View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0015453 | mantisbt | security | public | 2013-01-31 16:28 | 2014-09-23 18:05 |
| Reporter | TomR | Assigned To | dregad | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.2.12 | ||||
| Target Version | 1.2.15 | Fixed in Version | 1.2.15 | ||
| Summary | 0015453: CVE-2013-1930: Close button is shown on webpage despite 'close' is not a valid status by workflow | ||||
| Description | It seems that te 'Close' button does not respect the workflow status. In my opinion the 'Close' button should only be visible ( or active ) when 'close' is a valid status ( by workflow ) | ||||
| Tags | No tags attached. | ||||
| Attached Files | config_inc.php (76,022 bytes)
<?php
# MantisBT - a php based bugtracking system
# MantisBT is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* Default Configuration Variables
*
* This file should not be changed. If you want to override any of the values
* defined here, define them in a file called config_inc.php, which will
* be loaded after this file.
*
* In general a value of OFF means the feature is disabled and ON means the
* feature is enabled. Any other cases will have an explanation.
*
* For more details see http://www.mantisbt.org/docs/master-1.2.x/
*
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2012 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/******************************
* MantisBT Database Settings *
******************************/
/**
* hostname should be either a hostname or connection string to supply to adodb.
* For example, if you would like to connect to a database server on the local machine,
* set hostname to 'localhost'
* If you need to supply a port to connect to, set hostname as 'localhost:3306'.
* @global string $g_hostname
*/
$g_hostname = 'localhost';
/**
* User name to use for connecting to the database. The user needs to have read/write access to the MantisBT database.
* The default user name is "root".
* @global string $g_db_username
*/
$g_db_username = '<db_usename>';
/**
* Password for the specified user name. The default password is empty.
* @global string $g_db_password
*/
$g_db_password = '<password>';
/**
* Name of database that contains MantisBT tables.
* The default database name is "bugtracker".
* @global string $g_database_name
*/
$g_database_name = '<db>';
/**
* path to your installation as seen from the web browser
* requires trailing /
* @global string $g_path
*/
$g_path = 'http://<subdomain>.<domain>.nl/';
/**************
* Web Server *
**************/
/**
* Session key name. Should be unique between multiple installations to prevent conflicts.
* @global string $g_session_key
*/
$g_session_key = '<session_key>';
/**
* Session save path. If false, uses default value as set by session handler.
* @global bool $g_session_save_path
*/
$g_session_save_path = false;
/**
* Session validation
* WARNING: Disabling this could be a potential security risk!!
* @global int $g_session_validation
*/
$g_session_validation = ON;
/**
* Form security validation.
* This protects against Cross-Site Request Forgery, but some proxy servers may
* not correctly work with this option enabled because they cache pages incorrectly.
* WARNING: Disabling this IS a security risk!!
*/
$g_form_security_validation = OFF;
/****************************
* Signup and Lost Password *
****************************/
/**
* allow users to signup for their own accounts.
* Mail settings must be correctly configured in order for this to work
* @global int $g_allow_signup
*/
$g_allow_signup = OFF;
/**
* Max. attempts to login using a wrong password before lock the account.
* When locked, it's required to reset the password (lost password)
* Value resets to zero at each successfully login
* Set to OFF to disable this control
* @global int $g_max_failed_login_count
*/
$g_max_failed_login_count = 10;
/**
* String used to generate the confirm_hash for the 'lost password' feature and captcha code for 'signup'
* ATTENTION: CHANGE IT TO WHATEVER VALUE YOU PREFER
* @global int $g_password_confirm_hash_magic_string
* @todo randomize + admin check
*/
$g_password_confirm_hash_magic_string = '<password_confirm_hash_magic_string>';
/**
* Max. simultaneous requests of 'lost password'
* When this value is reached, it's no longer possible to request new password reset
* Value resets to zero at each successfully login
* @global int $g_max_lost_password_in_progress_count
*/
$g_max_lost_password_in_progress_count = 5;
/**
* absolute path (with trailing slash!) to folder which contains your TrueType-Font files
* used to create the captcha image and since 0.19.3 for the Relationship Graphs
* @global string $g_system_font_folder
*/
$g_system_font_folder = '/usr/share/fonts/bitstream-vera/';
/***************************
* MantisBT Email Settings *
***************************/
/**
* the sender name, part of 'From: ' header in emails
* @global string $g_from_name
*/
$g_from_name = '<from_name>';
/**
* the return address for bounced mail
* @global string $g_return_path_email
*/
/**
* Allow email notification.
* Set to ON to enable email notifications, OFF to disable them. Note that
* disabling email notifications has no effect on emails generated as part
* of the user signup process. When set to OFF, the password reset feature
* is disabled. Additionally, notifications of administrators updating
* accounts are not sent to users.
* @global int $g_enable_email_notification
*/
$g_enable_email_notification = ON;
/**
* The following two config options allow you to control who should get email
* notifications on different actions/statuses. The first option (default_notify_flags)
* sets the default values for different user categories. The user categories
* are:
*
* 'reporter': the reporter of the bug
* 'handler': the handler of the bug
* 'monitor': users who are monitoring a bug
* 'bugnotes': users who have added a bugnote to the bug
* 'explicit': users who are explicitly specified by the code based on the action (e.g. user added to monitor list).
* 'threshold_max': all users with access <= max
* 'threshold_min': ..and with access >= min
*
* The second config option (notify_flags) sets overrides for specific actions/statuses.
* If a user category is not listed for an action, the default from the config
* option above is used. The possible actions are:
*
* 'new': a new bug has been added
* 'owner': a bug has been assigned to a new owner
* 'reopened': a bug has been reopened
* 'deleted': a bug has been deleted
* 'updated': a bug has been updated
* 'bugnote': a bugnote has been added to a bug
* 'sponsor': sponsorship has changed on this bug
* 'relation': a relationship has changed on this bug
* 'monitor': an issue is monitored.
* '<status>': eg: 'resolved', 'closed', 'feedback', 'acknowledged', ...etc.
* this list corresponds to $g_status_enum_string
*
* If you wanted to have all developers get notified of new bugs you might add
* the following lines to your config file:
*
* $g_notify_flags['new']['threshold_min'] = DEVELOPER;
* $g_notify_flags['new']['threshold_max'] = DEVELOPER;
*
* You might want to do something similar so all managers are notified when a
* bug is closed. If you didn't want reporters to be notified when a bug is
* closed (only when it is resolved) you would use:
*
* $g_notify_flags['closed']['reporter'] = OFF;
*
* @global array $g_default_notify_flags
*/
$g_default_notify_flags = array('reporter' => ON,
'handler' => ON,
'monitor' => ON,
'bugnotes' => ON,
'explicit' => ON,
'threshold_min' => MANAGER,
'threshold_max' => MANAGER);
/**
* We don't need to send these notifications on new bugs
* (see above for info on this config option)
* @todo (though I'm not sure they need to be turned off anymore
* - there just won't be anyone in those categories)
* I guess it serves as an example and a placeholder for this
* config option
* @see $g_default_notify_flags
* @global array $g_notify_flags
*/
$g_notify_flags['new'] = array('bugnotes' => OFF,
'monitor' => OFF);
$g_notify_flags['monitor'] = array( 'reporter' => OFF,
'handler' => OFF,
'monitor' => OFF,
'bugnotes' => OFF,
'explicit' => ON,
'threshold_min' => NOBODY,
'threshold_max' => NOBODY);
/**
* set to OFF to disable email check
* @global int $g_check_mx_record
*/
$g_check_mx_record = ON; # Not supported on Windows
/**
* if ON, allow the user to omit an email field
* note if you allow users to create their own accounts, they
* must specify an email at that point, no matter what the value
* of this option is. Otherwise they wouldn't get their passwords.
* @global int $g_allow_blank_email
*/
$g_allow_blank_email = OFF;
/**
* This specifies the access level that is needed to see realnames on user view page
* @global int $g_show_user_realname_threshold
*/
$g_show_user_realname_threshold = VIEWER;
/**
* If use_x_priority is set to ON, what should the value be?
* Urgent = 1, Not Urgent = 5, Disable = 0
* Note: some MTAs interpret X-Priority = 0 to mean 'Very Urgent'
* @global int $g_mail_priority
*/
$g_mail_priority = 3;
/**
* select the method to mail by:
* PHPMAILER_METHOD_MAIL - mail()
* PHPMAILER_METHOD_SENDMAIL - sendmail
* PHPMAILER_METHOD_SMTP - SMTP
* @global int $g_phpMailer_method
*/
$g_phpMailer_method = PHPMAILER_METHOD_SMTP;
/**
* It is recommended to use a cronjob or a scheduler task to send emails.
* The cronjob should typically run every 5 minutes. If no cronjob is used,
* then user will have to wait for emails to be sent after performing an action
* which triggers notifications. This slows user performance.
* @global int $g_email_send_using_cronjob
*/
$g_email_send_using_cronjob = OFF;
/**
* Specify whether e-mails should be sent with the category set or not. This is tested
* with Microsoft Outlook. More testing for this feature + other formats will be added
* in the future.
* OFF, EMAIL_CATEGORY_PROJECT_CATEGORY (format: [Project] Category)
* @global int $g_email_set_category
*/
$g_email_set_category = ON;
/**
* email separator and padding
* @global string $g_email_separator1
*/
$g_email_separator1 = str_pad('', 70, '_');
/**
* email separator and padding
* @global string $g_email_separator2
*/
$g_email_separator2 = str_pad('', 70, '_');
/**
* email separator and padding
* @global int $g_email_padding_length
*/
$g_email_padding_length = 28;
/***************************
* MantisBT Version String *
***************************/
/******************************
* MantisBT Language Settings *
******************************/
/**
* If the language is set to 'auto', the actual
* language is determined by the user agent (web browser)
* language preference.
* @global string $g_default_language
*/
$g_default_language = 'dutch';
/**
* list the choices that the users are allowed to choose
* @global array $g_language_choices_arr
*/
$g_language_choices_arr = array(
'dutch',
'english',
);
/**
* Browser language mapping for 'auto' language selection
* @global array $g_language_auto_map
*/
$g_language_auto_map = array(
'nl-be, nl' => 'dutch',
'en-us, en-gb, en-au, en' => 'english',
);
/**
* Fallback for automatic language selection
* @global string $g_fallback_language
*/
$g_fallback_language = 'english';
/*****************************
* MantisBT Display Settings *
*****************************/
/**
* browser window title
* @global string $g_window_title
*/
$g_window_title = '<window_title>';
/**
* title at top of html page (empty by default, since there is a logo now)
* @global string $g_page_title
*/
$g_page_title = '<page_title>';
/**
* Favicon image
* @global string $g_favicon_image
*/
$g_favicon_image = 'images/favicon.ico';
/**
* Logo
* @global string $g_logo_image
*/
$g_logo_image = 'images/<my>_logo.gif';
/**
* Logo URL link
* @global string $g_logo_url
*/
$g_logo_url = '%default_home_page%';
/**
* Specifies whether to enable support for project documents or not.
* This feature is deprecated and is expected to be moved to a plugin
* in the future.
* @global int $g_enable_project_documentation
*/
$g_enable_project_documentation = OFF;
/**
* Define the priority level at which a bug becomes significant.
* Significant bugs are displayed with emphasis. Set this value to -1 to
* disable the feature.
* @global int $g_priority_significant_threshold
*/
$g_priority_significant_threshold = HIGH;
/**
* Define the severity level at which a bug becomes significant.
* Significant bugs are displayed with emphasis. Set this value to -1 to
* disable the feature.
* @global int $g_severity_significant_threshold
*/
$g_severity_significant_threshold = MAJOR;
/**
* The default columns to be included in the View Issues Page.
* This can be overriden using Manage -> Manage Configuration -> Manage Columns
* Also each user can configure their own columns using My Account -> Manage Columns
* Some of the columns specified here can be removed automatically if they conflict with other configuration.
* Or if the current user doesn't have the necessary access level to view them.
* For example, sponsorship_total will be removed if sponsorships are disabled.
* To include custom field 'xyz', include the column name as 'custom_xyz'.
*
* Standard Column Names (i.e. names to choose from):
* selection, edit, id, project_id, reporter_id, handler_id, priority, reproducibility, projection, eta,
* resolution, fixed_in_version, view_state, os, os_build, build (for product build), platform, version, date_submitted, attachment,
* category, sponsorship_total, severity, status, last_updated, summary, bugnotes_count, description,
* steps_to_reproduce, additional_information
*
* @global array $g_view_issues_page_columns
*/
$g_view_issues_page_columns = array ( 'selection', 'edit', 'priority', 'id', 'sponsorship_total', 'bugnotes_count', 'attachment_count', 'date_submitted', 'category_id', 'severity', 'status', 'last_updated', 'view_state', 'summary' );
/**
* The default columns to be included in the Print Issues Page.
* This can be overriden using Manage -> Manage Configuration -> Manage Columns
* Also each user can configure their own columns using My Account -> Manage Columns
* @global array $g_print_issues_page_columns
*/
$g_print_issues_page_columns = array ( 'selection', 'priority', 'id', 'sponsorship_total', 'bugnotes_count', 'attachment_count', 'category_id', 'severity', 'status', 'last_updated', 'summary' );
/**
* The default columns to be included in the CSV export.
* This can be overriden using Manage -> Manage Configuration -> Manage Columns
* Also each user can configure their own columns using My Account -> Manage Columns
* @global array $g_csv_columns
*/
$g_csv_columns = array ( 'id', 'project_id', 'reporter_id', 'handler_id', 'priority', 'severity', 'reproducibility', 'version', 'projection', 'category_id', 'date_submitted', 'eta', 'os', 'os_build', 'platform', 'view_state', 'last_updated', 'summary', 'status', 'resolution', 'fixed_in_version' );
/**
* The default columns to be included in the Excel export.
* This can be overriden using Manage -> Manage Configuration -> Manage Columns
* Also each user can configure their own columns using My Account -> Manage Columns
* @global array $g_excel_columns
*/
$g_excel_columns = array ( 'id', 'project_id', 'reporter_id', 'handler_id', 'priority', 'severity', 'reproducibility', 'version', 'projection', 'category_id', 'date_submitted', 'eta', 'os', 'os_build', 'platform', 'view_state', 'last_updated', 'summary', 'status', 'resolution', 'fixed_in_version' );
/**
* show projects when in All Projects mode
* @global int $g_show_bug_project_links
*/
$g_show_bug_project_links = ON;
/**
* Position of the status colour legend, can be: POSITION_*
* see constant_inc.php. (*: TOP , BOTTOM , or BOTH)
* @global int $g_status_legend_position
*/
$g_status_legend_position = STATUS_LEGEND_POSITION_BOTTOM;
/**
* Show a legend with percentage of bug status
* x% of all bugs are new, y% of all bugs are assigned and so on.
* If set to ON it will printed below the status colour legend.
* @global int $g_status_percentage_legend
*/
$g_status_percentage_legend = ON;
/**
* Position of action buttons when viewing issues.
* Can be: POSITION_TOP, POSITION_BOTTOM, or POSITION_BOTH.
* @global int $g_action_button_position
*/
$g_action_button_position = POSITION_BOTH;
/**
* show product versions in create, view and update screens
* ON forces display even if none are defined
* OFF suppresses display
* AUTO suppresses the display if there are no versions defined for the project
* @global int $g_show_product_version
*/
$g_show_product_version = OFF;
/**
* show users with their real name or not
* @global int $g_show_realname
*/
$g_show_realname = ON;
/**
* sorting for names in dropdown lists. If turned on, "Jane Doe" will be sorted with the "D"s
* @global int $g_sort_by_last_name
*/
$g_sort_by_last_name = ON;
/**
* Show user avatar
* the current implementation is based on http://www.gravatar.com
* users will need to register there the same address used in
* this MantisBT installation to have their avatar shown
* Please note: upon registration or avatar change, it takes some time for
* the updated gravatar images to show on sites
* @global int $g_show_avatar
*/
$g_show_avatar = ON;
/**
* Only users above this threshold will have their avatar shown
* @global int $g_show_avatar_threshold
*/
$g_show_avatar_threshold = VIEWER;
/**************************
* MantisBT Time Settings *
**************************/
/**************************
* MantisBT Date Settings *
**************************/
/**
* date format strings defaults to ISO 8601 formatting
* go to http://www.php.net/manual/en/function.date.php
* for detailed instructions on date formatting
* @global string $g_short_date_format
*/
$g_short_date_format = 'd-m-Y';
/**
* date format strings defaults to ISO 8601 formatting
* go to http://www.php.net/manual/en/function.date.php
* for detailed instructions on date formatting
* @global string $g_normal_date_format
*/
$g_normal_date_format = 'd-m-Y H:i';
/**
* date format strings defaults to ISO 8601 formatting
* go to http://www.php.net/manual/en/function.date.php
* for detailed instructions on date formatting
* @global string $g_complete_date_format
*/
$g_complete_date_format = 'd-m-Y H:i T';
/**
* jscalendar date format string
* go to http://www.php.net/manual/en/function.date.php
* for detailed instructions on date formatting
* @global string $g_calendar_js_date_format
*/
$g_calendar_js_date_format = '\%d-\%m-\%Y \%H:\%M';
/**
* jscalendar date format string
* go to http://www.php.net/manual/en/function.date.php
* for detailed instructions on date formatting
* @global string $g_calendar_date_format
*/
$g_calendar_date_format = 'd-m-Y H:i';
/**************************
* MantisBT TimeZone Settings *
**************************/
/**************************
* MantisBT News Settings *
**************************/
/********************************
* MantisBT Default Preferences *
********************************/
/**
* signup default
* look in constant_inc.php for values
* @global int $g_default_new_account_access_level
*/
$g_default_new_account_access_level = REPORTER;
/**
* Default Bug View Status (VS_PUBLIC or VS_PRIVATE)
* @global int $g_default_bug_view_status
*/
$g_default_bug_view_status = VS_PUBLIC;
/**
* Default value for steps to reproduce field.
* @global string $g_default_bug_steps_to_reproduce
*/
$g_default_bug_steps_to_reproduce = '';
/**
* Default value for addition information field.
* @global string $g_default_bug_additional_info
*/
$g_default_bug_additional_info = '';
/**
* Default Bugnote View Status (VS_PUBLIC or VS_PRIVATE)
* @global int $g_default_bugnote_view_status
*/
$g_default_bugnote_view_status = VS_PUBLIC;
/**
* Default bug resolution when reporting a new bug
* @global int $g_default_bug_resolution
*/
$g_default_bug_resolution = OPEN;
/**
* Default bug severity when reporting a new bug
* @global int $g_default_bug_severity
*/
$g_default_bug_severity = TRIVIAL;
/**
* Default bug priority when reporting a new bug
* @global int $g_default_bug_priority
*/
$g_default_bug_priority = NORMAL;
/**
* Default bug reproducibility when reporting a new bug
* @global int $g_default_bug_reproducibility
*/
$g_default_bug_reproducibility = REPRODUCIBILITY_EMPTY;
/**
* Default bug projection when reporting a new bug
* @global int $g_default_bug_projection
*/
$g_default_bug_projection = PROJECTION_NONE;
/**
* Default bug ETA when reporting a new bug
* @global int $g_default_bug_eta
*/
$g_default_bug_eta = ETA_NONE;
/**
*
* @global int $g_default_limit_view
*/
$g_default_limit_view = 100;
/**
*
* @global int $g_default_show_changed
*/
$g_default_show_changed = 24;
/**
*
* @global int $g_hide_status_default
*/
$g_hide_status_default = CLOSED;
/**
*
* @global string $g_show_sticky_issues
*/
$g_show_sticky_issues = OFF;
/**
* make sure people aren't refreshing too often
* in minutes
* @global int $g_min_refresh_delay
*/
$g_min_refresh_delay = 10;
/**
* in minutes
* @global int $g_default_refresh_delay
*/
$g_default_refresh_delay = 30;
/**
* in seconds
* @global int $g_default_redirect_delay
*/
$g_default_redirect_delay = 0;
/**
*
* @global string $g_default_bugnote_order
*/
$g_default_bugnote_order = 'DESC';
/**
*
* @global int $g_default_email_on_new
*/
$g_default_email_on_new = ON;
/**
*
* @global int $g_default_email_on_assigned
*/
$g_default_email_on_assigned = ON;
/**
*
* @global int $g_default_email_on_feedback
*/
$g_default_email_on_feedback = ON;
/**
*
* @global int $g_default_email_on_resolved
*/
$g_default_email_on_resolved = ON;
/**
*
* @global int $g_default_email_on_closed
*/
$g_default_email_on_closed = ON;
/**
*
* @global int $g_default_email_on_reopened
*/
$g_default_email_on_reopened = ON;
/**
*
* @global int $g_default_email_on_bugnote
*/
$g_default_email_on_bugnote = ON;
/**
* @todo Unused
* @global int $g_default_email_on_status
*/
$g_default_email_on_status = 0;
/**
* @todo Unused
* @global int $g_default_email_on_priority
*/
$g_default_email_on_priority = 0;
/**
* 'any'
* @global int $g_default_email_on_new_minimum_severity
*/
$g_default_email_on_new_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_assigned_minimum_severity
*/
$g_default_email_on_assigned_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_feedback_minimum_severity
*/
$g_default_email_on_feedback_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_resolved_minimum_severity
*/
$g_default_email_on_resolved_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_closed_minimum_severity
*/
$g_default_email_on_closed_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_reopened_minimum_severity
*/
$g_default_email_on_reopened_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_bugnote_minimum_severity
*/
$g_default_email_on_bugnote_minimum_severity = OFF;
/**
* 'any'
* @global int $g_default_email_on_status_minimum_severity
*/
$g_default_email_on_status_minimum_severity = OFF;
/**
* @todo Unused
* @global int $g_default_email_on_priority_minimum_severity
*/
$g_default_email_on_priority_minimum_severity = OFF;
/**
*
* @global int $g_default_email_bugnote_limit
*/
$g_default_email_bugnote_limit = 0;
/*****************************
* MantisBT Summary Settings *
*****************************/
/**
* how many reporters to show
* this is useful when there are hundreds of reporters
* @global int $g_reporter_summary_limit
*/
$g_reporter_summary_limit = 10;
/**
* summary date displays
* date lengths to count bugs by (in days)
* @global array $g_date_partitions
*/
$g_date_partitions = array( 1, 2, 3, 7, 30, 60, 90, 180, 365);
/**
* shows project '[project] category' when 'All Projects' is selected
* otherwise only 'category name'
* @global int $g_summary_category_include_project
*/
$g_summary_category_include_project = ON;
/**
* threshold for viewing summary
* @global int $g_view_summary_threshold
*/
$g_view_summary_threshold = MANAGER;
/**
* Define the multipliers which are used to determine the effectiveness
* of reporters based on the severity of bugs. Higher multipliers will
* result in an increase in reporter effectiveness.
* @global array $g_severity_multipliers
*/
$g_severity_multipliers = array( FEATURE => 1,
TRIVIAL => 2,
TEXT => 3,
TWEAK => 2,
MINOR => 5,
MAJOR => 8,
CRASH => 8,
BLOCK => 10 );
/**
* Define the resolutions which are used to determine the effectiveness
* of reporters based on the resolution of bugs. Higher multipliers will
* result in a decrease in reporter effectiveness. The only resolutions
* that need to be defined here are those which match or exceed
* $g_bug_resolution_not_fixed_threshold.
* @global array $g_resolution_multipliers
*/
$g_resolution_multipliers = array( UNABLE_TO_DUPLICATE => 2,
NOT_FIXABLE => 1,
DUPLICATE => 3,
NOT_A_BUG => 5,
SUSPENDED => 1,
WONT_FIX => 1 );
/*****************************
* MantisBT Bugnote Settings *
*****************************/
/**
* bugnote ordering
* change to ASC or DESC
* @global string $g_bugnote_order
*/
$g_bugnote_order = 'DESC';
/*********************************
* MantisBT Bug History Settings *
*********************************/
/**
* bug history visible by default when you view a bug
* change to ON or OFF
* @global int $g_history_default_visible
*/
$g_history_default_visible = ON;
/**
* bug history ordering
* change to ASC or DESC
* @global string $g_history_order
*/
$g_history_order = 'DESC';
/******************************
* MantisBT Reminder Settings *
******************************/
/**
* are reminders stored as bugnotes
* @global int $g_store_reminders
*/
$g_store_reminders = ON;
/**
* Automatically add recipients of reminders to monitor list, if they are not
* the handler or the reporter (since they automatically get notified, if required)
* If recipients of the reminders are below the monitor threshold, they will not be added.
* @global int $g_reminder_recipients_monitor_bug
*/
$g_reminder_recipients_monitor_bug = ON;
/**
* Default Reminder View Status (VS_PUBLIC or VS_PRIVATE)
* @global int $g_default_reminder_view_status
*/
$g_default_reminder_view_status = VS_PUBLIC;
/**
* The minimum access level required to show up in the list of users who can receive a reminder.
* The access level is that of the project to which the issue belongs.
* @global int $g_reminder_receive_threshold
*/
$g_reminder_receive_threshold = DEVELOPERCUSTOMER;
/*********************************
* MantisBT Sponsorship Settings *
*********************************/
/**
* Whether to enable/disable the whole issue sponsorship feature
* @global int $g_enable_sponsorship
*/
$g_enable_sponsorship = OFF;
/**
* Currency used for all sponsorships.
* @global string $g_sponsorship_currency
*/
$g_sponsorship_currency = 'EUR(�)';
/**
* Access level threshold needed to view the total sponsorship for an issue by all users.
* @global int $g_view_sponsorship_total_threshold
*/
$g_view_sponsorship_total_threshold = VIEWER;
/**
* Access level threshold needed to view the users sponsoring an issue and the sponsorship
* amount for each.
* @global int $g_view_sponsorship_details_threshold
*/
$g_view_sponsorship_details_threshold = VIEWER;
/**
* Access level threshold needed to allow user to sponsor issues.
* @global int $g_sponsor_threshold
*/
$g_sponsor_threshold = REPORTER;
/**
* Access level required to be able to handle sponsored issues.
* @global int $g_handle_sponsored_bugs_threshold
*/
$g_handle_sponsored_bugs_threshold = DEVELOPER;
/**
* Access level required to be able to assign a sponsored issue to a user with access level
* greater or equal to 'handle_sponsored_bugs_threshold'.
* @global int $g_assign_sponsored_bugs_threshold
*/
$g_assign_sponsored_bugs_threshold = MANAGER;
/**
* Minimum sponsorship amount. If the user enters a value less than this, an error will be prompted.
* @global int $g_minimum_sponsorship_amount
*/
$g_minimum_sponsorship_amount = 5;
/*********************************
* MantisBT File Upload Settings *
*********************************/
/**
* --- file upload settings --------
* This is the master setting to disable *all* file uploading functionality
*
* If you want to allow file uploads, you must also make sure that they are
* enabled in php. You may need to add 'file_uploads = TRUE' to your php.ini
*
* See also: $g_upload_project_file_threshold, $g_upload_bug_file_threshold,
* $g_allow_reporter_upload
* @global int $g_allow_file_upload
*/
$g_allow_file_upload = ON;
/**
* Upload destination: specify actual location in project settings
* DISK, DATABASE, or FTP.
* @global int $g_file_upload_method
*/
$g_file_upload_method = DISK;
/**
* When using FTP or DISK for storing uploaded files, this setting control
* the access permissions they will have on the web server: with the default
* value (0400) files will be read-only, and accessible only by the user
* running the apache process (probably "apache" in Linux and "Administrator"
* in Windows).
* For more details on unix style permissions:
* http://www.perlfect.com/articles/chmod.shtml
* @global int $g_attachments_file_permissions
*/
$g_attachments_file_permissions = 0400;
/**
* Maximum file size that can be uploaded
* Also check your PHP settings (default is usually 2MBs)
* @global int $g_max_file_size
*/
$g_max_file_size = 8192000;
/**
* Files that are allowed or not allowed. Separate items by commas.
* eg. 'php,html,java,exe,pl'
* if $g_allowed_files is filled in NO other file types will be allowed.
* $g_disallowed_files takes precedence over $g_allowed_files
* @global string $g_allowed_files
*/
$g_allowed_files = '';
/**
*
* @global string $g_disallowed_files
*/
$g_disallowed_files = 'class,exe,pl';
/**
* prefix to be used for the file system names of files uploaded to projects.
* Eg: doc-001-myprojdoc.zip
* @global string $g_document_files_prefix
*/
$g_document_files_prefix = 'doc';
/**
* absolute path to the default upload folder. Requires trailing / or \
* @global string $g_absolute_path_default_upload_folder
*/
$g_absolute_path_default_upload_folder = '<absolute_path_default_upload_folder>';
/**************************
* MantisBT HTML Settings *
**************************/
/**
* These are the valid html tags for multi-line fields (e.g. description)
* do NOT include href or img tags here
* do NOT include tags that have parameters (eg. <font face="arial">)
* @global string $g_html_valid_tags
*/
$g_html_valid_tags = 'p, li, ul, ol, br, pre, i, b, u, em, del';
/************************
* MantisBT HR Settings *
************************/
/**************************
* MantisBT LDAP Settings *
**************************/
/*******************
* Status Settings *
*******************/
/**
* Status to assign to the bug when submitted.
* @global int $g_bug_submit_status
*/
$g_bug_submit_status = NEW_;
/**
* Status to assign to the bug when assigned.
* @global int $g_bug_assigned_status
*/
$g_bug_assigned_status = ASSIGNED;
/**
* Status to assign to the bug when reopened.
* @global int $g_bug_reopen_status
*/
$g_bug_reopen_status = NORESOLVED;
/**
* Status to assign to the bug when feedback is required from the issue reporter.
* Once the reporter adds a note the status moves back from feedback to $g_bug_assigned_status
* or $g_bug_submit_status.
* @global int $g_bug_feedback_status
*/
$g_bug_feedback_status = FEEDBACK;
/**
* When a note is added to a bug currently in $g_bug_feedback_status, and the note
* author is the bug's reporter, this option will automatically set the bug status
* to $g_bug_submit_status or $g_bug_assigned_status if the bug is assigned to a
* developer. Defaults to enabled.
* @global boolean $g_reassign_on_feedback
*/
$g_reassign_on_feedback = OFF;
/**
* Resolution to assign to the bug when reopened.
* @global int $g_bug_reopen_resolution
*/
$g_bug_reopen_resolution = REOPENED;
/**
* Bug becomes readonly if its status is >= this status. The bug becomes read/write again if re-opened and its
* status becomes less than this threshold.
* @global int $g_bug_readonly_status_threshold
*/
$g_bug_readonly_status_threshold = CLOSED;
/**
* Bug is resolved, ready to be closed or reopened. In some custom installations a bug
* may be considered as resolved when it is moved to a custom (FIXED or TESTED) status.
* @global int $g_bug_resolved_status_threshold
*/
$g_bug_resolved_status_threshold = RESOLVED;
/**
* Threshold resolution which denotes that a bug has been resolved and
* successfully fixed by developers. Resolutions above this threshold
* and below $g_bug_resolution_not_fixed_threshold are considered to be
* resolved successfully.
* @global int $g_bug_resolution_fixed_threshold
*/
$g_bug_resolution_fixed_threshold = FIXED;
/**
* Threshold resolution which denotes that a bug has been resolved without
* being successfully fixed by developers. Resolutions above this
* threshold are considered to be resolved in an unsuccessful way.
* @global int $g_bug_resolution_not_fixed_threshold
*/
$g_bug_resolution_not_fixed_threshold = WONT_FIX;
/**
* Bug is closed. In some custom installations a bug may be considered as closed when
* it is moved to a custom (COMPLETED or IMPLEMENTED) status.
* @global int $g_bug_closed_status_threshold
*/
$g_bug_closed_status_threshold = CLOSED;
/**
* Automatically set status to ASSIGNED whenever a bug is assigned to a person.
* This is useful for installations where assigned status is to be used when
* the bug is in progress, rather than just put in a person's queue.
* @global int $g_auto_set_status_to_assigned
*/
$g_auto_set_status_to_assigned = ON;
/**
* 'status_enum_workflow' defines the workflow, and reflects a simple
* 2-dimensional matrix. For each existing status, you define which
* statuses you can go to from that status, e.g. from NEW_ you might list statuses
* '10:new,20:feedback,30:acknowledged' but not higher ones.
* The following example can be transferred to config_inc.php
* $g_status_enum_workflow[NEW_]='20:feedback,30:acknowledged,40:confirmed,50:assigned,80:resolved';
* $g_status_enum_workflow[FEEDBACK] ='10:new,30:acknowledged,40:confirmed,50:assigned,80:resolved';
* $g_status_enum_workflow[ACKNOWLEDGED] ='20:feedback,40:confirmed,50:assigned,80:resolved';
* $g_status_enum_workflow[CONFIRMED] ='20:feedback,50:assigned,80:resolved';
* $g_status_enum_workflow[ASSIGNED] ='20:feedback,80:resolved,90:closed';
* $g_status_enum_workflow[RESOLVED] ='50:assigned,90:closed';
* $g_status_enum_workflow[CLOSED] ='50:assigned';
* @global array $g_status_enum_workflow
*/
$g_status_enum_workflow = array();
/****************************
* Bug Attachments Settings *
****************************/
/**
* Specifies the maximum width for the auto-preview feature. If no maximum width should be imposed
* then it should be set to 0.
* @global int $g_preview_max_width
*/
$g_preview_max_width = 800;
/**
* Specifies the maximum height for the auto-preview feature. If no maximum height should be imposed
* then it should be set to 0.
* @global int $g_preview_max_height
*/
$g_preview_max_height = 600;
/**
* Show an attachment indicator on bug list
* Show a clickable attachment indicator on the bug
* list page if the bug has one or more files attached.
* Note: This option is disabled by default since it adds
* 1 database query per bug listed and thus might slow
* down the page display.
*
* @global int $g_show_attachment_indicator
*/
$g_show_attachment_indicator = ON;
/**
* access level needed to delete bug attachments
* @global int $g_delete_attachments_threshold
*/
$g_delete_attachments_threshold = DEVELOPERCUSTOMER;
/**
* allow users to delete attachments uploaded by themselves even if their access
* level is below delete_attachments_threshold.
* @global int $g_allow_delete_own_attachments
*/
$g_allow_delete_own_attachments = ON;
/**********************
* Field Visibility
**********************/
/**
* Enable or disable usage of the ETA field.
* @global int $g_enable_eta
*/
$g_enable_eta = OFF;
/**
* Enable or disable usage of the Projection field.
* @global int $g_enable_projection
*/
$g_enable_projection = OFF;
/**
* Enable or disable usage of the Product Build field.
* @global int $g_enable_product_build
*/
$g_enable_product_build = OFF;
/**
* An array of the fields to show on the bug report page.
*
* The following fields can not be included:
* id, project, date_submitted, last_updated, status,
* resolution, tags, fixed_in_version, projection, eta,
* reporter.
*
* The following fields must be included:
* category_id, summary, description.
*
* To overload this setting per project, then the settings must be included in the database through
* the generic configuration form.
*
* @global array $g_bug_report_page_fields
*/
$g_bug_report_page_fields = array(
'category_id',
'view_state',
'handler',
'priority',
'severity',
'summary',
'description',
'attachments',
);
/**
* An array of the fields to show on the bug view page.
*
* To overload this setting per project, then the settings must be included in the database through
* the generic configuration form.
*
* @global array $g_bug_view_page_fields
*/
$g_bug_view_page_fields = array (
'id',
'project',
'category_id',
'view_state',
'date_submitted',
'last_updated',
'reporter',
'handler',
'priority',
'severity',
'status',
'resolution',
'summary',
'description',
'tags',
'attachments',
);
/**
* An array of the fields to show on the bug print page.
* @global array $g_bug_print_page_fields
*/
$g_bug_print_page_fields = array (
'id',
'project',
'category_id',
'view_state',
'date_submitted',
'last_updated',
'reporter',
'handler',
'priority',
'severity',
'status',
'resolution',
'summary',
'description',
'tags',
'attachments',
);
/**
* An array of the fields to show on the bug update page.
*
* To overload this setting per project, then the settings must be included in the database through
* the generic configuration form.
*
* @global array $g_bug_update_page_fields
*/
$g_bug_update_page_fields = array (
'id',
'project',
'category_id',
'view_state',
'date_submitted',
'last_updated',
'reporter',
'handler',
'priority',
'severity',
'status',
'resolution',
'summary',
'description',
'attachments',
);
/**
* An array of the fields to show on the bug change status page.
*
* To overload this setting per project, then the settings must be included in the database through
* the generic configuration form.
*
* @global array $g_bug_change_status_page_fields
*/
$g_bug_change_status_page_fields = array (
'id',
'project',
'category_id',
'view_state',
'date_submitted',
'last_updated',
'reporter',
'handler',
'priority',
'severity',
'status',
'resolution',
'summary',
'description',
'tags',
'attachments',
);
/**************************
* MantisBT Misc Settings *
**************************/
/**
* access level needed to report a bug
* @global int $g_report_bug_threshold
*/
$g_report_bug_threshold = REPORTER;
/**
* access level needed to update bugs (i.e., the update_bug_page)
* This controls whether the user sees the "Update Bug" button in bug_view*_page
* and the pencil icon in view_all_bug_page
* @global int $g_update_bug_threshold
*/
$g_update_bug_threshold = UPDATER;
/**
* Access level needed to monitor bugs.
* Look in the constant_inc.php file if you want to set a different value.
* @global int $g_monitor_bug_threshold
*/
$g_monitor_bug_threshold = REPORTER;
/**
* Access level needed to add other users to the list of users monitoring
* a bug.
* Look in the constant_inc.php file if you want to set a different value.
* @global int $g_monitor_add_others_bug_threshold
*/
$g_monitor_add_others_bug_threshold = DEVELOPERCUSTOMER;
/**
* Access level needed to delete other users from the list of users
* monitoring a bug.
* Look in the constant_inc.php file if you want to set a different value.
* @global int $g_monitor_add_others_bug_threshold
*/
$g_monitor_delete_others_bug_threshold = DEVELOPERCUSTOMER;
/**
* access level needed to view private bugs
* Look in the constant_inc.php file if you want to set a different value
* @global int $g_private_bug_threshold
*/
$g_private_bug_threshold = DEVELOPER;
/**
* access level needed to be able to be listed in the assign to field.
* @global int $g_handle_bug_threshold
*/
$g_handle_bug_threshold = DEVELOPER;
/**
* access level needed to show the Assign To: button bug_view*_page or
* the Assigned list in bug_update*_page.
* This allows control over who can route bugs
* This defaults to $g_handle_bug_threshold
* @global int $g_update_bug_assign_threshold
*/
$g_update_bug_assign_threshold = '%handle_bug_threshold%';
/**
* access level needed to view private bugnotes
* Look in the constant_inc.php file if you want to set a different value
* @global int $g_private_bugnote_threshold
*/
$g_private_bugnote_threshold = DEVELOPER;
/**
* access level needed to view handler in bug reports and notification email
* @todo yarick123: now it is implemented for notification email only
* @global int $g_view_handler_threshold
*/
$g_view_handler_threshold = VIEWER;
/**
* access level needed to view history in bug reports and notification email
* @todo yarick123: now it is implemented for notification email only
* @global int $g_view_history_threshold
*/
$g_view_history_threshold = DEVELOPERCUSTOMER;
/**
* access level needed to send a reminder from the bug view pages
* set to NOBODY to disable the feature
* @global int $g_bug_reminder_threshold
*/
$g_bug_reminder_threshold = DEVELOPER;
/**
* Access lever required to drop bug history revisions
* @global int $g_bug_revision_drop_threshold
*/
$g_bug_revision_drop_threshold = MANAGER;
/**
* access level needed to upload files to the project documentation section
* You can set this to NOBODY to prevent uploads to projects
* See also: $g_upload_bug_file_threshold, $g_allow_file_upload
* @global int $g_upload_project_file_threshold
*/
$g_upload_project_file_threshold = MANAGER;
/**
* access level needed to upload files to attach to a bug
* You can set this to NOBODY to prevent uploads to bugs but note that
* the reporter of the bug will still be able to upload unless you set
* $g_allow_reporter_upload or $g_allow_file_upload to OFF
* See also: $g_upload_project_file_threshold, $g_allow_file_upload,
* $g_allow_reporter_upload
* @global int $g_upload_bug_file_threshold
*/
$g_upload_bug_file_threshold = REPORTER;
/**
* Add bugnote threshold
* @global int $g_add_bugnote_threshold
*/
$g_add_bugnote_threshold = REPORTER;
/**
* Update bugnote threshold (if the bugnote is not your own)
* @global int $g_update_bugnote_threshold
*/
$g_update_bugnote_threshold = DEVELOPER;
/**
* Threshold needed to view project documentation
* @global int $g_view_proj_doc_threshold
*/
$g_view_proj_doc_threshold = ANYBODY;
/**
* Site manager
* @global int $g_manage_site_threshold
*/
$g_manage_site_threshold = MANAGER;
/**
* Threshold at which a user is considered to be a site administrator.
* These users have "superuser" access to all aspects of Mantis including
* the admin/ directory. WARNING: DO NOT CHANGE THIS VALUE UNLESS YOU
* ABSOLUTELY KNOW WHAT YOU'RE DOING! Users at this access level have the
* ability to damage your Mantis installation and data within the database.
* It is strongly advised you leave this option alone.
* @global int $g_admin_site_threshold
*/
$g_admin_site_threshold = ADMINISTRATOR;
/**
* Threshold needed to manage a project: edit project
* details (not to add/delete projects) ...etc.
* @global int $g_manage_project_threshold
*/
$g_manage_project_threshold = MANAGER;
/**
* Threshold needed to add/delete/modify news
* @global int $g_manage_news_threshold
*/
$g_manage_news_threshold = MANAGER;
/**
* Threshold required to delete a project
* @global int $g_delete_project_threshold
*/
$g_delete_project_threshold = ADMINISTRATOR;
/**
* Threshold needed to create a new project
* @global int $g_create_project_threshold
*/
$g_create_project_threshold = ADMINISTRATOR;
/**
* Threshold needed to be automatically included in private projects
* @global int $g_private_project_threshold
*/
$g_private_project_threshold = ADMINISTRATOR;
/**
* Threshold needed to manage user access to a project
* @global int $g_project_user_threshold
*/
$g_project_user_threshold = MANAGER;
/**
* Threshold needed to manage user accounts
* @global int $g_manage_user_threshold
*/
$g_manage_user_threshold = ADMINISTRATOR;
/**
* Delete bug threshold
* @global int $g_delete_bug_threshold
*/
$g_delete_bug_threshold = DEVELOPER;
/**
* Delete bugnote threshold
* @global string $g_delete_bugnote_threshold
*/
$g_delete_bugnote_threshold = '%delete_bug_threshold%';
/**
* Are users allowed to change and delete their own bugnotes?
* @global int $g_bugnote_allow_user_edit_delete
*/
$g_bugnote_allow_user_edit_delete = ON;
/**
* Move bug threshold
* @global int $g_move_bug_threshold
*/
$g_move_bug_threshold = DEVELOPER;
/**
* Threshold needed to set the view status while reporting a bug or a bug note.
* @global int $g_set_view_status_threshold
*/
$g_set_view_status_threshold = REPORTER;
/**
* Threshold needed to update the view status while updating a bug or a bug note.
* This threshold should be greater or equal to $g_set_view_status_threshold.
* @global int $g_change_view_status_threshold
*/
$g_change_view_status_threshold = UPDATER;
/**
* Threshold needed to show the list of users montoring a bug on the bug view pages.
* @global int $g_show_monitor_list_threshold
*/
$g_show_monitor_list_threshold = DEVELOPER;
/**
* Threshold needed to be able to use stored queries
* @global int $g_stored_query_use_threshold
*/
$g_stored_query_use_threshold = REPORTER;
/**
* Threshold needed to be able to create stored queries
* @global int $g_stored_query_create_threshold
*/
$g_stored_query_create_threshold = DEVELOPERCUSTOMER;
/**
* Threshold needed to be able to create shared stored queries
* @global int $g_stored_query_create_shared_threshold
*/
$g_stored_query_create_shared_threshold = MANAGER;
/**
* Threshold needed to update readonly bugs. Readonly bugs are identified via
* $g_bug_readonly_status_threshold.
* @global int $g_update_readonly_bug_threshold
*/
$g_update_readonly_bug_threshold = MANAGER;
/**
* threshold for viewing changelog
* @global int $g_view_changelog_threshold
*/
$g_view_changelog_threshold = NOBODY;
/**
* threshold for viewing roadmap
* @global int $g_roadmap_view_threshold
*/
$g_roadmap_view_threshold = NOBODY;
/**
* threshold for updating roadmap, target_version, etc
* @global int $g_roadmap_update_threshold
*/
$g_roadmap_update_threshold = DEVELOPER;
/**
* status change thresholds
* @global int $g_update_bug_status_threshold
*/
$g_update_bug_status_threshold = DEVELOPER;
/**
* access level needed to re-open bugs
* @global int $g_reopen_bug_threshold
*/
$g_reopen_bug_threshold = DEVELOPER;
/**
* access level needed to assign bugs to unreleased product versions
* @global int $g_report_issues_for_unreleased_versions_threshold
*/
$g_report_issues_for_unreleased_versions_threshold = DEVELOPER;
/**
* access level needed to set a bug sticky
* @global int $g_set_bug_sticky_threshold
*/
$g_set_bug_sticky_threshold = NOBODY;
/**
* The minimum access level for someone to be a member of the development team
* and appear on the project information page.
* @global int $g_development_team_threshold
*/
$g_development_team_threshold = DEVELOPER;
/**
* this array sets the access thresholds needed to enter each status listed.
* if a status is not listed, it falls back to $g_update_bug_status_threshold
* example: $g_set_status_threshold = array( ACKNOWLEDGED => MANAGER, CONFIRMED => DEVELOPER, CLOSED => MANAGER );
* @global array $g_set_status_threshold
*/
$g_set_status_threshold = array();
/**
* Allow a bug to have no category
* @global int $g_allow_no_category
*/
$g_allow_no_category = ON;
/**
* login method
* CRYPT or PLAIN or MD5 or LDAP or BASIC_AUTH
* You can simply change this at will. MantisBT will try to figure out how the passwords were encrypted.
* @global int $g_login_method
*/
$g_login_method = MD5;
/**
* limit reporters
* Set to ON if you wish to limit reporters to only viewing bugs that they report.
* @global int $g_limit_reporters
*/
$g_limit_reporters = OFF;
/**
* close immediately
* Allow developers and above to close bugs immediately when resolving bugs
* @global int $g_allow_close_immediately
*/
$g_allow_close_immediately = OFF;
/**
* reporter can close
* Allow reporters to close the bugs they reported, after they're marked resolved.
* @global int $g_allow_reporter_close
*/
$g_allow_reporter_close = OFF;
/**
* reporter can reopen
* Allow reporters to reopen the bugs they reported, after they're marked resolved.
* @global int $g_allow_reporter_reopen
*/
$g_allow_reporter_reopen = ON;
/**
* reporter can upload
* Allow reporters to upload attachments to bugs they reported.
* @global int $g_allow_reporter_upload
*/
$g_allow_reporter_upload = ON;
/**
* account delete
* Allow users to delete their own accounts
* @global int $g_allow_account_delete
*/
$g_allow_account_delete = OFF;
/**
* Enable anonymous access to Mantis. You must also specify
* $g_anonymous_account as the account which anonymous users will browse
* Mantis with. The default setting is OFF.
* @global int $g_allow_anonymous_login
*/
$g_allow_anonymous_login = OFF;
/**
* Define the account which anonymous users will assume when using Mantis.
* You only need to define this setting when $g_allow_anonymous_login is
* set to ON. This account will always be treated as a protected account
* and thus anonymous users will not be able to update the preferences or
* settings of this account. It is suggested that the access level of this
* account have read only access to your Mantis installation (VIEWER).
* Please read the documentation on this topic before setting up anonymous
* access to your Mantis installation.
* @global string $g_anonymous_account
*/
$g_anonymous_account = '';
/**
* Bug Linking
* if a number follows this tag it will create a link to a bug.
* eg. for # a link would be #45
* eg. for bug: a link would be bug:98
* @global string $g_bug_link_tag
*/
$g_bug_link_tag = '#';
/**
* Bugnote Linking
* if a number follows this tag it will create a link to a bugnote.
* eg. for ~ a link would be ~45
* eg. for bugnote: a link would be bugnote:98
* @global string $g_bugnote_link_tag
*/
$g_bugnote_link_tag = '~';
/**
* Bug Count Linking
* this is the prefix to use when creating links to bug views from bug counts (eg. on the main
* page and the summary page).
* Default is a temporary filter
* only change the filter this time - 'view_all_set.php?type=1&temporary=y'
* permanently change the filter - 'view_all_set.php?type=1';
* @global string $g_bug_count_hyperlink_prefix
*/
$g_bug_count_hyperlink_prefix = 'view_all_set.php?type=1&temporary=y';
/**
* The regular expression to use when validating new user login names
* The default regular expression allows a-z, A-Z, 0-9, +, -, dot, space and
* underscore. If you change this, you may want to update the
* ERROR_USER_NAME_INVALID string in the language files to explain
* the rules you are using on your site
* See http://en.wikipedia.org/wiki/Regular_Expression for more details about regular expressions.
* For testing regular expressions, use http://rubular.com/.
* @global string $g_user_login_valid_regex
*/
$g_user_login_valid_regex = '/^([a-z\d\-.+_ ]+(@[a-z\d\-.]+\.[a-z]{2,4})?)$/i';
/**
* Default user name prefix used to filter the list of users in
* manage_user_page.php. Change this to 'A' (or any other
* letter) if you have a lot of users in the system and loading
* the manage users page takes a long time.
* @global string $g_default_manage_user_prefix
*/
$g_default_manage_user_prefix = 'ALL';
/**
* Default tag prefix used to filter the list of tags in
* manage_tags_page.php. Change this to 'A' (or any other
* letter) if you have a lot of tags in the system and loading
* the manage tags page takes a long time.
* @global string $g_default_manage_tag_prefix
*/
$g_default_manage_tag_prefix = 'ALL';
/**
* CSV Export
* Set the csv separator
* @global string $g_csv_separator
*/
$g_csv_separator = ',';
/**
* threshold for users to view the system configurations
* @global int $g_view_configuration_threshold
*/
$g_view_configuration_threshold = ADMINISTRATOR;
/**
* threshold for users to set the system configurations generically via MantisBT web interface.
* WARNING: Users who have access to set configuration via the interface MUST be trusted. This is due
* to the fact that such users can set configurations to PHP code and hence there can be a security
* risk if such users are not trusted.
* @global int $g_set_configuration_threshold
*/
$g_set_configuration_threshold = ADMINISTRATOR;
/************************************
* MantisBT Look and Feel Variables *
************************************/
/**
* status color codes, using the Tango color palette
* @global array $g_status_colors
*/
$g_status_colors = array( 'new' => '#ffa0a0', // red (scarlet red #ef2929)
'noresolved' => '#ef2929',
'feedback' => '#ffffcc', // purple (plum #75507b)
'acknowledged' => '#ffd850', // orange (orango #f57900)
'confirmed' => '#ffffb0', // yellow (butter #fce94f)
'assigned' => '#c8c8ff', // blue (sky blue #729fcf)
'hold' => '#729fcf', // blue (sky blue #729fcf)
'resolved' => '#cceedd', // green (chameleon #8ae234)
'closed' => '#e8e8e8'); // grey (aluminum #babdb6)
/**
* The padding level when displaying project ids
* The bug id will be padded with 0's up to the size given
* @global int $g_display_project_padding
*/
$g_display_project_padding = 2;
/**
* The padding level when displaying bug ids
* The bug id will be padded with 0's up to the size given
* @global int $g_display_bug_padding
*/
$g_display_bug_padding = 5;
/**
* The padding level when displaying bugnote ids
* The bugnote id will be padded with 0's up to the size given
* @global int $g_display_bugnote_padding
*/
$g_display_bugnote_padding = 5;
/*****************************
* MantisBT Cookie Variables *
*****************************/
/**
* --- cookie prefix ---------------
* set this to a unique identifier. No spaces.
* @global string $g_cookie_prefix
*/
$g_cookie_prefix = '<cookie_prefix>';
/*****************************
* MantisBT Filter Variables *
*****************************/
/**
* The threshold required for users to be able to create permalinks. To turn of this feature use NOBODY.
* @global int $g_create_permalink_threshold
*/
$g_create_permalink_threshold = NOBODY;
/*************************************
* MantisBT Database Table Variables *
*************************************/
/*************************
* MantisBT Enum Strings *
*************************/
/**
* status from $g_status_index-1 to 79 are used for the onboard customization (if enabled)
* directly use MantisBT to edit them.
* @global string $g_access_levels_enum_string
*/
$g_access_levels_enum_string = '10:viewer,25:reporter,40:updater,45:developercustomer,46:updatercustomer,55:developer,65:pmcustomer,70:manager,90:administrator';
/**
*
* @global string $g_project_status_enum_string
*/
$g_project_status_enum_string = '10:development,30:release,50:stable,70:obsolete';
/**
*
* @global string $g_project_view_state_enum_string
*/
$g_project_view_state_enum_string = '10:public,50:private';
/**
*
* @global string $g_view_state_enum_string
*/
$g_view_state_enum_string = '10:public,50:private';
/**
*
* @global string $g_priority_enum_string
*/
$g_priority_enum_string = '10:none,20:low,30:normal,40:high,50:urgent';
/**
*
* @global string $g_severity_enum_string
*/
$g_severity_enum_string = '20:AKTIE,30:PRD';
/**
*
* @global string $g_reproducibility_enum_string
*/
$g_reproducibility_enum_string = '1:empty,3:planning,5:draft fo,10:draft to,15:plan,20:develop,30:draft procedure,50:draft flows,70:draft workinstructions,80:install,90:test,100:training';
/**
*
* @global string $g_status_enum_string
*/
$g_status_enum_string = '10:new,15:noresolved,30:acknowledged,40:confirmed,50:assigned,60:hold,80:resolved,90:closed';
/**
* @@@ for documentation, the values in this list are also used to define variables in the language files
* (e.g., $s_new_bug_title referenced in bug_change_status_page.php )
* Embedded spaces are converted to underscores (e.g., "working on" references $s_working_on_bug_title).
* they are also expected to be english names for the states
* @global string $g_resolution_enum_string
*/
$g_resolution_enum_string = '10:open,20:fixed,30:reopened,60:duplicate,90:wont fix';
/**
*
* @global string $g_projection_enum_string
*/
$g_projection_enum_string = '10:none,30:tweak,50:minor fix,70:major rework,90:redesign';
/**
*
* @global string $g_eta_enum_string
*/
$g_eta_enum_string = '10:none,20:< 1 day,30:2-3 days,40:< 1 week,50:< 1 month,60:> 1 month';
/**
*
* @global string $g_sponsorship_enum_string
*/
$g_sponsorship_enum_string = '0:Unpaid,1:Requested,2:Paid';
/**
*
* @global string $g_custom_field_type_enum_string
*/
$g_custom_field_type_enum_string = '0:string,1:numeric,2:float,3:enum,4:email,5:checkbox,6:list,7:multiselection list,8:date,9:radio';
/*********************************
* MantisBT Javascript Variables *
*********************************/
/*******************************
* MantisBT Speed Optimisation *
*******************************/
/**
* Use compression of generated html if browser supports it
* If you already have compression enabled in your php.ini file
* (either with zlib.output_compression or
* output_handler=ob_gzhandler) this option will be ignored.
*
* If you do not have zlib enabled in your PHP installation
* this option will also be ignored. PHP 4.3.0 and later have
* zlib included by default. Windows users should uncomment
* the appropriate line in their php.ini files to load
* the zlib DLL. You can check what extensions are loaded
* by running "php -m" at the command line (look for 'zlib')
* @global int $g_compress_html
*/
$g_compress_html = ON;
/**
* Use persistent database connections
* @global int $g_use_persistent_connections
*/
$g_use_persistent_connections = OFF;
/*****************
* Include files *
*****************/
/**
* Specify your top/bottom include file (logos, banners, etc)
* @global string $g_bottom_include_page
*/
$g_bottom_include_page = '%absolute_path%';
/**
* Specify your top/bottom include file (logos, banners, etc)
* if a top file is supplied, the default MantisBT logo at the top will be hidden
* @global string $g_top_include_page
*/
$g_top_include_page = '%absolute_path%';
/**
* CSS file
* @global string $g_css_include_file
*/
$g_css_include_file = 'css/default.css';
/**
* RTL CSS file
* @global string $g_css_rtl_include_file
*/
$g_css_rtl_include_file = 'css/rtl.css';
/**
* meta tags
* @global string $g_meta_include_file
*/
$g_meta_include_file = '%absolute_path%meta_inc.php';
/****************
* Redirections *
****************/
/**
* Default page after Login or Set Project
* @global string $g_default_home_page
*/
$g_default_home_page = 'view_all_bug_page.php';
/***********
* Headers *
***********/
/**
* Browser Caching Control
* By default, we try to prevent the browser from caching anything. These two settings
* will defeat this for some cases.
*
* Browser Page caching - This will allow the browser to cache all pages. The upside will
* be better performance, but there may be cases where obsolete information is displayed.
* Note that this will be bypassed (and caching is allowed) for the bug report pages.
*
* @global int $g_allow_browser_cache
*/
// $g_allow_browser_cache = ON;
/**
* File caching - This will allow the browser to cache downloaded files. Without this set,
* there may be issues with IE receiving files, and launching support programs.
* @global int $g_allow_file_cache
*/
// $g_allow_file_cache = ON;
/*****************
* Custom Fields *
*****************/
/****************
* Custom Menus *
****************/
/********************
* My View Settings *
********************/
/**
* Number of bugs shown in each box
* @global int $g_my_view_bug_count
*/
$g_my_view_bug_count = 10;
/**
* Boxes to be shown and their order
* A box that is not to be shown can have its value set to 0
* @global array $g_my_view_boxes
*/
$g_my_view_boxes = array (
'assigned' => '1',
'unassigned' => '7',
'reported' => '3',
'resolved' => '5',
'recent_mod' => '2',
'monitored' => '4',
'feedback' => '0',
'verify' => '8',
'my_comments' => '6'
);
/**
* Toggle whether 'My View' boxes are shown in a fixed position (i.e. adjacent boxes start at the same vertical position)
* @global int $g_my_view_boxes_fixed_position
*/
$g_my_view_boxes_fixed_position = ON;
/*************
* RSS Feeds *
*************/
/**
* This flag enables or disables RSS syndication. In the case where RSS syndication is not used,
* it is recommended to set it to OFF.
* @global int $g_rss_enabled
*/
$g_rss_enabled = OFF;
/**
* This seed is used as part of the inputs for calculating the authentication key for the RSS feeds.
* If this seed changes, all the existing keys for the RSS feeds will become invalid. This is
* defaulted to the database user name, but it is recommended to overwrite it with a specific value
* on installation.
* @global string $g_rss_key_seed
*/
$g_rss_key_seed = '%db_username%';
/*********************
* Bug Relationships *
*********************/
/**
* Enable relationship graphs support.
* Show issue relationships using graphs.
*
* In order to use this feature, you must first install either GraphViz
* (all OSs except Windows) or WinGraphviz (only Windows).
*
* Graphviz homepage: http://www.research.att.com/sw/tools/graphviz/
* WinGraphviz homepage: http://home.so-net.net.tw/oodtsen/wingraphviz/
*
* Refer to the notes near the top of core/graphviz_api.php and
* core/relationship_graph_api.php for more information.
* @global int $g_relationship_graph_enable
*/
$g_relationship_graph_enable = ON;
/**
* Font name and size, as required by Graphviz. If Graphviz fails to run
* for you, you are probably using a font name that gd can't find. On
* Linux, try the name of the font file without the extension.
* @global string $g_relationship_graph_fontname
*/
$g_relationship_graph_fontname = 'Arial';
/**
*
* @global int $g_relationship_graph_fontsize
*/
$g_relationship_graph_fontsize = 8;
/**
* Default dependency orientation. If you have issues with lots of childs
* or parents, leave as 'horizontal', otherwise, if you have lots of
* "chained" issue dependencies, change to 'vertical'.
* @global string $g_relationship_graph_orientation
*/
$g_relationship_graph_orientation = 'horizontal';
/**
* Max depth for relation graphs. This only affects relation graphs,
* dependency graphs are drawn to the full depth. A value of 3 is already
* enough to show issues really unrelated to the one you are currently
* viewing.
* @global int $g_relationship_graph_max_depth
*/
$g_relationship_graph_max_depth = 3;
/**
* If set to ON, clicking on an issue on the relationship graph will open
* the bug view page for that issue, otherwise, will navigate to the
* relationship graph for that issue.
*
* @global int $g_relationship_graph_view_on_click
*/
$g_relationship_graph_view_on_click = ON;
/**
* Complete path to dot and neato tools. Your webserver must have execute
* permission to these programs in order to generate relationship graphs.
* NOTE: These are meaningless under Windows! Just ignore them!
* @global string $g_dot_tool
*/
$g_dot_tool = '/usr/bin/dot';
/**
* Complete path to dot and neato tools. Your webserver must have execute
* permission to these programs in order to generate relationship graphs.
* NOTE: These are meaningless under Windows! Just ignore them!
* @global string $g_neato_tool
*/
$g_neato_tool = '/usr/bin/neato';
/**
* Number of years in the past that custom date fields will display in
* drop down boxes.
* @global int $g_backward_year_count
*/
$g_backward_year_count = 4;
/**
* Number of years in the future that custom date fields will display in
* drop down boxes.
* @global int $g_forward_year_count
*/
$g_forward_year_count = 4;
/**
* Custom Group Actions
*
* This extensibility model allows developing new group custom actions. This
* can be implemented with a totally custom form and action pages or with a
* pre-implemented form and action page and call-outs to some functions. These
* functions are to be implemented in a predefined file whose name is based on
* the action name. For example, for an action to add a note, the action would
* be EXT_ADD_NOTE and the file implementing it would be bug_actiongroup_add_note_inc.php.
* See implementation of this file for details.
*
* Sample:
*
* array(
* array( 'action' => 'my_custom_action',
* 'label' => 'my_label', // string to be passed to lang_get_defaulted()
* 'form_page' => 'my_custom_action_page.php',
* 'action_page' => 'my_custom_action.php'
* )
* array( 'action' => 'my_custom_action2',
* 'form_page' => 'my_custom_action2_page.php',
* 'action_page' => 'my_custom_action2.php'
* )
* array( 'action' => 'EXT_ADD_NOTE', // you need to implement bug_actiongroup_<action_without_'EXT_')_inc.php
* 'label' => 'actiongroup_menu_add_note' // see strings_english.txt for this label
* )
* );
* @global array $g_custom_group_actions
*/
$g_custom_group_actions = array();
/********************
* Wiki Integration *
********************/
/********************
* Recently Visited *
********************/
/**
* Whether to show the most recently visited issues or not. At the moment we always track them even if this flag is off.
* @global int $g_recently_visited
*/
$g_recently_visited = ON;
/**
* The maximum number of issues to keep in the recently visited list.
* @global int $g_recently_visited_count
*/
$g_recently_visited_count = 5;
/***************
* Bug Tagging *
***************/
/**
* String that will separate tags as entered for input
* @global int $g_tag_separator
*/
$g_tag_separator = ',';
/**
* Access level required to view tags attached to a bug
* @global int $g_tag_view_threshold
*/
$g_tag_view_threshold = VIEWER;
/**
* Access level required to attach tags to a bug
* @global int $g_tag_attach_threshold
*/
$g_tag_attach_threshold = REPORTER;
/**
* Access level required to detach tags from a bug
* @global int $g_tag_detach_threshold
*/
$g_tag_detach_threshold = DEVELOPER;
/**
* Access level required to detach tags attached by the same user
* @global int $g_tag_detach_own_threshold
*/
$g_tag_detach_own_threshold = REPORTER;
/**
* Access level required to create new tags
* @global int $g_tag_create_threshold
*/
$g_tag_create_threshold = REPORTER;
/**
* Access level required to edit tag names and descriptions
* @global int $g_tag_edit_threshold
*/
$g_tag_edit_threshold = DEVELOPER;
/**
* Access level required to edit descriptions by the creating user
* @global int $g_tag_edit_own_threshold
*/
$g_tag_edit_own_threshold = REPORTER;
/*****************
* Time tracking *
*****************/
/****************************
* Profile Related Settings *
****************************/
/**
* Enable Profiles
* @global int $g_enable_profiles
*/
$g_enable_profiles = OFF;
/********************
* Twitter Settings *
********************/
/*****************
* Plugin System *
*****************/
/************
* Due Date *
************/
/**
* threshold to update due date submitted
* @global int $g_due_date_update_threshold
*/
$g_due_date_update_threshold = NOBODY;
/**
* threshold to see due date
* @global int $g_due_date_view_threshold
*/
$g_due_date_view_threshold = NOBODY;
/*****************
* Sub-projects
*****************
/**
* show extra dropdown for subprojects
* Shows only top projects in the project dropdown and adds an extra dropdown for subprojects.
* @global int $g_show_extended_project_browser
*/
$g_show_extended_project_browser = ON;
/**********************************
* Debugging / Developer Settings *
**********************************/
/**
* Used for debugging e-mail feature, when set to OFF the emails work as normal.
* when set to e-mail address, all e-mails are sent to this address with the
* original To, Cc, Bcc included in the message body.
* @global int $g_debug_email
*/
$g_debug_email = OFF;
/**
* --- system logging ---
* This controls the logging of information to a separate file for debug or audit
* $g_log_level controls what information is logged
* see constant_inc.php for details on the log channels available
* e.g., $g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT | LOG_FILTERING | LOG_AJAX;
*
* $g_log_destination specifies the file where the data goes
* right now, only "file:<file path>" is supported
* e.g. (Linux), $g_log_destination = 'file:/tmp/mantisbt.log';
* e.g. (Windows), $g_log_destination = 'file:c:/temp/mantisbt.log';
* see http://www.php.net/error_log for details
* @global int $g_log_level
*/
$g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT;
/**
*
* @global string $g_log_destination
*/
$g_log_destination = 'file:<log_destination>';
/**************************
* Configuration Settings *
**************************/
| ||||
 |
Could you post your current config to facilitate issue reproduction ? |
 |
Posted my config_inc.php However Workflow is done on a per project base ( and this installations has about 150 projects ). But be sure that even when status 'closed' is not a valid status ( by workflow for the project ), the close button is shown. |
|
|
If needed I can supply you with account on development enviroment. |
|
|
Hi Tom,
In that case, a screenshot of your workflow settings (or the definition of the corresponding records in mantis_config_table) for a sample project would be useful. |
|
|
Nevermind my request for sample config - I had a look and see what you mean now. I think we're just missing a call to bug_check_workflow. |
|
|
Thanks dregad, for now wil update my installation with your patch. |
|
|
Let me know if that works as expected (or not) |
|
|
Dregad, works as expected. ( Patch seems logical to me, I should have been able to tacle this one myself :-) Thanks for your speedy reply. |
 |
Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch |
|
|
CVE assigned on 06-Apr-2013 [1] [1] http://article.gmane.org/gmane.comp.security.oss.general/9878 |
|
MantisBT: master 562db4f4 2013-02-06 03:37 Details Diff |
Fix 0015453: Only display Close button if workflow allows Closed status |
Affected Issues 0015453 |
|
| mod - core/html_api.php | Diff File | ||
|
MantisBT: master-1.2.x d85e69fe 2013-02-06 03:37 Details Diff |
Fix 0015453: Only display Close button if workflow allows Closed status |
Affected Issues 0015453 |
|
| mod - core/html_api.php | Diff File | ||
