_new			= ON;

	/**
	 *
	 * @global int $g_default_email_on_assigned
	 */
	$g_default_email_on_assigned	= ON;

	/**
	 *
	 * @global int $g_default_email_on_feedback
	 */
	$g_default_email_on_feedback	= ON;

	/**
	 *
	 * @global int $g_default_email_on_resolved
	 */
	$g_default_email_on_resolved	= ON;

	/**
	 *
	 * @global int $g_default_email_on_closed
	 */
	$g_default_email_on_closed		= ON;

	/**
	 *
	 * @global int $g_default_email_on_reopened
	 */
	$g_default_email_on_reopened	= ON;

	/**
	 *
	 * @global int $g_default_email_on_bugnote
	 */
	$g_default_email_on_bugnote		= ON;

	/**
	 * @todo Unused
	 * @global int $g_default_email_on_status
	 */
	$g_default_email_on_status		= 0;

	/**
	 * @todo Unused
	 * @global int $g_default_email_on_priority
	 */
	$g_default_email_on_priority	= 0;

	/**
	 * 'any'
	 * @global int $g_default_email_on_new_minimum_severity
	 */
	$g_default_email_on_new_minimum_severity		= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_assigned_minimum_severity
	 */
	$g_default_email_on_assigned_minimum_severity	= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_feedback_minimum_severity
	 */
	$g_default_email_on_feedback_minimum_severity	= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_resolved_minimum_severity
	 */
	$g_default_email_on_resolved_minimum_severity	= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_closed_minimum_severity
	 */
	$g_default_email_on_closed_minimum_severity		= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_reopened_minimum_severity
	 */
	$g_default_email_on_reopened_minimum_severity	= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_bugnote_minimum_severity
	 */
	$g_default_email_on_bugnote_minimum_severity	= OFF;

	/**
	 * 'any'
	 * @global int $g_default_email_on_status_minimum_severity
	 */
	$g_default_email_on_status_minimum_severity		= OFF;

	/**
	 * @todo Unused
	 * @global int $g_default_email_on_priority_minimum_severity
	 */
	$g_default_email_on_priority_minimum_severity	= OFF;

	/**
	 *
	 * @global int $g_default_email_bugnote_limit
	 */
	$g_default_email_bugnote_limit					= 0;

	/*****************************
	 * MantisBT Summary Settings *
	 *****************************/

	/**
	 * how many reporters to show
	 * this is useful when there are hundreds of reporters
	 * @global int $g_reporter_summary_limit
	 */
	$g_reporter_summary_limit	= 10;

	/**
	 * summary date displays
	 * date lengths to count bugs by (in days)
	 * @global array $g_date_partitions
	 */
	$g_date_partitions			= array( 1, 2, 3, 7, 30, 60, 90, 180, 365);

	/**
	 * shows project '[project] category' when 'All Projects' is selected
	 * otherwise only 'category name'
	 * @global int $g_summary_category_include_project
	 */
	$g_summary_category_include_project	= ON;

	/**
	 * threshold for viewing summary
	 * @global int $g_view_summary_threshold
	 */
	$g_view_summary_threshold	= MANAGER;

	/**
	 * Define the multipliers which are used to determine the effectiveness
	 * of reporters based on the severity of bugs. Higher multipliers will
	 * result in an increase in reporter effectiveness.
	 * @global array $g_severity_multipliers
	 */
	$g_severity_multipliers = array( FEATURE => 1,
	                                 TRIVIAL => 2,
	                                 TEXT    => 3,
	                                 TWEAK   => 2,
	                                 MINOR   => 5,
	                                 MAJOR   => 8,
	                                 CRASH   => 8,
	                                 BLOCK   => 10 );

	/**
	 * Define the resolutions which are used to determine the effectiveness
	 * of reporters based on the resolution of bugs. Higher multipliers will
	 * result in a decrease in reporter effectiveness. The only resolutions
	 * that need to be defined here are those which match or exceed
	 * $g_bug_resolution_not_fixed_threshold.
	 * @global array $g_resolution_multipliers
	 */
	$g_resolution_multipliers = array( UNABLE_TO_DUPLICATE => 2,
	                                   NOT_FIXABLE         => 1,
	                                   DUPLICATE           => 3,
	                                   NOT_A_BUG           => 5,
	                                   SUSPENDED           => 1,
	                                   WONT_FIX            => 1 );

	/*****************************
	 * MantisBT Bugnote Settings *
	 *****************************/

	/**
	 * bugnote ordering
	 * change to ASC or DESC
	 * @global string $g_bugnote_order
	 */
	$g_bugnote_order		= 'DESC';

	/*********************************
	 * MantisBT Bug History Settings *
	 *********************************/

	/**
	 * bug history visible by default when you view a bug
	 * change to ON or OFF
	 * @global int $g_history_default_visible
	 */
	$g_history_default_visible	= ON;

	/**
	 * bug history ordering
	 * change to ASC or DESC
	 * @global string $g_history_order
	 */
	$g_history_order		= 'DESC';

	/******************************
	 * MantisBT Reminder Settings *
	 ******************************/

	/**
	 * are reminders stored as bugnotes
	 * @global int $g_store_reminders
	 */
	$g_store_reminders		= ON;

	/**
	 * Automatically add recipients of reminders to monitor list, if they are not
	 * the handler or the reporter (since they automatically get notified, if required)
	 * If recipients of the reminders are below the monitor threshold, they will not be added.
	 * @global int $g_reminder_recipients_monitor_bug
	 */
	$g_reminder_recipients_monitor_bug = ON;

	/**
	 * Default Reminder View Status (VS_PUBLIC or VS_PRIVATE)
	 * @global int $g_default_reminder_view_status
	 */
	$g_default_reminder_view_status = VS_PUBLIC;

	/**
	 * The minimum access level required to show up in the list of users who can receive a reminder.
	 * The access level is that of the project to which the issue belongs.
	 * @global int $g_reminder_receive_threshold
	 */
	$g_reminder_receive_threshold = DEVELOPERCUSTOMER;

	/*********************************
	 * MantisBT Sponsorship Settings *
	 *********************************/

	/**
	 * Whether to enable/disable the whole issue sponsorship feature
	 * @global int $g_enable_sponsorship
	 */
	$g_enable_sponsorship = OFF;

	/**
	 * Currency used for all sponsorships.
	 * @global string $g_sponsorship_currency
	 */
	$g_sponsorship_currency = 'EUR()';

	/**
	 * Access level threshold needed to view the total sponsorship for an issue by all users.
	 * @global int $g_view_sponsorship_total_threshold
	 */
	$g_view_sponsorship_total_threshold = VIEWER;

	/**
	 * Access level threshold needed to view the users sponsoring an issue and the sponsorship
	 * amount for each.
	 * @global int $g_view_sponsorship_details_threshold
	 */
	$g_view_sponsorship_details_threshold = VIEWER;

	/**
	 * Access level threshold needed to allow user to sponsor issues.
	 * @global int $g_sponsor_threshold
	 */
	$g_sponsor_threshold = REPORTER;

	/**
	 * Access level required to be able to handle sponsored issues.
	 * @global int $g_handle_sponsored_bugs_threshold
	 */
	$g_handle_sponsored_bugs_threshold = DEVELOPER;

	/**
	 * Access level required to be able to assign a sponsored issue to a user with access level
	 * greater or equal to 'handle_sponsored_bugs_threshold'.
	 * @global int $g_assign_sponsored_bugs_threshold
	 */
	$g_assign_sponsored_bugs_threshold = MANAGER;

	/**
	 * Minimum sponsorship amount. If the user enters a value less than this, an error will be prompted.
	 * @global int $g_minimum_sponsorship_amount
	 */
	$g_minimum_sponsorship_amount = 5;

	/*********************************
	 * MantisBT File Upload Settings *
	 *********************************/

	/**
	 * --- file upload settings --------
	 * This is the master setting to disable *all* file uploading functionality
	 *
	 * If you want to allow file uploads, you must also make sure that they are
	 *  enabled in php.  You may need to add 'file_uploads = TRUE' to your php.ini
	 *
	 * See also: $g_upload_project_file_threshold, $g_upload_bug_file_threshold,
	 *   $g_allow_reporter_upload
	 * @global int $g_allow_file_upload
	 */
	$g_allow_file_upload	= ON;

	/**
	 * Upload destination: specify actual location in project settings
	 * DISK, DATABASE, or FTP.
	 * @global int $g_file_upload_method
	 */
	$g_file_upload_method	= DISK;

	/**
	 * When using FTP or DISK for storing uploaded files, this setting control
	 * the access permissions they will have on the web server: with the default
	 * value (0400) files will be read-only, and accessible only by the user
	 * running the apache process (probably "apache" in Linux and "Administrator"
	 * in Windows).
	 * For more details on unix style permissions:
	 * http://www.perlfect.com/articles/chmod.shtml
	 * @global int $g_attachments_file_permissions
	 */
	$g_attachments_file_permissions = 0400;

	/**
	 * Maximum file size that can be uploaded
	 * Also check your PHP settings (default is usually 2MBs)
	 * @global int $g_max_file_size
	 */
	$g_max_file_size		= 8192000;

	/**
	 * Files that are allowed or not allowed.  Separate items by commas.
	 * eg. 'php,html,java,exe,pl'
	 * if $g_allowed_files is filled in NO other file types will be allowed.
	 * $g_disallowed_files takes precedence over $g_allowed_files
	 * @global string $g_allowed_files
	 */
	$g_allowed_files		= '';

	/**
	 *
	 * @global string $g_disallowed_files
	 */
	$g_disallowed_files		= 'class,exe,pl';

	/**
	 * prefix to be used for the file system names of files uploaded to projects.
	 * Eg: doc-001-myprojdoc.zip
	 * @global string $g_document_files_prefix
	 */
	$g_document_files_prefix = 'doc';

	/**
	 * absolute path to the default upload folder.  Requires trailing / or \
	 * @global string $g_absolute_path_default_upload_folder
	 */
	$g_absolute_path_default_upload_folder = '<absolute_path_default_upload_folder>';

	/**************************
	 * MantisBT HTML Settings *
	 **************************/

	/**
	 * These are the valid html tags for multi-line fields (e.g. description)
	 * do NOT include href or img tags here
	 * do NOT include tags that have parameters (eg. <font face="arial">)
	 * @global string $g_html_valid_tags
	 */
	$g_html_valid_tags		= 'p, li, ul, ol, br, pre, i, b, u, em, del';

	/************************
	 * MantisBT HR Settings *
	 ************************/

	/**************************
	 * MantisBT LDAP Settings *
	 **************************/

	/*******************
	 * Status Settings *
	 *******************/

	/**
	 * Status to assign to the bug when submitted.
	 * @global int $g_bug_submit_status
	 */
	$g_bug_submit_status = NEW_;

	/**
	 * Status to assign to the bug when assigned.
	 * @global int $g_bug_assigned_status
	 */
	$g_bug_assigned_status = ASSIGNED;

	/**
	 * Status to assign to the bug when reopened.
	 * @global int $g_bug_reopen_status
	 */
	$g_bug_reopen_status = NORESOLVED;

	/**
	 * Status to assign to the bug when feedback is required from the issue reporter.
	 * Once the reporter adds a note the status moves back from feedback to $g_bug_assigned_status
	 * or $g_bug_submit_status.
	 * @global int $g_bug_feedback_status
	 */
	$g_bug_feedback_status = FEEDBACK;

	/**
	 * When a note is added to a bug currently in $g_bug_feedback_status, and the note
	 * author is the bug's reporter, this option will automatically set the bug status
	 * to $g_bug_submit_status or $g_bug_assigned_status if the bug is assigned to a
	 * developer.  Defaults to enabled.
	 * @global boolean $g_reassign_on_feedback
	 */
	$g_reassign_on_feedback = OFF;

	/**
	 * Resolution to assign to the bug when reopened.
	 * @global int $g_bug_reopen_resolution
	 */
	$g_bug_reopen_resolution = REOPENED;

	/**
	 * Bug becomes readonly if its status is >= this status.  The bug becomes read/write again if re-opened and its
	 * status becomes less than this threshold.
	 * @global int $g_bug_readonly_status_threshold
	 */
	$g_bug_readonly_status_threshold = CLOSED;

	/**
	 * Bug is resolved, ready to be closed or reopened.  In some custom installations a bug
	 * may be considered as resolved when it is moved to a custom (FIXED or TESTED) status.
	 * @global int $g_bug_resolved_status_threshold
	 */
	$g_bug_resolved_status_threshold = RESOLVED;

	/**
	 * Threshold resolution which denotes that a bug has been resolved and
	 * successfully fixed by developers. Resolutions above this threshold
	 * and below $g_bug_resolution_not_fixed_threshold are considered to be
	 * resolved successfully.
	 * @global int $g_bug_resolution_fixed_threshold
	 */
	$g_bug_resolution_fixed_threshold = FIXED;

	/**
	 * Threshold resolution which denotes that a bug has been resolved without
	 * being successfully fixed by developers. Resolutions above this
	 * threshold are considered to be resolved in an unsuccessful way.
	 * @global int $g_bug_resolution_not_fixed_threshold
	 */
	$g_bug_resolution_not_fixed_threshold = WONT_FIX;

	/**
	 * Bug is closed.  In some custom installations a bug may be considered as closed when
	 * it is moved to a custom (COMPLETED or IMPLEMENTED) status.
	 * @global int $g_bug_closed_status_threshold
	 */
	$g_bug_closed_status_threshold = CLOSED;

	/**
	 * Automatically set status to ASSIGNED whenever a bug is assigned to a person.
	 * This is useful for installations where assigned status is to be used when
	 * the bug is in progress, rather than just put in a person's queue.
	 * @global int $g_auto_set_status_to_assigned
	 */
	$g_auto_set_status_to_assigned	= ON;

	/**
	 * 'status_enum_workflow' defines the workflow, and reflects a simple
	 *  2-dimensional matrix. For each existing status, you define which
	 *  statuses you can go to from that status, e.g. from NEW_ you might list statuses
	 *  '10:new,20:feedback,30:acknowledged' but not higher ones.
	 * The following example can be transferred to config_inc.php
	 * $g_status_enum_workflow[NEW_]='20:feedback,30:acknowledged,40:confirmed,50:assigned,80:resolved';
	 * $g_status_enum_workflow[FEEDBACK] ='10:new,30:acknowledged,40:confirmed,50:assigned,80:resolved';
	 * $g_status_enum_workflow[ACKNOWLEDGED] ='20:feedback,40:confirmed,50:assigned,80:resolved';
	 * $g_status_enum_workflow[CONFIRMED] ='20:feedback,50:assigned,80:resolved';
	 * $g_status_enum_workflow[ASSIGNED] ='20:feedback,80:resolved,90:closed';
	 * $g_status_enum_workflow[RESOLVED] ='50:assigned,90:closed';
	 * $g_status_enum_workflow[CLOSED] ='50:assigned';
	 * @global array $g_status_enum_workflow
	 */
	$g_status_enum_workflow = array();

	/****************************
	 * Bug Attachments Settings *
	 ****************************/

	/**
	 * Specifies the maximum width for the auto-preview feature.  If no maximum width should be imposed
	 * then it should be set to 0.
	 * @global int $g_preview_max_width
	 */
	$g_preview_max_width = 800;

	/**
	 * Specifies the maximum height for the auto-preview feature.  If no maximum height should be imposed
	 * then it should be set to 0.
	 * @global int $g_preview_max_height
	 */
	$g_preview_max_height = 600;

	/**
	 * Show an attachment indicator on bug list
	 * Show a clickable attachment indicator on the bug
	 * list page if the bug has one or more files attached.
	 * Note: This option is disabled by default since it adds
	 * 1 database query per bug listed and thus might slow
	 * down the page display.
	 *
	 * @global int $g_show_attachment_indicator
	 */
	$g_show_attachment_indicator = ON;

	/**
	 * access level needed to delete bug attachments
	 * @global int $g_delete_attachments_threshold
	 */
	$g_delete_attachments_threshold	= DEVELOPERCUSTOMER;

	/**
	 * allow users to delete attachments uploaded by themselves even if their access
	 * level is below delete_attachments_threshold.
	 * @global int $g_allow_delete_own_attachments
	 */
	$g_allow_delete_own_attachments = ON;

	/**********************
	 * Field Visibility
	 **********************/

	/**
	 * Enable or disable usage of the ETA field.
	 * @global int $g_enable_eta
	 */
	$g_enable_eta = OFF;

	/**
	 * Enable or disable usage of the Projection field.
	 * @global int $g_enable_projection
	 */
	$g_enable_projection = OFF;

	/**
	 * Enable or disable usage of the Product Build field.
	 * @global int $g_enable_product_build
	 */
	$g_enable_product_build = OFF;

	/**
	 * An array of the fields to show on the bug report page.
	 *
	 * The following fields can not be included:
	 * id, project, date_submitted, last_updated, status,
	 * resolution, tags, fixed_in_version, projection, eta,
	 * reporter.
	 *
	 * The following fields must be included:
	 * category_id, summary, description.
	 *
	 * To overload this setting per project, then the settings must be included in the database through
	 * the generic configuration form.
	 *
	 * @global array $g_bug_report_page_fields
	 */
	$g_bug_report_page_fields = array(
		'category_id',
		'view_state',
		'handler',
		'priority',
		'severity',
		'summary',
		'description',
		'attachments',
	);

	/**
	 * An array of the fields to show on the bug view page.
	 *
	 * To overload this setting per project, then the settings must be included in the database through
	 * the generic configuration form.
	 *
	 * @global array $g_bug_view_page_fields
	 */
	$g_bug_view_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'status',
		'resolution',
		'summary',
		'description',
		'tags',
		'attachments',
	);

	/**
	 * An array of the fields to show on the bug print page.
	 * @global array $g_bug_print_page_fields
	 */
	$g_bug_print_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'status',
		'resolution',
		'summary',
		'description',
		'tags',
		'attachments',
	);

	/**
	 * An array of the fields to show on the bug update page.
	 *
	 * To overload this setting per project, then the settings must be included in the database through
	 * the generic configuration form.
	 *
	 * @global array $g_bug_update_page_fields
	 */
	$g_bug_update_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'status',
		'resolution',
		'summary',
		'description',
		'attachments',
	);

	/**
	 * An array of the fields to show on the bug change status page.
	 *
	 * To overload this setting per project, then the settings must be included in the database through
	 * the generic configuration form.
	 *
	 * @global array $g_bug_change_status_page_fields
	 */
	$g_bug_change_status_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'status',
		'resolution',
		'summary',
		'description',
		'tags',
		'attachments',
	);

	/**************************
	 * MantisBT Misc Settings *
	 **************************/

	/**
	 * access level needed to report a bug
	 * @global int $g_report_bug_threshold
	 */
	$g_report_bug_threshold			= REPORTER;

	/**
	 * access level needed to update bugs (i.e., the update_bug_page)
	 * This controls whether the user sees the "Update Bug" button in bug_view*_page
	 * and the pencil icon in view_all_bug_page
	 * @global int $g_update_bug_threshold
	 */
	$g_update_bug_threshold			= UPDATER;

	/**
	 * Access level needed to monitor bugs.
	 * Look in the constant_inc.php file if you want to set a different value.
	 * @global int $g_monitor_bug_threshold
	 */
	$g_monitor_bug_threshold = REPORTER;

	/**
	 * Access level needed to add other users to the list of users monitoring
	 * a bug.
	 * Look in the constant_inc.php file if you want to set a different value.
	 * @global int $g_monitor_add_others_bug_threshold
	 */
	$g_monitor_add_others_bug_threshold = DEVELOPERCUSTOMER;

	/**
	 * Access level needed to delete other users from the list of users
	 * monitoring a bug.
	 * Look in the constant_inc.php file if you want to set a different value.
	 * @global int $g_monitor_add_others_bug_threshold
	 */
	$g_monitor_delete_others_bug_threshold = DEVELOPERCUSTOMER;

	/**
	 * access level needed to view private bugs
	 * Look in the constant_inc.php file if you want to set a different value
	 * @global int $g_private_bug_threshold
	 */
	$g_private_bug_threshold		= DEVELOPER;

	/**
	 * access level needed to be able to be listed in the assign to field.
	 * @global int $g_handle_bug_threshold
	 */
	$g_handle_bug_threshold			= DEVELOPER;

	/**
	 * access level needed to show the Assign To: button bug_view*_page or
	 *  the Assigned list in bug_update*_page.
	 *  This allows control over who can route bugs
	 * This defaults to $g_handle_bug_threshold
	 * @global int $g_update_bug_assign_threshold
	 */
	$g_update_bug_assign_threshold			= '%handle_bug_threshold%';

	/**
	 * access level needed to view private bugnotes
	 * Look in the constant_inc.php file if you want to set a different value
	 * @global int $g_private_bugnote_threshold
	 */
	$g_private_bugnote_threshold	= DEVELOPER;

	/**
	 * access level needed to view handler in bug reports and notification email
	 * @todo yarick123: now it is implemented for notification email only
	 * @global int $g_view_handler_threshold
	 */
	$g_view_handler_threshold		= VIEWER;

	/**
	 * access level needed to view history in bug reports and notification email
	 * @todo yarick123: now it is implemented for notification email only
	 * @global int $g_view_history_threshold
	 */
	$g_view_history_threshold		= DEVELOPERCUSTOMER;

	/**
	 * access level needed to send a reminder from the bug view pages
	 * set to NOBODY to disable the feature
	 * @global int $g_bug_reminder_threshold
	 */
	$g_bug_reminder_threshold		= DEVELOPER;

	/**
	 * Access lever required to drop bug history revisions
	 * @global int $g_bug_revision_drop_threshold
	 */
	$g_bug_revision_drop_threshold = MANAGER;

	/**
	 * access level needed to upload files to the project documentation section
	 * You can set this to NOBODY to prevent uploads to projects
	 * See also: $g_upload_bug_file_threshold, $g_allow_file_upload
	 * @global int $g_upload_project_file_threshold
	 */
	$g_upload_project_file_threshold = MANAGER;

	/**
	 * access level needed to upload files to attach to a bug
	 * You can set this to NOBODY to prevent uploads to bugs but note that
	 *  the reporter of the bug will still be able to upload unless you set
	 *  $g_allow_reporter_upload or $g_allow_file_upload to OFF
	 * See also: $g_upload_project_file_threshold, $g_allow_file_upload,
	 *			$g_allow_reporter_upload
	 * @global int $g_upload_bug_file_threshold
	 */
	$g_upload_bug_file_threshold	= REPORTER;

	/**
	 * Add bugnote threshold
	 * @global int $g_add_bugnote_threshold
	 */
	$g_add_bugnote_threshold = REPORTER;

	/**
	 * Update bugnote threshold (if the bugnote is not your own)
	 * @global int $g_update_bugnote_threshold
	 */
	$g_update_bugnote_threshold = DEVELOPER;

	/**
	 * Threshold needed to view project documentation
	 * @global int $g_view_proj_doc_threshold
	 */
	$g_view_proj_doc_threshold = ANYBODY;

	/**
	 * Site manager
	 * @global int $g_manage_site_threshold
	 */
	$g_manage_site_threshold = MANAGER;

	/**
	 * Threshold at which a user is considered to be a site administrator.
	 * These users have "superuser" access to all aspects of Mantis including
	 * the admin/ directory. WARNING: DO NOT CHANGE THIS VALUE UNLESS YOU
	 * ABSOLUTELY KNOW WHAT YOU'RE DOING! Users at this access level have the
	 * ability to damage your Mantis installation and data within the database.
	 * It is strongly advised you leave this option alone.
	 * @global int $g_admin_site_threshold
	 */
	$g_admin_site_threshold = ADMINISTRATOR;

	/**
	 * Threshold needed to manage a project: edit project
	 * details (not to add/delete projects) ...etc.
	 * @global int $g_manage_project_threshold
	 */
	$g_manage_project_threshold = MANAGER;

	/**
	 * Threshold needed to add/delete/modify news
	 * @global int $g_manage_news_threshold
	 */
	$g_manage_news_threshold = MANAGER;

	/**
	 * Threshold required to delete a project
	 * @global int $g_delete_project_threshold
	 */
	$g_delete_project_threshold = ADMINISTRATOR;

	/**
	 * Threshold needed to create a new project
	 * @global int $g_create_project_threshold
	 */
	$g_create_project_threshold = ADMINISTRATOR;

	/**
	 * Threshold needed to be automatically included in private projects
	 * @global int $g_private_project_threshold
	 */
	$g_private_project_threshold = ADMINISTRATOR;

	/**
	 * Threshold needed to manage user access to a project
	 * @global int $g_project_user_threshold
	 */
	$g_project_user_threshold = MANAGER;

	/**
	 * Threshold needed to manage user accounts
	 * @global int $g_manage_user_threshold
	 */
	$g_manage_user_threshold = ADMINISTRATOR;

	/**
	 * Delete bug threshold
	 * @global int $g_delete_bug_threshold
	 */
	$g_delete_bug_threshold = DEVELOPER;

	/**
	 * Delete bugnote threshold
	 * @global string $g_delete_bugnote_threshold
	 */
	$g_delete_bugnote_threshold = '%delete_bug_threshold%';

	/**
	 * Are users allowed to change and delete their own bugnotes?
	 * @global int $g_bugnote_allow_user_edit_delete
	 */
	$g_bugnote_allow_user_edit_delete = ON;

	/**
	 * Move bug threshold
	 * @global int $g_move_bug_threshold
	 */
	$g_move_bug_threshold = DEVELOPER;

	/**
	 * Threshold needed to set the view status while reporting a bug or a bug note.
	 * @global int $g_set_view_status_threshold
	 */
	$g_set_view_status_threshold = REPORTER;

	/**
	 * Threshold needed to update the view status while updating a bug or a bug note.
	 * This threshold should be greater or equal to $g_set_view_status_threshold.
	 * @global int $g_change_view_status_threshold
	 */
	$g_change_view_status_threshold = UPDATER;

	/**
	 * Threshold needed to show the list of users montoring a bug on the bug view pages.
	 * @global int $g_show_monitor_list_threshold
	 */
	$g_show_monitor_list_threshold = DEVELOPER;

	/**
	 * Threshold needed to be able to use stored queries
	 * @global int $g_stored_query_use_threshold
	 */
	$g_stored_query_use_threshold = REPORTER;

	/**
	 * Threshold needed to be able to create stored queries
	 * @global int $g_stored_query_create_threshold
	 */
	$g_stored_query_create_threshold = DEVELOPERCUSTOMER;

	/**
	 * Threshold needed to be able to create shared stored queries
	 * @global int $g_stored_query_create_shared_threshold
	 */
	$g_stored_query_create_shared_threshold = MANAGER;

	/**
	 * Threshold needed to update readonly bugs.  Readonly bugs are identified via
	 * $g_bug_readonly_status_threshold.
	 * @global int $g_update_readonly_bug_threshold
	 */
	$g_update_readonly_bug_threshold = MANAGER;

	/**
	 * threshold for viewing changelog
	 * @global int $g_view_changelog_threshold
	 */
	$g_view_changelog_threshold = NOBODY;

	/**
	 * threshold for viewing roadmap
	 * @global int $g_roadmap_view_threshold
	 */
	$g_roadmap_view_threshold = NOBODY;

	/**
	 * threshold for updating roadmap, target_version, etc
	 * @global int $g_roadmap_update_threshold
	 */
	$g_roadmap_update_threshold = DEVELOPER;

	/**
	 * status change thresholds
	 * @global int $g_update_bug_status_threshold
	 */
	$g_update_bug_status_threshold = DEVELOPER;

	/**
	 * access level needed to re-open bugs
	 * @global int $g_reopen_bug_threshold
	 */
	$g_reopen_bug_threshold			= DEVELOPER;

	/**
	 * access level needed to assign bugs to unreleased product versions
	 * @global int $g_report_issues_for_unreleased_versions_threshold
	 */
	$g_report_issues_for_unreleased_versions_threshold = DEVELOPER;

	/**
	 * access level needed to set a bug sticky
	 * @global int $g_set_bug_sticky_threshold
	 */
	$g_set_bug_sticky_threshold			= NOBODY;

	/**
	 * The minimum access level for someone to be a member of the development team
	 * and appear on the project information page.
	 * @global int $g_development_team_threshold
	 */
	$g_development_team_threshold = DEVELOPER;

	/**
	 * this array sets the access thresholds needed to enter each status listed.
	 * if a status is not listed, it falls back to $g_update_bug_status_threshold
	 * example: $g_set_status_threshold = array( ACKNOWLEDGED => MANAGER, CONFIRMED => DEVELOPER, CLOSED => MANAGER );
	 * @global array $g_set_status_threshold
	 */
	$g_set_status_threshold = array();

	/**
	 * Allow a bug to have no category
	 * @global int $g_allow_no_category
	 */
	$g_allow_no_category = ON;

	/**
	 * login method
	 * CRYPT or PLAIN or MD5 or LDAP or BASIC_AUTH
	 * You can simply change this at will. MantisBT will try to figure out how the passwords were encrypted.
	 * @global int $g_login_method
	 */
	$g_login_method				= MD5;

	/**
	 * limit reporters
	 * Set to ON if you wish to limit reporters to only viewing bugs that they report.
	 * @global int $g_limit_reporters
	 */
	$g_limit_reporters			= OFF;

	/**
	 * close immediately
	 * Allow developers and above to close bugs immediately when resolving bugs
	 * @global int $g_allow_close_immediately
	 */
	$g_allow_close_immediately	= OFF;

	/**
	 * reporter can close
	 * Allow reporters to close the bugs they reported, after they're marked resolved.
	 * @global int $g_allow_reporter_close
	 */
	$g_allow_reporter_close		= OFF;

	/**
	 * reporter can reopen
	 * Allow reporters to reopen the bugs they reported, after they're marked resolved.
	 * @global int $g_allow_reporter_reopen
	 */
	$g_allow_reporter_reopen	= ON;

	/**
	 * reporter can upload
	 * Allow reporters to upload attachments to bugs they reported.
	 * @global int $g_allow_reporter_upload
	 */
	$g_allow_reporter_upload	= ON;

	/**
	 * account delete
	 * Allow users to delete their own accounts
	 * @global int $g_allow_account_delete
	 */
	$g_allow_account_delete		= OFF;

	/**
	 * Enable anonymous access to Mantis. You must also specify
	 * $g_anonymous_account as the account which anonymous users will browse
	 * Mantis with. The default setting is OFF.
	 * @global int $g_allow_anonymous_login
	 */
	$g_allow_anonymous_login	= OFF;

	/**
	 * Define the account which anonymous users will assume when using Mantis.
	 * You only need to define this setting when $g_allow_anonymous_login is
	 * set to ON. This account will always be treated as a protected account
	 * and thus anonymous users will not be able to update the preferences or
	 * settings of this account. It is suggested that the access level of this
	 * account have read only access to your Mantis installation (VIEWER).
	 * Please read the documentation on this topic before setting up anonymous
	 * access to your Mantis installation.
	 * @global string $g_anonymous_account
	 */
	$g_anonymous_account		= '';

	/**
	 * Bug Linking
	 * if a number follows this tag it will create a link to a bug.
	 * eg. for # a link would be #45
	 * eg. for bug: a link would be bug:98
	 * @global string $g_bug_link_tag
	 */
	$g_bug_link_tag			= '#';

	/**
	 * Bugnote Linking
	 * if a number follows this tag it will create a link to a bugnote.
	 * eg. for ~ a link would be ~45
	 * eg. for bugnote: a link would be bugnote:98
	 * @global string $g_bugnote_link_tag
	 */
	$g_bugnote_link_tag			= '~';

	/**
	 * Bug Count Linking
	 * this is the prefix to use when creating links to bug views from bug counts (eg. on the main
	 * page and the summary page).
	 * Default is a temporary filter
	 * only change the filter this time - 'view_all_set.php?type=1&amp;temporary=y'
	 * permanently change the filter - 'view_all_set.php?type=1';
	 * @global string $g_bug_count_hyperlink_prefix
	 */
	$g_bug_count_hyperlink_prefix = 'view_all_set.php?type=1&amp;temporary=y';

	/**
	 * The regular expression to use when validating new user login names
	 * The default regular expression allows a-z, A-Z, 0-9, +, -, dot, space and
	 * underscore.  If you change this, you may want to update the
	 * ERROR_USER_NAME_INVALID string in the language files to explain
	 * the rules you are using on your site
	 * See http://en.wikipedia.org/wiki/Regular_Expression for more details about regular expressions.
	 * For testing regular expressions, use http://rubular.com/.
	 * @global string $g_user_login_valid_regex
	 */
	$g_user_login_valid_regex = '/^([a-z\d\-.+_ ]+(@[a-z\d\-.]+\.[a-z]{2,4})?)$/i';

	/**
	 * Default user name prefix used to filter the list of users in
	 * manage_user_page.php.  Change this to 'A' (or any other
	 * letter) if you have a lot of users in the system and loading
	 * the manage users page takes a long time.
	 * @global string $g_default_manage_user_prefix
	 */
	$g_default_manage_user_prefix = 'ALL';

	/**
	 * Default tag prefix used to filter the list of tags in
	 * manage_tags_page.php.  Change this to 'A' (or any other
	 * letter) if you have a lot of tags in the system and loading
	 * the manage tags page takes a long time.
	 * @global string $g_default_manage_tag_prefix
	 */
	$g_default_manage_tag_prefix = 'ALL';

	/**
	 * CSV Export
	 * Set the csv separator
	 * @global string $g_csv_separator
	 */
	$g_csv_separator = ',';

	/**
	 * threshold for users to view the system configurations
	 * @global int $g_view_configuration_threshold
	 */
	$g_view_configuration_threshold = ADMINISTRATOR;

	/**
	 * threshold for users to set the system configurations generically via MantisBT web interface.
	 * WARNING: Users who have access to set configuration via the interface MUST be trusted.  This is due
	 * to the fact that such users can set configurations to PHP code and hence there can be a security
	 * risk if such users are not trusted.
	 * @global int $g_set_configuration_threshold
	 */
	$g_set_configuration_threshold = ADMINISTRATOR;

	/************************************
	 * MantisBT Look and Feel Variables *
	 ************************************/

	/**
	 * status color codes, using the Tango color palette
	 * @global array $g_status_colors
	 */
	$g_status_colors		= array( 'new'			=> '#ffa0a0', // red    (scarlet red #ef2929)
									 'noresolved'	=> '#ef2929', 
									 'feedback'		=> '#ffffcc', // purple (plum        #75507b)
									 'acknowledged'	=> '#ffd850', // orange (orango      #f57900)
									 'confirmed'	=> '#ffffb0', // yellow (butter      #fce94f)
									 'assigned'		=> '#c8c8ff', // blue   (sky blue    #729fcf)
									 'hold'			=> '#729fcf', // blue   (sky blue    #729fcf)
									 'resolved'		=> '#cceedd', // green  (chameleon   #8ae234)
									 'closed'		=> '#e8e8e8'); // grey  (aluminum    #babdb6)

	/**
	 * The padding level when displaying project ids
	 *  The bug id will be padded with 0's up to the size given
	 * @global int $g_display_project_padding
	 */
	$g_display_project_padding	= 2;

	/**
	 * The padding level when displaying bug ids
	 *  The bug id will be padded with 0's up to the size given
	 * @global int $g_display_bug_padding
	 */
	$g_display_bug_padding		= 5;

	/**
	 * The padding level when displaying bugnote ids
	 *  The bugnote id will be padded with 0's up to the size given
	 * @global int $g_display_bugnote_padding
	 */
	$g_display_bugnote_padding	= 5;

	/*****************************
	 * MantisBT Cookie Variables *
	 *****************************/

	/**
	 * --- cookie prefix ---------------
	 * set this to a unique identifier.  No spaces.
	 * @global string $g_cookie_prefix
	 */
	$g_cookie_prefix		= '<cookie_prefix>';

	/*****************************
	 * MantisBT Filter Variables *
	 *****************************/

	/**
	 * The threshold required for users to be able to create permalinks.  To turn of this feature use NOBODY.
	 * @global int $g_create_permalink_threshold
	 */
	$g_create_permalink_threshold = NOBODY;

	/*************************************
	 * MantisBT Database Table Variables *
	 *************************************/

	/*************************
	 * MantisBT Enum Strings *
	 *************************/

	/**
	 * status from $g_status_index-1 to 79 are used for the onboard customization (if enabled)
	 * directly use MantisBT to edit them.
	 * @global string $g_access_levels_enum_string
	 */
	$g_access_levels_enum_string		= '10:viewer,25:reporter,40:updater,45:developercustomer,46:updatercustomer,55:developer,65:pmcustomer,70:manager,90:administrator';

	/**
	 *
	 * @global string $g_project_status_enum_string
	 */
	$g_project_status_enum_string		= '10:development,30:release,50:stable,70:obsolete';

	/**
	 *
	 * @global string $g_project_view_state_enum_string
	 */
	$g_project_view_state_enum_string	= '10:public,50:private';

	/**
	 *
	 * @global string $g_view_state_enum_string
	 */
	$g_view_state_enum_string			= '10:public,50:private';

	/**
	 *
	 * @global string $g_priority_enum_string
	 */
	$g_priority_enum_string				= '10:none,20:low,30:normal,40:high,50:urgent';

	/**
	 *
	 * @global string $g_severity_enum_string
	 */
	$g_severity_enum_string				= '20:AKTIE,30:PRD';

	/**
	 *
	 * @global string $g_reproducibility_enum_string
	 */
	$g_reproducibility_enum_string		= '1:empty,3:planning,5:draft fo,10:draft to,15:plan,20:develop,30:draft procedure,50:draft flows,70:draft workinstructions,80:install,90:test,100:training';

	/**
	 *
	 * @global string $g_status_enum_string
	 */
	$g_status_enum_string				= '10:new,15:noresolved,30:acknowledged,40:confirmed,50:assigned,60:hold,80:resolved,90:closed';

	/**
	 * @@@ for documentation, the values in this list are also used to define variables in the language files
	 *  (e.g., $s_new_bug_title referenced in bug_change_status_page.php )
	 * Embedded spaces are converted to underscores (e.g., "working on" references $s_working_on_bug_title).
	 * they are also expected to be english names for the states
	 * @global string $g_resolution_enum_string
	 */
	$g_resolution_enum_string			= '10:open,20:fixed,30:reopened,60:duplicate,90:wont fix';

	/**
	 *
	 * @global string $g_projection_enum_string
	 */
	$g_projection_enum_string			= '10:none,30:tweak,50:minor fix,70:major rework,90:redesign';

	/**
	 *
	 * @global string $g_eta_enum_string
	 */
	$g_eta_enum_string					= '10:none,20:< 1 day,30:2-3 days,40:< 1 week,50:< 1 month,60:> 1 month';

	/**
	 *
	 * @global string $g_sponsorship_enum_string
	 */
	$g_sponsorship_enum_string          = '0:Unpaid,1:Requested,2:Paid';

	/**
	 *
	 * @global string $g_custom_field_type_enum_string
	 */
	$g_custom_field_type_enum_string    = '0:string,1:numeric,2:float,3:enum,4:email,5:checkbox,6:list,7:multiselection list,8:date,9:radio';

	/*********************************
	 * MantisBT Javascript Variables *
	 *********************************/

	/*******************************
	 * MantisBT Speed Optimisation *
	 *******************************/

	/**
	 * Use compression of generated html if browser supports it
	 * If you already have compression enabled in your php.ini file
	 *  (either with zlib.output_compression or
	 *  output_handler=ob_gzhandler) this option will be ignored.
	 *
	 * If you do not have zlib enabled in your PHP installation
	 *  this option will also be ignored.  PHP 4.3.0 and later have
	 *  zlib included by default.  Windows users should uncomment
	 *  the appropriate line in their php.ini files to load
	 *  the zlib DLL.  You can check what extensions are loaded
	 *  by running "php -m" at the command line (look for 'zlib')
	 * @global int $g_compress_html
	 */
	$g_compress_html		= ON;

	/**
	 * Use persistent database connections
	 * @global int $g_use_persistent_connections
	 */
	$g_use_persistent_connections	= OFF;

	/*****************
	 * Include files *
	 *****************/

	/**
	 * Specify your top/bottom include file (logos, banners, etc)
	 * @global string $g_bottom_include_page
	 */
	$g_bottom_include_page			= '%absolute_path%';

	/**
	 * Specify your top/bottom include file (logos, banners, etc)
	 * if a top file is supplied, the default MantisBT logo at the top will be hidden
	 * @global string $g_top_include_page
	 */
	$g_top_include_page				= '%absolute_path%';

	/**
	 * CSS file
	 * @global string $g_css_include_file
	 */
	$g_css_include_file				= 'css/default.css';

	/**
	 * RTL CSS file
	 * @global string $g_css_rtl_include_file
	 */
	$g_css_rtl_include_file				= 'css/rtl.css';


	/**
	 * meta tags
	 * @global string $g_meta_include_file
	 */
	$g_meta_include_file			= '%absolute_path%meta_inc.php';

	/****************
	 * Redirections *
	 ****************/

	/**
	 * Default page after Login or Set Project
	 * @global string $g_default_home_page
	 */
	$g_default_home_page = 'view_all_bug_page.php';

	/***********
	 * Headers *
	 ***********/

	/**
	 * Browser Caching Control
	 * By default, we try to prevent the browser from caching anything. These two settings
	 * will defeat this for some cases.
	 *
	 * Browser Page caching - This will allow the browser to cache all pages. The upside will
	 *  be better performance, but there may be cases where obsolete information is displayed.
	 *  Note that this will be bypassed (and caching is allowed) for the bug report pages.
	 *
	 * @global int $g_allow_browser_cache
	 */
	// $g_allow_browser_cache = ON;
	/**
	 * File caching - This will allow the browser to cache downloaded files. Without this set,
	 * there may be issues with IE receiving files, and launching support programs.
	 * @global int $g_allow_file_cache
	 */
	 // $g_allow_file_cache = ON;

	/*****************
	 * Custom Fields *
	 *****************/

	/****************
	 * Custom Menus *
	 ****************/

	/********************
	 * My View Settings *
	 ********************/

	/**
	 * Number of bugs shown in each box
	 * @global int $g_my_view_bug_count
	 */
	$g_my_view_bug_count = 10;

	/**
	 * Boxes to be shown and their order
	 * A box that is not to be shown can have its value set to 0
	 * @global array $g_my_view_boxes
	 */
	$g_my_view_boxes = array (
		'assigned'      => '1',
		'unassigned'    => '7',
		'reported'      => '3',
		'resolved'      => '5',
		'recent_mod'	=> '2',
		'monitored'		=> '4',
		'feedback'		=> '0',
		'verify'		=> '8',
		'my_comments'	=> '6'
	);

	/**
	 * Toggle whether 'My View' boxes are shown in a fixed position (i.e. adjacent boxes start at the same vertical position)
	 * @global int $g_my_view_boxes_fixed_position
	 */
	$g_my_view_boxes_fixed_position = ON;


	/*************
	 * RSS Feeds *
	 *************/

	/**
	 * This flag enables or disables RSS syndication.  In the case where RSS syndication is not used,
	 * it is recommended to set it to OFF.
	 * @global int $g_rss_enabled
	 */
	$g_rss_enabled = OFF;


	/**
	 * This seed is used as part of the inputs for calculating the authentication key for the RSS feeds.
	 * If this seed changes, all the existing keys for the RSS feeds will become invalid.  This is
	 * defaulted to the database user name, but it is recommended to overwrite it with a specific value
	 * on installation.
	 * @global string $g_rss_key_seed
	 */
	$g_rss_key_seed = '%db_username%';

	/*********************
	 * Bug Relationships *
	 *********************/

	/**
	 * Enable relationship graphs support.
	 * Show issue relationships using graphs.
	 *
	 * In order to use this feature, you must first install either GraphViz
	 * (all OSs except Windows) or WinGraphviz (only Windows).
	 *
	 * Graphviz homepage:    http://www.research.att.com/sw/tools/graphviz/
	 * WinGraphviz homepage: http://home.so-net.net.tw/oodtsen/wingraphviz/
	 *
	 * Refer to the notes near the top of core/graphviz_api.php and
	 * core/relationship_graph_api.php for more information.
	 * @global int $g_relationship_graph_enable
	 */
	$g_relationship_graph_enable		= ON;

	/**
	 * Font name and size, as required by Graphviz. If Graphviz fails to run
	 * for you, you are probably using a font name that gd can't find. On
	 * Linux, try the name of the font file without the extension.
	 * @global string $g_relationship_graph_fontname
	 */
	$g_relationship_graph_fontname		= 'Arial';

	/**
	 *
	 * @global int $g_relationship_graph_fontsize
	 */
	$g_relationship_graph_fontsize		= 8;

	/**
	 * Default dependency orientation. If you have issues with lots of childs
	 * or parents, leave as 'horizontal', otherwise, if you have lots of
	 * "chained" issue dependencies, change to 'vertical'.
	 * @global string $g_relationship_graph_orientation
	 */
	$g_relationship_graph_orientation	= 'horizontal';

	/**
	 * Max depth for relation graphs. This only affects relation graphs,
	 * dependency graphs are drawn to the full depth. A value of 3 is already
	 * enough to show issues really unrelated to the one you are currently
	 * viewing.
	 * @global int $g_relationship_graph_max_depth
	 */
	$g_relationship_graph_max_depth		= 3;

	/**
	 * If set to ON, clicking on an issue on the relationship graph will open
	 * the bug view page for that issue, otherwise, will navigate to the
	 * relationship graph for that issue.
	 *
	 * @global int $g_relationship_graph_view_on_click
	 */
	$g_relationship_graph_view_on_click	= ON;

	/**
	 * Complete path to dot and neato tools. Your webserver must have execute
	 * permission to these programs in order to generate relationship graphs.
	 * NOTE: These are meaningless under Windows! Just ignore them!
	 * @global string $g_dot_tool
	 */
	$g_dot_tool							= '/usr/bin/dot';
	/**
	 * Complete path to dot and neato tools. Your webserver must have execute
	 * permission to these programs in order to generate relationship graphs.
	 * NOTE: These are meaningless under Windows! Just ignore them!
	 * @global string $g_neato_tool
	 */
	$g_neato_tool						= '/usr/bin/neato';

	/**
	 * Number of years in the past that custom date fields will display in
	 * drop down boxes.
	 * @global int $g_backward_year_count
	 */
	$g_backward_year_count 				= 4;

	/**
	 * Number of years in the future that custom date fields will display in
	 * drop down boxes.
	 * @global int $g_forward_year_count
	 */
	$g_forward_year_count 				= 4;

	/**
	 * Custom Group Actions
	 *
	 * This extensibility model allows developing new group custom actions.  This
	 * can be implemented with a totally custom form and action pages or with a
	 * pre-implemented form and action page and call-outs to some functions.  These
	 * functions are to be implemented in a predefined file whose name is based on
	 * the action name.  For example, for an action to add a note, the action would
	 * be EXT_ADD_NOTE and the file implementing it would be bug_actiongroup_add_note_inc.php.
	 * See implementation of this file for details.
	 *
	 * Sample:
	 *
	 * array(
	 *	array(	'action' => 'my_custom_action',
	 *			'label' => 'my_label',   // string to be passed to lang_get_defaulted()
	 *			'form_page' => 'my_custom_action_page.php',
	 *			'action_page' => 'my_custom_action.php'
	 *  )
	 *	array(	'action' => 'my_custom_action2',
	 *			'form_page' => 'my_custom_action2_page.php',
	 *			'action_page' => 'my_custom_action2.php'
	 *  )
	 *	array(	'action' => 'EXT_ADD_NOTE',  // you need to implement bug_actiongroup_<action_without_'EXT_')_inc.php
	 *		'label' => 'actiongroup_menu_add_note' // see strings_english.txt for this label
	 *   )
	 * );
	 * @global array $g_custom_group_actions
	 */
	$g_custom_group_actions = array();

	/********************
	 * Wiki Integration *
	 ********************/

	/********************
	 * Recently Visited *
	 ********************/

	/**
	 * Whether to show the most recently visited issues or not.  At the moment we always track them even if this flag is off.
	 * @global int $g_recently_visited
	 */
	$g_recently_visited = ON;

	/**
	 * The maximum number of issues to keep in the recently visited list.
	 * @global int $g_recently_visited_count
	 */
	$g_recently_visited_count = 5;

	/***************
	 * Bug Tagging *
	 ***************/

	/**
	 * String that will separate tags as entered for input
	 * @global int $g_tag_separator
	 */
	$g_tag_separator = ',';

	/**
	 * Access level required to view tags attached to a bug
	 * @global int $g_tag_view_threshold
	 */
	$g_tag_view_threshold = VIEWER;

	/**
	 * Access level required to attach tags to a bug
	 * @global int $g_tag_attach_threshold
	 */
	$g_tag_attach_threshold = REPORTER;

	/**
	 * Access level required to detach tags from a bug
	 * @global int $g_tag_detach_threshold
	 */
	$g_tag_detach_threshold = DEVELOPER;

	/**
	 * Access level required to detach tags attached by the same user
	 * @global int $g_tag_detach_own_threshold
	 */
	$g_tag_detach_own_threshold = REPORTER;

	/**
	 * Access level required to create new tags
	 * @global int $g_tag_create_threshold
	 */
	$g_tag_create_threshold = REPORTER;

	/**
	 * Access level required to edit tag names and descriptions
	 * @global int $g_tag_edit_threshold
	 */
	$g_tag_edit_threshold = DEVELOPER;

	/**
	 * Access level required to edit descriptions by the creating user
	 * @global int $g_tag_edit_own_threshold
	 */
	$g_tag_edit_own_threshold = REPORTER;

	/*****************
	 * Time tracking *
	 *****************/

	/****************************
	 * Profile Related Settings *
	 ****************************/

	/**
	 * Enable Profiles
	 * @global int $g_enable_profiles
	 */
	$g_enable_profiles = OFF;

	/********************
	 * Twitter Settings *
	 ********************/

	/*****************
	 * Plugin System *
	 *****************/

	/************
	 * Due Date *
	 ************/

	 /**
	 * threshold to update due date submitted
	 * @global int $g_due_date_update_threshold
	 */
	$g_due_date_update_threshold = NOBODY;

	/**
	 * threshold to see due date
	 * @global int $g_due_date_view_threshold
	 */
	$g_due_date_view_threshold = NOBODY;

	/*****************

	* Sub-projects
	 *****************
	/**
	 * show extra dropdown for subprojects
	 * Shows only top projects in the project dropdown and adds an extra dropdown for subprojects.
	 * @global int $g_show_extended_project_browser
	 */
	$g_show_extended_project_browser = ON;

	/**********************************
	 * Debugging / Developer Settings *
	 **********************************/

	/**
	 * Used for debugging e-mail feature, when set to OFF the emails work as normal.
	 * when set to e-mail address, all e-mails are sent to this address with the
	 * original To, Cc, Bcc included in the message body.
	 * @global int $g_debug_email
	 */
	$g_debug_email			= OFF;

	/**
	 * --- system logging ---
	 * This controls the logging of information to a separate file for debug or audit
	 * $g_log_level controls what information is logged
	 *  see constant_inc.php for details on the log channels available
	 *  e.g., $g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT | LOG_FILTERING | LOG_AJAX;
	 *
	 * $g_log_destination specifies the file where the data goes
	 *   right now, only "file:<file path>" is supported
	 *   e.g. (Linux), $g_log_destination = 'file:/tmp/mantisbt.log';
	 *   e.g. (Windows), $g_log_destination = 'file:c:/temp/mantisbt.log';
	 *   see http://www.php.net/error_log for details
	 * @global int $g_log_level
	 */
	$g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT;

	/**
	 *
	 * @global string $g_log_destination
	 */
	$g_log_destination = 'file:<log_destination>';
	
	/**************************
	 * Configuration Settings *
	 **************************/

config_inc.php (76,022 bytes)
TomR

TomR

2013-02-05 16:31

reporter   ~0035044

If needed I can supply you with account on development enviroment.

dregad

dregad

2013-02-06 02:44

developer   ~0035046

Hi Tom,

However Workflow is done on a per project base ( and this installations has about 150 projects ).

In that case, a screenshot of your workflow settings (or the definition of the corresponding records in mantis_config_table) for a sample project would be useful.

dregad

dregad

2013-02-06 03:27

developer   ~0035048

Nevermind my request for sample config - I had a look and see what you mean now. I think we're just missing a call to bug_check_workflow.

TomR

TomR

2013-02-06 04:09

reporter   ~0035049

Thanks dregad, for now wil update my installation with your patch.

dregad

dregad

2013-02-06 04:38

developer   ~0035050

Let me know if that works as expected (or not)

TomR

TomR

2013-02-06 05:34

reporter   ~0035051

Dregad, works as expected. ( Patch seems logical to me, I should have been able to tacle this one myself :-)

Thanks for your speedy reply.

grangeway

grangeway

2013-04-05 17:56

reporter   ~0036100

Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch

dregad

dregad

2013-04-08 05:43

developer   ~0036537

CVE assigned on 06-Apr-2013 [1]

[1] http://article.gmane.org/gmane.comp.security.oss.general/9878

Related Changesets

MantisBT: master 562db4f4

2013-02-06 08:37:22

dregad

Details Diff
Fix 0015453: Only display Close button if workflow allows Closed status
mod - core/html_api.php Diff File

MantisBT: master-1.2.x d85e69fe

2013-02-06 08:37:22

dregad

Details Diff
Fix 0015453: Only display Close button if workflow allows Closed status
mod - core/html_api.php Diff File

Issue History

Date Modified Username Field Change
2013-01-31 16:28 TomR New Issue
2013-02-01 03:18 dregad Note Added: 0035004
2013-02-01 03:18 dregad Status new => feedback
2013-02-05 16:26 TomR Note Added: 0035043
2013-02-05 16:26 TomR Status feedback => new
2013-02-05 16:27 TomR File Added: config_inc.php
2013-02-05 16:31 TomR Note Added: 0035044
2013-02-06 02:44 dregad Note Added: 0035046
2013-02-06 02:44 dregad Assigned To => dregad
2013-02-06 02:44 dregad Status new => feedback
2013-02-06 03:27 dregad Note Added: 0035048
2013-02-06 03:27 dregad Status feedback => confirmed
2013-02-06 03:41 dregad Changeset attached => MantisBT master 562db4f4
2013-02-06 03:41 dregad Status confirmed => resolved
2013-02-06 03:41 dregad Resolution open => fixed
2013-02-06 03:41 dregad Fixed in Version => 1.3.0-beta.1
2013-02-06 03:41 dregad Changeset attached => MantisBT master-1.2.x d85e69fe
2013-02-06 03:46 dregad Fixed in Version 1.3.0-beta.1 => 1.2.15
2013-02-06 03:46 dregad Target Version => 1.2.15
2013-02-06 04:09 TomR Note Added: 0035049
2013-02-06 04:38 dregad Note Added: 0035050
2013-02-06 05:34 TomR Note Added: 0035051
2013-04-05 17:56 grangeway Status resolved => acknowledged
2013-04-05 17:56 grangeway Note Added: 0036100
2013-04-05 19:34 grangeway Relationship added related to 0015721
2013-04-06 03:37 dregad Status acknowledged => resolved
2013-04-06 03:37 dregad Fixed in Version 1.2.15 =>
2013-04-06 03:38 dregad Fixed in Version => 1.2.15
2013-04-06 07:21 grangeway Status resolved => acknowledged
2013-04-06 09:26 dregad Tag Attached: 2.0.x check
2013-04-06 09:26 dregad Status acknowledged => resolved
2013-04-08 05:43 dregad Note Added: 0036537
2013-04-08 05:43 dregad Summary Close button is shown on webpage despite 'close' is not a valid status by workflow => CVE-2013-1930: Close button is shown on webpage despite 'close' is not a valid status by workflow
2013-04-12 09:56 dregad Status resolved => closed
2014-09-23 18:05 grangeway Tag Detached: 2.0.x check