2014-11-25 20:20 EST

View Issue Details Jump to Notes ] Wiki ] Related Changesets ]
IDProjectCategoryView StatusLast Update
0015453mantisbtsecuritypublic2014-09-23 18:05
ReporterTomR 
Assigned Todregad 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
Product Version1.2.12 
Target Version1.2.15Fixed in Version1.2.15 
Summary0015453: CVE-2013-1930: Close button is shown on webpage despite 'close' is not a valid status by workflow
DescriptionIt seems that te 'Close' button does not respect the workflow status.

In my opinion the 'Close' button should only be visible ( or active ) when 'close' is a valid status ( by workflow )
TagsNo tags attached.
Attached Files
  • ? file icon config_inc.php (76,022 bytes) 2013-02-05 16:27 - 
    <?php
    # MantisBT - a php based bugtracking system
    
    # MantisBT is free software: you can redistribute it and/or modify
    # it under the terms of the GNU General Public License as published by
    # the Free Software Foundation, either version 2 of the License, or
    # (at your option) any later version.
    #
    # MantisBT is distributed in the hope that it will be useful,
    # but WITHOUT ANY WARRANTY; without even the implied warranty of
    # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    # GNU General Public License for more details.
    #
    # You should have received a copy of the GNU General Public License
    # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
    
    	/**
    	 * Default Configuration Variables
    	 *
    	 * This file should not be changed. If you want to override any of the values
    	 * defined here, define them in a file called config_inc.php, which will
    	 * be loaded after this file.
    	 *
    	 * In general a value of OFF means the feature is disabled and ON means the
    	 * feature is enabled.  Any other cases will have an explanation.
    	 *
    	 * For more details see http://www.mantisbt.org/docs/master-1.2.x/
    	 *
    	 * @package MantisBT
    	 * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
    	 * @copyright Copyright (C) 2002 - 2012  MantisBT Team - mantisbt-dev@lists.sourceforge.net
    	 * @link http://www.mantisbt.org
    	 */
    
    	/******************************
    	 * MantisBT Database Settings *
    	 ******************************/
    
    	/**
    	 * hostname should be either a hostname or connection string to supply to adodb.
    	 * For example, if you would like to connect to a database server on the local machine,
    	 * set hostname to 'localhost'
    	 * If you need to supply a port to connect to, set hostname as 'localhost:3306'.
    	 * @global string $g_hostname
    	 */
    	$g_hostname				= 'localhost';
    	/**
    	 * User name to use for connecting to the database. The user needs to have read/write access to the MantisBT database.
    	 * The default user name is "root".
    	 * @global string $g_db_username
    	 */
    	$g_db_username			= '<db_usename>';
    	/**
    	 * Password for the specified user name. The default password is empty.
    	 * @global string $g_db_password
    	 */
    	$g_db_password			= '<password>';
    	 /**
    	  * Name of database that contains MantisBT tables.
    	  * The default database name is "bugtracker".
    	  * @global string $g_database_name
    	  */
    	$g_database_name		= '<db>';
    
    	/**
    	 * path to your installation as seen from the web browser
    	 * requires trailing /
    	 * @global string $g_path
    	 */
    	$g_path	= 'http://<subdomain>.<domain>.nl/';
    
    	/**************
    	 * Web Server *
    	 **************/
    
    	/**
    	 * Session key name.  Should be unique between multiple installations to prevent conflicts.
    	 * @global string $g_session_key
    	 */
    	$g_session_key = '<session_key>';
    
    	/**
    	 * Session save path.  If false, uses default value as set by session handler.
    	 * @global bool $g_session_save_path
    	 */
    	$g_session_save_path = false;
    
    	/**
    	 * Session validation
    	 * WARNING: Disabling this could be a potential security risk!!
    	 * @global int $g_session_validation
    	 */
    	$g_session_validation = ON;
    
    	/**
    	 * Form security validation.
    	 * This protects against Cross-Site Request Forgery, but some proxy servers may
    	 * not correctly work with this option enabled because they cache pages incorrectly.
    	 * WARNING: Disabling this IS a security risk!!
    	 */
    	$g_form_security_validation = OFF;
    
    	/****************************
    	 * Signup and Lost Password *
    	 ****************************/
    
    	/**
    	 * allow users to signup for their own accounts.
    	 * Mail settings must be correctly configured in order for this to work
    	 * @global int $g_allow_signup
    	 */
    	$g_allow_signup			= OFF;
    
    	/**
    	 * Max. attempts to login using a wrong password before lock the account.
    	 * When locked, it's required to reset the password (lost password)
    	 * Value resets to zero at each successfully login
    	 * Set to OFF to disable this control
    	 * @global int $g_max_failed_login_count
    	 */
    	$g_max_failed_login_count = 10;
    
    	/**
    	 * String used to generate the confirm_hash for the 'lost password' feature and captcha code for 'signup'
    	 * ATTENTION: CHANGE IT TO WHATEVER VALUE YOU PREFER
    	 * @global int $g_password_confirm_hash_magic_string
    	 * @todo randomize + admin check
    	 */
    	$g_password_confirm_hash_magic_string = '<password_confirm_hash_magic_string>';
    	/**
    	 * Max. simultaneous requests of 'lost password'
    	 * When this value is reached, it's no longer possible to request new password reset
    	 * Value resets to zero at each successfully login
    	 * @global int $g_max_lost_password_in_progress_count
    	 */
    	$g_max_lost_password_in_progress_count = 5;
    
    	/**
    	 * absolute path (with trailing slash!) to folder which contains your TrueType-Font files
    	 * used to create the captcha image and since 0.19.3 for the Relationship Graphs
    	 * @global string $g_system_font_folder
    	 */
    	$g_system_font_folder	= '/usr/share/fonts/bitstream-vera/';
    
    	/***************************
    	 * MantisBT Email Settings *
    	 ***************************/
    
    	/**
    	 * the sender name, part of 'From: ' header in emails
    	 * @global string $g_from_name
    	 */
    	$g_from_name			= '<from_name>';
    
    	/**
    	 * the return address for bounced mail
    	 * @global string $g_return_path_email
    	 */
    
    	 
    	/**
    	 * Allow email notification.
    	 * Set to ON to enable email notifications, OFF to disable them. Note that
    	 * disabling email notifications has no effect on emails generated as part
    	 * of the user signup process. When set to OFF, the password reset feature
    	 * is disabled. Additionally, notifications of administrators updating
    	 * accounts are not sent to users.
    	 * @global int $g_enable_email_notification
    	 */
    	$g_enable_email_notification	= ON;
    
    	/**
    	 * The following two config options allow you to control who should get email
    	 * notifications on different actions/statuses.  The first option (default_notify_flags)
    	 * sets the default values for different user categories.  The user categories
    	 * are:
    	 *
    	 *      'reporter': the reporter of the bug
    	 *       'handler': the handler of the bug
    	 *       'monitor': users who are monitoring a bug
    	 *      'bugnotes': users who have added a bugnote to the bug
    	 *      'explicit': users who are explicitly specified by the code based on the action (e.g. user added to monitor list).
    	 * 'threshold_max': all users with access <= max
    	 * 'threshold_min': ..and with access >= min
    	 *
    	 * The second config option (notify_flags) sets overrides for specific actions/statuses.
    	 * If a user category is not listed for an action, the default from the config
    	 * option above is used.  The possible actions are:
    	 *
    	 *             'new': a new bug has been added
     	 *           'owner': a bug has been assigned to a new owner
    	 *        'reopened': a bug has been reopened
     	 *         'deleted': a bug has been deleted
    	 *         'updated': a bug has been updated
    	 *         'bugnote': a bugnote has been added to a bug
    	 *         'sponsor': sponsorship has changed on this bug
    	 *        'relation': a relationship has changed on this bug
    	 *         'monitor': an issue is monitored.
    	 *        '<status>': eg: 'resolved', 'closed', 'feedback', 'acknowledged', ...etc.
    	 *                     this list corresponds to $g_status_enum_string
    	 *
    	 * If you wanted to have all developers get notified of new bugs you might add
    	 * the following lines to your config file:
    	 *
    	 * $g_notify_flags['new']['threshold_min'] = DEVELOPER;
    	 * $g_notify_flags['new']['threshold_max'] = DEVELOPER;
    	 *
    	 * You might want to do something similar so all managers are notified when a
    	 * bug is closed.  If you didn't want reporters to be notified when a bug is
    	 * closed (only when it is resolved) you would use:
    	 *
    	 * $g_notify_flags['closed']['reporter'] = OFF;
    	 *
    	 * @global array $g_default_notify_flags
    	 */
    
    	$g_default_notify_flags	= array('reporter'	=> ON,
    									'handler'	=> ON,
    									'monitor'	=> ON,
    									'bugnotes'	=> ON,
    									'explicit'  => ON,
    									'threshold_min'	=> MANAGER,
    									'threshold_max' => MANAGER);
    
    	/**
    	 * We don't need to send these notifications on new bugs
    	 * (see above for info on this config option)
    	 * @todo (though I'm not sure they need to be turned off anymore
    	 *      - there just won't be anyone in those categories)
    	 *      I guess it serves as an example and a placeholder for this
    	 *      config option
    	 * @see $g_default_notify_flags
    	 * @global array $g_notify_flags
    	 */
    	$g_notify_flags['new']	= array('bugnotes'	=> OFF,
    									'monitor'	=> OFF);
    
    	$g_notify_flags['monitor'] = array(	'reporter'	=> OFF,
    										'handler'	=> OFF,
    										'monitor'	=> OFF,
    										'bugnotes'	=> OFF,
    										'explicit'  => ON,
    										'threshold_min'	=> NOBODY,
    										'threshold_max' => NOBODY);
    
    	/**
    	 * set to OFF to disable email check
    	 * @global int $g_check_mx_record
    	 */
    	$g_check_mx_record		= ON; # Not supported on Windows
    	/**
    	 * if ON, allow the user to omit an email field
    	 * note if you allow users to create their own accounts, they
    	 * must specify an email at that point, no matter what the value
    	 * of this option is.  Otherwise they wouldn't get their passwords.
    	 * @global int $g_allow_blank_email
    	 */
    	$g_allow_blank_email	= OFF;
    	/**
    	 * This specifies the access level that is needed to see realnames on user view page
    	 * @global int $g_show_user_realname_threshold
    	 */
    	$g_show_user_realname_threshold = VIEWER;
    
    	/**
    	 * If use_x_priority is set to ON, what should the value be?
    	 * Urgent = 1, Not Urgent = 5, Disable = 0
    	 * Note: some MTAs interpret X-Priority = 0 to mean 'Very Urgent'
    	 * @global int $g_mail_priority
    	 */
    	$g_mail_priority		= 3;
    
    	/**
    	 * select the method to mail by:
    	 * PHPMAILER_METHOD_MAIL - mail()
    	 * PHPMAILER_METHOD_SENDMAIL - sendmail
    	 * PHPMAILER_METHOD_SMTP - SMTP
    	 * @global int $g_phpMailer_method
    	 */
    	$g_phpMailer_method		= PHPMAILER_METHOD_SMTP;
    
    	/**
    	 * It is recommended to use a cronjob or a scheduler task to send emails.
    	 * The cronjob should typically run every 5 minutes.  If no cronjob is used,
    	 * then user will have to wait for emails to be sent after performing an action
    	 * which triggers notifications.  This slows user performance.
    	 * @global int $g_email_send_using_cronjob
    	 */
    	$g_email_send_using_cronjob = OFF;
    
    	/**
    	 * Specify whether e-mails should be sent with the category set or not.  This is tested
    	 * with Microsoft Outlook.  More testing for this feature + other formats will be added
    	 * in the future.
    	 * OFF, EMAIL_CATEGORY_PROJECT_CATEGORY (format: [Project] Category)
    	 * @global int $g_email_set_category
    	 */
    	$g_email_set_category		= ON;
    
    	/**
    	 * email separator and padding
    	 * @global string $g_email_separator1
    	 */
    	$g_email_separator1		= str_pad('', 70, '_');
    	/**
    	 * email separator and padding
    	 * @global string $g_email_separator2
    	 */
    	$g_email_separator2		= str_pad('', 70, '_');
    	/**
    	 * email separator and padding
    	 * @global int $g_email_padding_length
    	 */
    	$g_email_padding_length	= 28;
    
    	/***************************
    	 * MantisBT Version String *
    	 ***************************/
    
    
    	/******************************
    	 * MantisBT Language Settings *
    	 ******************************/
    
    	/**
    	 * If the language is set to 'auto', the actual
    	 * language is determined by the user agent (web browser)
    	 * language preference.
    	 * @global string $g_default_language
    	 */
    	$g_default_language		= 'dutch';
    
    	/**
    	 * list the choices that the users are allowed to choose
    	 * @global array $g_language_choices_arr
    	 */
    	$g_language_choices_arr	= array(
    
    		'dutch',
    		'english',
    
    	);
    
    	/**
    	 * Browser language mapping for 'auto' language selection
    	 * @global array $g_language_auto_map
    	 */
    	$g_language_auto_map = array(
    		'nl-be, nl' => 'dutch',
    		'en-us, en-gb, en-au, en' => 'english',
    	);
    
    	/**
    	 * Fallback for automatic language selection
    	 * @global string $g_fallback_language
    	 */
    	$g_fallback_language	= 'english';
    
    	/*****************************
    	 * MantisBT Display Settings *
    	 *****************************/
    
    	/**
    	 * browser window title
    	 * @global string $g_window_title
    	 */
    	$g_window_title			= '<window_title>';
    
    	/**
    	 * title at top of html page (empty by default, since there is a logo now)
    	 * @global string $g_page_title
    	 */
    	$g_page_title			= '<page_title>';
    
    	/**
    	 * Favicon image
    	 * @global string $g_favicon_image
    	 */
    	$g_favicon_image		= 'images/favicon.ico';
    
    	/**
    	 * Logo
    	 * @global string $g_logo_image
    	 */
    	$g_logo_image			= 'images/<my>_logo.gif';
    
    	/**
    	 * Logo URL link
    	 * @global string $g_logo_url
    	 */
    	$g_logo_url				= '%default_home_page%';
    
    	/**
    	 * Specifies whether to enable support for project documents or not.
    	 * This feature is deprecated and is expected to be moved to a plugin
    	 * in the future.
    	 * @global int $g_enable_project_documentation
    	 */
    	$g_enable_project_documentation	= OFF;
    
    	/**
    	 * Define the priority level at which a bug becomes significant.
    	 * Significant bugs are displayed with emphasis. Set this value to -1 to
    	 * disable the feature.
    	 * @global int $g_priority_significant_threshold
    	 */
    	$g_priority_significant_threshold = HIGH;
    
    	/**
    	 * Define the severity level at which a bug becomes significant.
    	 * Significant bugs are displayed with emphasis. Set this value to -1 to
    	 * disable the feature.
    	 * @global int $g_severity_significant_threshold
    	 */
    	$g_severity_significant_threshold = MAJOR;
    
    	/**
    	 * The default columns to be included in the View Issues Page.
    	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
    	 * Also each user can configure their own columns using My Account -> Manage Columns
    	 * Some of the columns specified here can be removed automatically if they conflict with other configuration.
    	 * Or if the current user doesn't have the necessary access level to view them.
    	 * For example, sponsorship_total will be removed if sponsorships are disabled.
    	 * To include custom field 'xyz', include the column name as 'custom_xyz'.
    	 *
    	 * Standard Column Names (i.e. names to choose from):
    	 * selection, edit, id, project_id, reporter_id, handler_id, priority, reproducibility, projection, eta,
    	 * resolution, fixed_in_version, view_state, os, os_build, build (for product build), platform, version, date_submitted, attachment,
    	 * category, sponsorship_total, severity, status, last_updated, summary, bugnotes_count, description,
    	 * steps_to_reproduce, additional_information
    	 *
    	 * @global array $g_view_issues_page_columns
    	 */
    	$g_view_issues_page_columns = array ( 'selection', 'edit', 'priority', 'id', 'sponsorship_total', 'bugnotes_count', 'attachment_count', 'date_submitted', 'category_id', 'severity', 'status', 'last_updated', 'view_state', 'summary' );
    
    	/**
    	 * The default columns to be included in the Print Issues Page.
    	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
    	 * Also each user can configure their own columns using My Account -> Manage Columns
    	 * @global array $g_print_issues_page_columns
    	 */
    	$g_print_issues_page_columns = array ( 'selection', 'priority', 'id', 'sponsorship_total', 'bugnotes_count', 'attachment_count', 'category_id', 'severity', 'status', 'last_updated', 'summary' );
    
    	/**
    	 * The default columns to be included in the CSV export.
    	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
    	 * Also each user can configure their own columns using My Account -> Manage Columns
    	 * @global array $g_csv_columns
    	 */
    	$g_csv_columns = array ( 'id', 'project_id', 'reporter_id', 'handler_id', 'priority', 'severity', 'reproducibility', 'version', 'projection', 'category_id', 'date_submitted', 'eta', 'os', 'os_build', 'platform', 'view_state', 'last_updated', 'summary', 'status', 'resolution', 'fixed_in_version' );
    
    	/**
    	 * The default columns to be included in the Excel export.
    	 * This can be overriden using Manage -> Manage Configuration -> Manage Columns
    	 * Also each user can configure their own columns using My Account -> Manage Columns
    	 * @global array $g_excel_columns
    	 */
    	$g_excel_columns = array ( 'id', 'project_id', 'reporter_id', 'handler_id', 'priority', 'severity', 'reproducibility', 'version', 'projection', 'category_id', 'date_submitted', 'eta', 'os', 'os_build', 'platform', 'view_state', 'last_updated', 'summary', 'status', 'resolution', 'fixed_in_version' );
    
    	/**
    	 * show projects when in All Projects mode
    	 * @global int $g_show_bug_project_links
    	 */
    	$g_show_bug_project_links	= ON;
    
    	/**
    	 * Position of the status colour legend, can be: POSITION_*
    	 * see constant_inc.php. (*: TOP , BOTTOM , or BOTH)
    	 * @global int $g_status_legend_position
    	 */
    	$g_status_legend_position	= STATUS_LEGEND_POSITION_BOTTOM;
    
    	/**
    	 * Show a legend with percentage of bug status
    	 * x% of all bugs are new, y% of all bugs are assigned and so on.
    	 * If set to ON it will printed below the status colour legend.
    	 * @global int $g_status_percentage_legend
    	 */
    	$g_status_percentage_legend = ON;
    
    	/**
    	 * Position of action buttons when viewing issues.
    	 * Can be: POSITION_TOP, POSITION_BOTTOM, or POSITION_BOTH.
    	 * @global int $g_action_button_position
    	 */
    	$g_action_button_position = POSITION_BOTH;
    
    	/**
    	 * show product versions in create, view and update screens
    	 * ON forces display even if none are defined
    	 * OFF suppresses display
    	 * AUTO suppresses the display if there are no versions defined for the project
    	 * @global int $g_show_product_version
    	 */
    	$g_show_product_version = OFF;
    
    	/**
    	 * show users with their real name or not
    	 * @global int $g_show_realname
    	 */
    	$g_show_realname = ON;
    
    	/**
    	 * sorting for names in dropdown lists. If turned on, "Jane Doe" will be sorted with the "D"s
    	 * @global int $g_sort_by_last_name
    	 */
    	$g_sort_by_last_name = ON;
    
    	/**
    	 * Show user avatar
    	 * the current implementation is based on http://www.gravatar.com
    	 * users will need to register there the same address used in
    	 * this MantisBT installation to have their avatar shown
    	 * Please note: upon registration or avatar change, it takes some time for
    	 * the updated gravatar images to show on sites
    	 * @global int $g_show_avatar
    	 */
    	$g_show_avatar = ON;
    
    	/**
    	 * Only users above this threshold will have their avatar shown
    	 * @global int $g_show_avatar_threshold
    	 */
    	$g_show_avatar_threshold = VIEWER;
    
    	/**************************
    	 * MantisBT Time Settings *
    	 **************************/
    
    	/**************************
    	 * MantisBT Date Settings *
    	 **************************/
    
    	/**
    	 * date format strings defaults to ISO 8601 formatting
    	 * go to http://www.php.net/manual/en/function.date.php
    	 * for detailed instructions on date formatting
    	 * @global string $g_short_date_format
    	 */
    	$g_short_date_format    = 'd-m-Y';
    
    	/**
    	 * date format strings defaults to ISO 8601 formatting
    	 * go to http://www.php.net/manual/en/function.date.php
    	 * for detailed instructions on date formatting
    	 * @global string $g_normal_date_format
    	 */
    	$g_normal_date_format   = 'd-m-Y H:i';
    
    	/**
    	 * date format strings defaults to ISO 8601 formatting
    	 * go to http://www.php.net/manual/en/function.date.php
    	 * for detailed instructions on date formatting
    	 * @global string $g_complete_date_format
    	 */
    	$g_complete_date_format = 'd-m-Y H:i T';
    
    	/**
    	 * jscalendar date format string
    	 * go to http://www.php.net/manual/en/function.date.php
    	 * for detailed instructions on date formatting
    	 * @global string $g_calendar_js_date_format
    	 */
    	$g_calendar_js_date_format   = '\%d-\%m-\%Y \%H:\%M';
    
    	/**
    	 * jscalendar date format string
    	 * go to http://www.php.net/manual/en/function.date.php
    	 * for detailed instructions on date formatting
    	 * @global string $g_calendar_date_format
    	 */
    	$g_calendar_date_format   = 'd-m-Y H:i';
    
    	/**************************
    	 * MantisBT TimeZone Settings *
    	 **************************/
    
    	/**************************
    	 * MantisBT News Settings *
    	 **************************/
    
    	/********************************
    	 * MantisBT Default Preferences *
    	 ********************************/
    
    	/**
    	 * signup default
    	 * look in constant_inc.php for values
    	 * @global int $g_default_new_account_access_level
    	 */
    	$g_default_new_account_access_level	= REPORTER;
    
    	/**
    	 * Default Bug View Status (VS_PUBLIC or VS_PRIVATE)
    	 * @global int $g_default_bug_view_status
    	 */
    	$g_default_bug_view_status = VS_PUBLIC;
    
    	/**
    	 * Default value for steps to reproduce field.
    	 * @global string $g_default_bug_steps_to_reproduce
    	 */
    	$g_default_bug_steps_to_reproduce = '';
    
    	/**
    	 * Default value for addition information field.
    	 * @global string $g_default_bug_additional_info
    	 */
    	$g_default_bug_additional_info = '';
    
    	/**
    	 * Default Bugnote View Status (VS_PUBLIC or VS_PRIVATE)
    	 * @global int $g_default_bugnote_view_status
    	 */
    	$g_default_bugnote_view_status = VS_PUBLIC;
    
    	/**
    	 * Default bug resolution when reporting a new bug
    	 * @global int $g_default_bug_resolution
    	 */
    	$g_default_bug_resolution = OPEN;
    
    	/**
    	 * Default bug severity when reporting a new bug
    	 * @global int $g_default_bug_severity
    	 */
    	$g_default_bug_severity = TRIVIAL;
    
    	/**
    	 * Default bug priority when reporting a new bug
    	 * @global int $g_default_bug_priority
    	 */
    	$g_default_bug_priority = NORMAL;
    
    	/**
    	 * Default bug reproducibility when reporting a new bug
    	 * @global int $g_default_bug_reproducibility
    	 */
    	$g_default_bug_reproducibility = REPRODUCIBILITY_EMPTY;
    
    	/**
    	 * Default bug projection when reporting a new bug
    	 * @global int $g_default_bug_projection
    	 */
    	$g_default_bug_projection = PROJECTION_NONE;
    
    	/**
    	 * Default bug ETA when reporting a new bug
    	 * @global int $g_default_bug_eta
    	 */
    	$g_default_bug_eta = ETA_NONE;
    
    	/**
    	 *
    	 * @global int $g_default_limit_view
    	 */
    	$g_default_limit_view	= 100;
    
    	/**
    	 *
    	 * @global int $g_default_show_changed
    	 */
    	$g_default_show_changed	= 24;
    
    	/**
    	 *
    	 * @global int $g_hide_status_default
    	 */
    	$g_hide_status_default 	= CLOSED;
    
    	/**
    	 *
    	 * @global string $g_show_sticky_issues
    	 */
    	$g_show_sticky_issues   = OFF;
    
    	/**
    	 * make sure people aren't refreshing too often
    	 * in minutes
    	 * @global int $g_min_refresh_delay
    	 */
    	$g_min_refresh_delay	= 10;
    
    	/**
    	 * in minutes
    	 * @global int $g_default_refresh_delay
    	 */
    	$g_default_refresh_delay		= 30;
    
    	/**
    	 * in seconds
    	 * @global int $g_default_redirect_delay
    	 */
    	$g_default_redirect_delay		= 0;
    
    	/**
    	 *
    	 * @global string $g_default_bugnote_order
    	 */
    	$g_default_bugnote_order		= 'DESC';
    
    	/**
    	 *
    	 * @global int $g_default_email_on_new
    	 */
    	$g_default_email_on_new			= ON;
    
    	/**
    	 *
    	 * @global int $g_default_email_on_assigned
    	 */
    	$g_default_email_on_assigned	= ON;
    
    	/**
    	 *
    	 * @global int $g_default_email_on_feedback
    	 */
    	$g_default_email_on_feedback	= ON;
    
    	/**
    	 *
    	 * @global int $g_default_email_on_resolved
    	 */
    	$g_default_email_on_resolved	= ON;
    
    	/**
    	 *
    	 * @global int $g_default_email_on_closed
    	 */
    	$g_default_email_on_closed		= ON;
    
    	/**
    	 *
    	 * @global int $g_default_email_on_reopened
    	 */
    	$g_default_email_on_reopened	= ON;
    
    	/**
    	 *
    	 * @global int $g_default_email_on_bugnote
    	 */
    	$g_default_email_on_bugnote		= ON;
    
    	/**
    	 * @todo Unused
    	 * @global int $g_default_email_on_status
    	 */
    	$g_default_email_on_status		= 0;
    
    	/**
    	 * @todo Unused
    	 * @global int $g_default_email_on_priority
    	 */
    	$g_default_email_on_priority	= 0;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_new_minimum_severity
    	 */
    	$g_default_email_on_new_minimum_severity		= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_assigned_minimum_severity
    	 */
    	$g_default_email_on_assigned_minimum_severity	= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_feedback_minimum_severity
    	 */
    	$g_default_email_on_feedback_minimum_severity	= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_resolved_minimum_severity
    	 */
    	$g_default_email_on_resolved_minimum_severity	= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_closed_minimum_severity
    	 */
    	$g_default_email_on_closed_minimum_severity		= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_reopened_minimum_severity
    	 */
    	$g_default_email_on_reopened_minimum_severity	= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_bugnote_minimum_severity
    	 */
    	$g_default_email_on_bugnote_minimum_severity	= OFF;
    
    	/**
    	 * 'any'
    	 * @global int $g_default_email_on_status_minimum_severity
    	 */
    	$g_default_email_on_status_minimum_severity		= OFF;
    
    	/**
    	 * @todo Unused
    	 * @global int $g_default_email_on_priority_minimum_severity
    	 */
    	$g_default_email_on_priority_minimum_severity	= OFF;
    
    	/**
    	 *
    	 * @global int $g_default_email_bugnote_limit
    	 */
    	$g_default_email_bugnote_limit					= 0;
    
    	/*****************************
    	 * MantisBT Summary Settings *
    	 *****************************/
    
    	/**
    	 * how many reporters to show
    	 * this is useful when there are hundreds of reporters
    	 * @global int $g_reporter_summary_limit
    	 */
    	$g_reporter_summary_limit	= 10;
    
    	/**
    	 * summary date displays
    	 * date lengths to count bugs by (in days)
    	 * @global array $g_date_partitions
    	 */
    	$g_date_partitions			= array( 1, 2, 3, 7, 30, 60, 90, 180, 365);
    
    	/**
    	 * shows project '[project] category' when 'All Projects' is selected
    	 * otherwise only 'category name'
    	 * @global int $g_summary_category_include_project
    	 */
    	$g_summary_category_include_project	= ON;
    
    	/**
    	 * threshold for viewing summary
    	 * @global int $g_view_summary_threshold
    	 */
    	$g_view_summary_threshold	= MANAGER;
    
    	/**
    	 * Define the multipliers which are used to determine the effectiveness
    	 * of reporters based on the severity of bugs. Higher multipliers will
    	 * result in an increase in reporter effectiveness.
    	 * @global array $g_severity_multipliers
    	 */
    	$g_severity_multipliers = array( FEATURE => 1,
    	                                 TRIVIAL => 2,
    	                                 TEXT    => 3,
    	                                 TWEAK   => 2,
    	                                 MINOR   => 5,
    	                                 MAJOR   => 8,
    	                                 CRASH   => 8,
    	                                 BLOCK   => 10 );
    
    	/**
    	 * Define the resolutions which are used to determine the effectiveness
    	 * of reporters based on the resolution of bugs. Higher multipliers will
    	 * result in a decrease in reporter effectiveness. The only resolutions
    	 * that need to be defined here are those which match or exceed
    	 * $g_bug_resolution_not_fixed_threshold.
    	 * @global array $g_resolution_multipliers
    	 */
    	$g_resolution_multipliers = array( UNABLE_TO_DUPLICATE => 2,
    	                                   NOT_FIXABLE         => 1,
    	                                   DUPLICATE           => 3,
    	                                   NOT_A_BUG           => 5,
    	                                   SUSPENDED           => 1,
    	                                   WONT_FIX            => 1 );
    
    	/*****************************
    	 * MantisBT Bugnote Settings *
    	 *****************************/
    
    	/**
    	 * bugnote ordering
    	 * change to ASC or DESC
    	 * @global string $g_bugnote_order
    	 */
    	$g_bugnote_order		= 'DESC';
    
    	/*********************************
    	 * MantisBT Bug History Settings *
    	 *********************************/
    
    	/**
    	 * bug history visible by default when you view a bug
    	 * change to ON or OFF
    	 * @global int $g_history_default_visible
    	 */
    	$g_history_default_visible	= ON;
    
    	/**
    	 * bug history ordering
    	 * change to ASC or DESC
    	 * @global string $g_history_order
    	 */
    	$g_history_order		= 'DESC';
    
    	/******************************
    	 * MantisBT Reminder Settings *
    	 ******************************/
    
    	/**
    	 * are reminders stored as bugnotes
    	 * @global int $g_store_reminders
    	 */
    	$g_store_reminders		= ON;
    
    	/**
    	 * Automatically add recipients of reminders to monitor list, if they are not
    	 * the handler or the reporter (since they automatically get notified, if required)
    	 * If recipients of the reminders are below the monitor threshold, they will not be added.
    	 * @global int $g_reminder_recipients_monitor_bug
    	 */
    	$g_reminder_recipients_monitor_bug = ON;
    
    	/**
    	 * Default Reminder View Status (VS_PUBLIC or VS_PRIVATE)
    	 * @global int $g_default_reminder_view_status
    	 */
    	$g_default_reminder_view_status = VS_PUBLIC;
    
    	/**
    	 * The minimum access level required to show up in the list of users who can receive a reminder.
    	 * The access level is that of the project to which the issue belongs.
    	 * @global int $g_reminder_receive_threshold
    	 */
    	$g_reminder_receive_threshold = DEVELOPERCUSTOMER;
    
    	/*********************************
    	 * MantisBT Sponsorship Settings *
    	 *********************************/
    
    	/**
    	 * Whether to enable/disable the whole issue sponsorship feature
    	 * @global int $g_enable_sponsorship
    	 */
    	$g_enable_sponsorship = OFF;
    
    	/**
    	 * Currency used for all sponsorships.
    	 * @global string $g_sponsorship_currency
    	 */
    	$g_sponsorship_currency = 'EUR()';
    
    	/**
    	 * Access level threshold needed to view the total sponsorship for an issue by all users.
    	 * @global int $g_view_sponsorship_total_threshold
    	 */
    	$g_view_sponsorship_total_threshold = VIEWER;
    
    	/**
    	 * Access level threshold needed to view the users sponsoring an issue and the sponsorship
    	 * amount for each.
    	 * @global int $g_view_sponsorship_details_threshold
    	 */
    	$g_view_sponsorship_details_threshold = VIEWER;
    
    	/**
    	 * Access level threshold needed to allow user to sponsor issues.
    	 * @global int $g_sponsor_threshold
    	 */
    	$g_sponsor_threshold = REPORTER;
    
    	/**
    	 * Access level required to be able to handle sponsored issues.
    	 * @global int $g_handle_sponsored_bugs_threshold
    	 */
    	$g_handle_sponsored_bugs_threshold = DEVELOPER;
    
    	/**
    	 * Access level required to be able to assign a sponsored issue to a user with access level
    	 * greater or equal to 'handle_sponsored_bugs_threshold'.
    	 * @global int $g_assign_sponsored_bugs_threshold
    	 */
    	$g_assign_sponsored_bugs_threshold = MANAGER;
    
    	/**
    	 * Minimum sponsorship amount. If the user enters a value less than this, an error will be prompted.
    	 * @global int $g_minimum_sponsorship_amount
    	 */
    	$g_minimum_sponsorship_amount = 5;
    
    	/*********************************
    	 * MantisBT File Upload Settings *
    	 *********************************/
    
    	/**
    	 * --- file upload settings --------
    	 * This is the master setting to disable *all* file uploading functionality
    	 *
    	 * If you want to allow file uploads, you must also make sure that they are
    	 *  enabled in php.  You may need to add 'file_uploads = TRUE' to your php.ini
    	 *
    	 * See also: $g_upload_project_file_threshold, $g_upload_bug_file_threshold,
    	 *   $g_allow_reporter_upload
    	 * @global int $g_allow_file_upload
    	 */
    	$g_allow_file_upload	= ON;
    
    	/**
    	 * Upload destination: specify actual location in project settings
    	 * DISK, DATABASE, or FTP.
    	 * @global int $g_file_upload_method
    	 */
    	$g_file_upload_method	= DISK;
    
    	/**
    	 * When using FTP or DISK for storing uploaded files, this setting control
    	 * the access permissions they will have on the web server: with the default
    	 * value (0400) files will be read-only, and accessible only by the user
    	 * running the apache process (probably "apache" in Linux and "Administrator"
    	 * in Windows).
    	 * For more details on unix style permissions:
    	 * http://www.perlfect.com/articles/chmod.shtml
    	 * @global int $g_attachments_file_permissions
    	 */
    	$g_attachments_file_permissions = 0400;
    
    	/**
    	 * Maximum file size that can be uploaded
    	 * Also check your PHP settings (default is usually 2MBs)
    	 * @global int $g_max_file_size
    	 */
    	$g_max_file_size		= 8192000;
    
    	/**
    	 * Files that are allowed or not allowed.  Separate items by commas.
    	 * eg. 'php,html,java,exe,pl'
    	 * if $g_allowed_files is filled in NO other file types will be allowed.
    	 * $g_disallowed_files takes precedence over $g_allowed_files
    	 * @global string $g_allowed_files
    	 */
    	$g_allowed_files		= '';
    
    	/**
    	 *
    	 * @global string $g_disallowed_files
    	 */
    	$g_disallowed_files		= 'class,exe,pl';
    
    	/**
    	 * prefix to be used for the file system names of files uploaded to projects.
    	 * Eg: doc-001-myprojdoc.zip
    	 * @global string $g_document_files_prefix
    	 */
    	$g_document_files_prefix = 'doc';
    
    	/**
    	 * absolute path to the default upload folder.  Requires trailing / or \
    	 * @global string $g_absolute_path_default_upload_folder
    	 */
    	$g_absolute_path_default_upload_folder = '<absolute_path_default_upload_folder>';
    
    	/**************************
    	 * MantisBT HTML Settings *
    	 **************************/
    
    	/**
    	 * These are the valid html tags for multi-line fields (e.g. description)
    	 * do NOT include href or img tags here
    	 * do NOT include tags that have parameters (eg. <font face="arial">)
    	 * @global string $g_html_valid_tags
    	 */
    	$g_html_valid_tags		= 'p, li, ul, ol, br, pre, i, b, u, em, del';
    
    	/************************
    	 * MantisBT HR Settings *
    	 ************************/
    
    	/**************************
    	 * MantisBT LDAP Settings *
    	 **************************/
    
    	/*******************
    	 * Status Settings *
    	 *******************/
    
    	/**
    	 * Status to assign to the bug when submitted.
    	 * @global int $g_bug_submit_status
    	 */
    	$g_bug_submit_status = NEW_;
    
    	/**
    	 * Status to assign to the bug when assigned.
    	 * @global int $g_bug_assigned_status
    	 */
    	$g_bug_assigned_status = ASSIGNED;
    
    	/**
    	 * Status to assign to the bug when reopened.
    	 * @global int $g_bug_reopen_status
    	 */
    	$g_bug_reopen_status = NORESOLVED;
    
    	/**
    	 * Status to assign to the bug when feedback is required from the issue reporter.
    	 * Once the reporter adds a note the status moves back from feedback to $g_bug_assigned_status
    	 * or $g_bug_submit_status.
    	 * @global int $g_bug_feedback_status
    	 */
    	$g_bug_feedback_status = FEEDBACK;
    
    	/**
    	 * When a note is added to a bug currently in $g_bug_feedback_status, and the note
    	 * author is the bug's reporter, this option will automatically set the bug status
    	 * to $g_bug_submit_status or $g_bug_assigned_status if the bug is assigned to a
    	 * developer.  Defaults to enabled.
    	 * @global boolean $g_reassign_on_feedback
    	 */
    	$g_reassign_on_feedback = OFF;
    
    	/**
    	 * Resolution to assign to the bug when reopened.
    	 * @global int $g_bug_reopen_resolution
    	 */
    	$g_bug_reopen_resolution = REOPENED;
    
    	/**
    	 * Bug becomes readonly if its status is >= this status.  The bug becomes read/write again if re-opened and its
    	 * status becomes less than this threshold.
    	 * @global int $g_bug_readonly_status_threshold
    	 */
    	$g_bug_readonly_status_threshold = CLOSED;
    
    	/**
    	 * Bug is resolved, ready to be closed or reopened.  In some custom installations a bug
    	 * may be considered as resolved when it is moved to a custom (FIXED or TESTED) status.
    	 * @global int $g_bug_resolved_status_threshold
    	 */
    	$g_bug_resolved_status_threshold = RESOLVED;
    
    	/**
    	 * Threshold resolution which denotes that a bug has been resolved and
    	 * successfully fixed by developers. Resolutions above this threshold
    	 * and below $g_bug_resolution_not_fixed_threshold are considered to be
    	 * resolved successfully.
    	 * @global int $g_bug_resolution_fixed_threshold
    	 */
    	$g_bug_resolution_fixed_threshold = FIXED;
    
    	/**
    	 * Threshold resolution which denotes that a bug has been resolved without
    	 * being successfully fixed by developers. Resolutions above this
    	 * threshold are considered to be resolved in an unsuccessful way.
    	 * @global int $g_bug_resolution_not_fixed_threshold
    	 */
    	$g_bug_resolution_not_fixed_threshold = WONT_FIX;
    
    	/**
    	 * Bug is closed.  In some custom installations a bug may be considered as closed when
    	 * it is moved to a custom (COMPLETED or IMPLEMENTED) status.
    	 * @global int $g_bug_closed_status_threshold
    	 */
    	$g_bug_closed_status_threshold = CLOSED;
    
    	/**
    	 * Automatically set status to ASSIGNED whenever a bug is assigned to a person.
    	 * This is useful for installations where assigned status is to be used when
    	 * the bug is in progress, rather than just put in a person's queue.
    	 * @global int $g_auto_set_status_to_assigned
    	 */
    	$g_auto_set_status_to_assigned	= ON;
    
    	/**
    	 * 'status_enum_workflow' defines the workflow, and reflects a simple
    	 *  2-dimensional matrix. For each existing status, you define which
    	 *  statuses you can go to from that status, e.g. from NEW_ you might list statuses
    	 *  '10:new,20:feedback,30:acknowledged' but not higher ones.
    	 * The following example can be transferred to config_inc.php
    	 * $g_status_enum_workflow[NEW_]='20:feedback,30:acknowledged,40:confirmed,50:assigned,80:resolved';
    	 * $g_status_enum_workflow[FEEDBACK] ='10:new,30:acknowledged,40:confirmed,50:assigned,80:resolved';
    	 * $g_status_enum_workflow[ACKNOWLEDGED] ='20:feedback,40:confirmed,50:assigned,80:resolved';
    	 * $g_status_enum_workflow[CONFIRMED] ='20:feedback,50:assigned,80:resolved';
    	 * $g_status_enum_workflow[ASSIGNED] ='20:feedback,80:resolved,90:closed';
    	 * $g_status_enum_workflow[RESOLVED] ='50:assigned,90:closed';
    	 * $g_status_enum_workflow[CLOSED] ='50:assigned';
    	 * @global array $g_status_enum_workflow
    	 */
    	$g_status_enum_workflow = array();
    
    	/****************************
    	 * Bug Attachments Settings *
    	 ****************************/
    
    	/**
    	 * Specifies the maximum width for the auto-preview feature.  If no maximum width should be imposed
    	 * then it should be set to 0.
    	 * @global int $g_preview_max_width
    	 */
    	$g_preview_max_width = 800;
    
    	/**
    	 * Specifies the maximum height for the auto-preview feature.  If no maximum height should be imposed
    	 * then it should be set to 0.
    	 * @global int $g_preview_max_height
    	 */
    	$g_preview_max_height = 600;
    
    	/**
    	 * Show an attachment indicator on bug list
    	 * Show a clickable attachment indicator on the bug
    	 * list page if the bug has one or more files attached.
    	 * Note: This option is disabled by default since it adds
    	 * 1 database query per bug listed and thus might slow
    	 * down the page display.
    	 *
    	 * @global int $g_show_attachment_indicator
    	 */
    	$g_show_attachment_indicator = ON;
    
    	/**
    	 * access level needed to delete bug attachments
    	 * @global int $g_delete_attachments_threshold
    	 */
    	$g_delete_attachments_threshold	= DEVELOPERCUSTOMER;
    
    	/**
    	 * allow users to delete attachments uploaded by themselves even if their access
    	 * level is below delete_attachments_threshold.
    	 * @global int $g_allow_delete_own_attachments
    	 */
    	$g_allow_delete_own_attachments = ON;
    
    	/**********************
    	 * Field Visibility
    	 **********************/
    
    	/**
    	 * Enable or disable usage of the ETA field.
    	 * @global int $g_enable_eta
    	 */
    	$g_enable_eta = OFF;
    
    	/**
    	 * Enable or disable usage of the Projection field.
    	 * @global int $g_enable_projection
    	 */
    	$g_enable_projection = OFF;
    
    	/**
    	 * Enable or disable usage of the Product Build field.
    	 * @global int $g_enable_product_build
    	 */
    	$g_enable_product_build = OFF;
    
    	/**
    	 * An array of the fields to show on the bug report page.
    	 *
    	 * The following fields can not be included:
    	 * id, project, date_submitted, last_updated, status,
    	 * resolution, tags, fixed_in_version, projection, eta,
    	 * reporter.
    	 *
    	 * The following fields must be included:
    	 * category_id, summary, description.
    	 *
    	 * To overload this setting per project, then the settings must be included in the database through
    	 * the generic configuration form.
    	 *
    	 * @global array $g_bug_report_page_fields
    	 */
    	$g_bug_report_page_fields = array(
    		'category_id',
    		'view_state',
    		'handler',
    		'priority',
    		'severity',
    		'summary',
    		'description',
    		'attachments',
    	);
    
    	/**
    	 * An array of the fields to show on the bug view page.
    	 *
    	 * To overload this setting per project, then the settings must be included in the database through
    	 * the generic configuration form.
    	 *
    	 * @global array $g_bug_view_page_fields
    	 */
    	$g_bug_view_page_fields = array (
    		'id',
    		'project',
    		'category_id',
    		'view_state',
    		'date_submitted',
    		'last_updated',
    		'reporter',
    		'handler',
    		'priority',
    		'severity',
    		'status',
    		'resolution',
    		'summary',
    		'description',
    		'tags',
    		'attachments',
    	);
    
    	/**
    	 * An array of the fields to show on the bug print page.
    	 * @global array $g_bug_print_page_fields
    	 */
    	$g_bug_print_page_fields = array (
    		'id',
    		'project',
    		'category_id',
    		'view_state',
    		'date_submitted',
    		'last_updated',
    		'reporter',
    		'handler',
    		'priority',
    		'severity',
    		'status',
    		'resolution',
    		'summary',
    		'description',
    		'tags',
    		'attachments',
    	);
    
    	/**
    	 * An array of the fields to show on the bug update page.
    	 *
    	 * To overload this setting per project, then the settings must be included in the database through
    	 * the generic configuration form.
    	 *
    	 * @global array $g_bug_update_page_fields
    	 */
    	$g_bug_update_page_fields = array (
    		'id',
    		'project',
    		'category_id',
    		'view_state',
    		'date_submitted',
    		'last_updated',
    		'reporter',
    		'handler',
    		'priority',
    		'severity',
    		'status',
    		'resolution',
    		'summary',
    		'description',
    		'attachments',
    	);
    
    	/**
    	 * An array of the fields to show on the bug change status page.
    	 *
    	 * To overload this setting per project, then the settings must be included in the database through
    	 * the generic configuration form.
    	 *
    	 * @global array $g_bug_change_status_page_fields
    	 */
    	$g_bug_change_status_page_fields = array (
    		'id',
    		'project',
    		'category_id',
    		'view_state',
    		'date_submitted',
    		'last_updated',
    		'reporter',
    		'handler',
    		'priority',
    		'severity',
    		'status',
    		'resolution',
    		'summary',
    		'description',
    		'tags',
    		'attachments',
    	);
    
    	/**************************
    	 * MantisBT Misc Settings *
    	 **************************/
    
    	/**
    	 * access level needed to report a bug
    	 * @global int $g_report_bug_threshold
    	 */
    	$g_report_bug_threshold			= REPORTER;
    
    	/**
    	 * access level needed to update bugs (i.e., the update_bug_page)
    	 * This controls whether the user sees the "Update Bug" button in bug_view*_page
    	 * and the pencil icon in view_all_bug_page
    	 * @global int $g_update_bug_threshold
    	 */
    	$g_update_bug_threshold			= UPDATER;
    
    	/**
    	 * Access level needed to monitor bugs.
    	 * Look in the constant_inc.php file if you want to set a different value.
    	 * @global int $g_monitor_bug_threshold
    	 */
    	$g_monitor_bug_threshold = REPORTER;
    
    	/**
    	 * Access level needed to add other users to the list of users monitoring
    	 * a bug.
    	 * Look in the constant_inc.php file if you want to set a different value.
    	 * @global int $g_monitor_add_others_bug_threshold
    	 */
    	$g_monitor_add_others_bug_threshold = DEVELOPERCUSTOMER;
    
    	/**
    	 * Access level needed to delete other users from the list of users
    	 * monitoring a bug.
    	 * Look in the constant_inc.php file if you want to set a different value.
    	 * @global int $g_monitor_add_others_bug_threshold
    	 */
    	$g_monitor_delete_others_bug_threshold = DEVELOPERCUSTOMER;
    
    	/**
    	 * access level needed to view private bugs
    	 * Look in the constant_inc.php file if you want to set a different value
    	 * @global int $g_private_bug_threshold
    	 */
    	$g_private_bug_threshold		= DEVELOPER;
    
    	/**
    	 * access level needed to be able to be listed in the assign to field.
    	 * @global int $g_handle_bug_threshold
    	 */
    	$g_handle_bug_threshold			= DEVELOPER;
    
    	/**
    	 * access level needed to show the Assign To: button bug_view*_page or
    	 *  the Assigned list in bug_update*_page.
    	 *  This allows control over who can route bugs
    	 * This defaults to $g_handle_bug_threshold
    	 * @global int $g_update_bug_assign_threshold
    	 */
    	$g_update_bug_assign_threshold			= '%handle_bug_threshold%';
    
    	/**
    	 * access level needed to view private bugnotes
    	 * Look in the constant_inc.php file if you want to set a different value
    	 * @global int $g_private_bugnote_threshold
    	 */
    	$g_private_bugnote_threshold	= DEVELOPER;
    
    	/**
    	 * access level needed to view handler in bug reports and notification email
    	 * @todo yarick123: now it is implemented for notification email only
    	 * @global int $g_view_handler_threshold
    	 */
    	$g_view_handler_threshold		= VIEWER;
    
    	/**
    	 * access level needed to view history in bug reports and notification email
    	 * @todo yarick123: now it is implemented for notification email only
    	 * @global int $g_view_history_threshold
    	 */
    	$g_view_history_threshold		= DEVELOPERCUSTOMER;
    
    	/**
    	 * access level needed to send a reminder from the bug view pages
    	 * set to NOBODY to disable the feature
    	 * @global int $g_bug_reminder_threshold
    	 */
    	$g_bug_reminder_threshold		= DEVELOPER;
    
    	/**
    	 * Access lever required to drop bug history revisions
    	 * @global int $g_bug_revision_drop_threshold
    	 */
    	$g_bug_revision_drop_threshold = MANAGER;
    
    	/**
    	 * access level needed to upload files to the project documentation section
    	 * You can set this to NOBODY to prevent uploads to projects
    	 * See also: $g_upload_bug_file_threshold, $g_allow_file_upload
    	 * @global int $g_upload_project_file_threshold
    	 */
    	$g_upload_project_file_threshold = MANAGER;
    
    	/**
    	 * access level needed to upload files to attach to a bug
    	 * You can set this to NOBODY to prevent uploads to bugs but note that
    	 *  the reporter of the bug will still be able to upload unless you set
    	 *  $g_allow_reporter_upload or $g_allow_file_upload to OFF
    	 * See also: $g_upload_project_file_threshold, $g_allow_file_upload,
    	 *			$g_allow_reporter_upload
    	 * @global int $g_upload_bug_file_threshold
    	 */
    	$g_upload_bug_file_threshold	= REPORTER;
    
    	/**
    	 * Add bugnote threshold
    	 * @global int $g_add_bugnote_threshold
    	 */
    	$g_add_bugnote_threshold = REPORTER;
    
    	/**
    	 * Update bugnote threshold (if the bugnote is not your own)
    	 * @global int $g_update_bugnote_threshold
    	 */
    	$g_update_bugnote_threshold = DEVELOPER;
    
    	/**
    	 * Threshold needed to view project documentation
    	 * @global int $g_view_proj_doc_threshold
    	 */
    	$g_view_proj_doc_threshold = ANYBODY;
    
    	/**
    	 * Site manager
    	 * @global int $g_manage_site_threshold
    	 */
    	$g_manage_site_threshold = MANAGER;
    
    	/**
    	 * Threshold at which a user is considered to be a site administrator.
    	 * These users have "superuser" access to all aspects of Mantis including
    	 * the admin/ directory. WARNING: DO NOT CHANGE THIS VALUE UNLESS YOU
    	 * ABSOLUTELY KNOW WHAT YOU'RE DOING! Users at this access level have the
    	 * ability to damage your Mantis installation and data within the database.
    	 * It is strongly advised you leave this option alone.
    	 * @global int $g_admin_site_threshold
    	 */
    	$g_admin_site_threshold = ADMINISTRATOR;
    
    	/**
    	 * Threshold needed to manage a project: edit project
    	 * details (not to add/delete projects) ...etc.
    	 * @global int $g_manage_project_threshold
    	 */
    	$g_manage_project_threshold = MANAGER;
    
    	/**
    	 * Threshold needed to add/delete/modify news
    	 * @global int $g_manage_news_threshold
    	 */
    	$g_manage_news_threshold = MANAGER;
    
    	/**
    	 * Threshold required to delete a project
    	 * @global int $g_delete_project_threshold
    	 */
    	$g_delete_project_threshold = ADMINISTRATOR;
    
    	/**
    	 * Threshold needed to create a new project
    	 * @global int $g_create_project_threshold
    	 */
    	$g_create_project_threshold = ADMINISTRATOR;
    
    	/**
    	 * Threshold needed to be automatically included in private projects
    	 * @global int $g_private_project_threshold
    	 */
    	$g_private_project_threshold = ADMINISTRATOR;
    
    	/**
    	 * Threshold needed to manage user access to a project
    	 * @global int $g_project_user_threshold
    	 */
    	$g_project_user_threshold = MANAGER;
    
    	/**
    	 * Threshold needed to manage user accounts
    	 * @global int $g_manage_user_threshold
    	 */
    	$g_manage_user_threshold = ADMINISTRATOR;
    
    	/**
    	 * Delete bug threshold
    	 * @global int $g_delete_bug_threshold
    	 */
    	$g_delete_bug_threshold = DEVELOPER;
    
    	/**
    	 * Delete bugnote threshold
    	 * @global string $g_delete_bugnote_threshold
    	 */
    	$g_delete_bugnote_threshold = '%delete_bug_threshold%';
    
    	/**
    	 * Are users allowed to change and delete their own bugnotes?
    	 * @global int $g_bugnote_allow_user_edit_delete
    	 */
    	$g_bugnote_allow_user_edit_delete = ON;
    
    	/**
    	 * Move bug threshold
    	 * @global int $g_move_bug_threshold
    	 */
    	$g_move_bug_threshold = DEVELOPER;
    
    	/**
    	 * Threshold needed to set the view status while reporting a bug or a bug note.
    	 * @global int $g_set_view_status_threshold
    	 */
    	$g_set_view_status_threshold = REPORTER;
    
    	/**
    	 * Threshold needed to update the view status while updating a bug or a bug note.
    	 * This threshold should be greater or equal to $g_set_view_status_threshold.
    	 * @global int $g_change_view_status_threshold
    	 */
    	$g_change_view_status_threshold = UPDATER;
    
    	/**
    	 * Threshold needed to show the list of users montoring a bug on the bug view pages.
    	 * @global int $g_show_monitor_list_threshold
    	 */
    	$g_show_monitor_list_threshold = DEVELOPER;
    
    	/**
    	 * Threshold needed to be able to use stored queries
    	 * @global int $g_stored_query_use_threshold
    	 */
    	$g_stored_query_use_threshold = REPORTER;
    
    	/**
    	 * Threshold needed to be able to create stored queries
    	 * @global int $g_stored_query_create_threshold
    	 */
    	$g_stored_query_create_threshold = DEVELOPERCUSTOMER;
    
    	/**
    	 * Threshold needed to be able to create shared stored queries
    	 * @global int $g_stored_query_create_shared_threshold
    	 */
    	$g_stored_query_create_shared_threshold = MANAGER;
    
    	/**
    	 * Threshold needed to update readonly bugs.  Readonly bugs are identified via
    	 * $g_bug_readonly_status_threshold.
    	 * @global int $g_update_readonly_bug_threshold
    	 */
    	$g_update_readonly_bug_threshold = MANAGER;
    
    	/**
    	 * threshold for viewing changelog
    	 * @global int $g_view_changelog_threshold
    	 */
    	$g_view_changelog_threshold = NOBODY;
    
    	/**
    	 * threshold for viewing roadmap
    	 * @global int $g_roadmap_view_threshold
    	 */
    	$g_roadmap_view_threshold = NOBODY;
    
    	/**
    	 * threshold for updating roadmap, target_version, etc
    	 * @global int $g_roadmap_update_threshold
    	 */
    	$g_roadmap_update_threshold = DEVELOPER;
    
    	/**
    	 * status change thresholds
    	 * @global int $g_update_bug_status_threshold
    	 */
    	$g_update_bug_status_threshold = DEVELOPER;
    
    	/**
    	 * access level needed to re-open bugs
    	 * @global int $g_reopen_bug_threshold
    	 */
    	$g_reopen_bug_threshold			= DEVELOPER;
    
    	/**
    	 * access level needed to assign bugs to unreleased product versions
    	 * @global int $g_report_issues_for_unreleased_versions_threshold
    	 */
    	$g_report_issues_for_unreleased_versions_threshold = DEVELOPER;
    
    	/**
    	 * access level needed to set a bug sticky
    	 * @global int $g_set_bug_sticky_threshold
    	 */
    	$g_set_bug_sticky_threshold			= NOBODY;
    
    	/**
    	 * The minimum access level for someone to be a member of the development team
    	 * and appear on the project information page.
    	 * @global int $g_development_team_threshold
    	 */
    	$g_development_team_threshold = DEVELOPER;
    
    	/**
    	 * this array sets the access thresholds needed to enter each status listed.
    	 * if a status is not listed, it falls back to $g_update_bug_status_threshold
    	 * example: $g_set_status_threshold = array( ACKNOWLEDGED => MANAGER, CONFIRMED => DEVELOPER, CLOSED => MANAGER );
    	 * @global array $g_set_status_threshold
    	 */
    	$g_set_status_threshold = array();
    
    	/**
    	 * Allow a bug to have no category
    	 * @global int $g_allow_no_category
    	 */
    	$g_allow_no_category = ON;
    
    	/**
    	 * login method
    	 * CRYPT or PLAIN or MD5 or LDAP or BASIC_AUTH
    	 * You can simply change this at will. MantisBT will try to figure out how the passwords were encrypted.
    	 * @global int $g_login_method
    	 */
    	$g_login_method				= MD5;
    
    	/**
    	 * limit reporters
    	 * Set to ON if you wish to limit reporters to only viewing bugs that they report.
    	 * @global int $g_limit_reporters
    	 */
    	$g_limit_reporters			= OFF;
    
    	/**
    	 * close immediately
    	 * Allow developers and above to close bugs immediately when resolving bugs
    	 * @global int $g_allow_close_immediately
    	 */
    	$g_allow_close_immediately	= OFF;
    
    	/**
    	 * reporter can close
    	 * Allow reporters to close the bugs they reported, after they're marked resolved.
    	 * @global int $g_allow_reporter_close
    	 */
    	$g_allow_reporter_close		= OFF;
    
    	/**
    	 * reporter can reopen
    	 * Allow reporters to reopen the bugs they reported, after they're marked resolved.
    	 * @global int $g_allow_reporter_reopen
    	 */
    	$g_allow_reporter_reopen	= ON;
    
    	/**
    	 * reporter can upload
    	 * Allow reporters to upload attachments to bugs they reported.
    	 * @global int $g_allow_reporter_upload
    	 */
    	$g_allow_reporter_upload	= ON;
    
    	/**
    	 * account delete
    	 * Allow users to delete their own accounts
    	 * @global int $g_allow_account_delete
    	 */
    	$g_allow_account_delete		= OFF;
    
    	/**
    	 * Enable anonymous access to Mantis. You must also specify
    	 * $g_anonymous_account as the account which anonymous users will browse
    	 * Mantis with. The default setting is OFF.
    	 * @global int $g_allow_anonymous_login
    	 */
    	$g_allow_anonymous_login	= OFF;
    
    	/**
    	 * Define the account which anonymous users will assume when using Mantis.
    	 * You only need to define this setting when $g_allow_anonymous_login is
    	 * set to ON. This account will always be treated as a protected account
    	 * and thus anonymous users will not be able to update the preferences or
    	 * settings of this account. It is suggested that the access level of this
    	 * account have read only access to your Mantis installation (VIEWER).
    	 * Please read the documentation on this topic before setting up anonymous
    	 * access to your Mantis installation.
    	 * @global string $g_anonymous_account
    	 */
    	$g_anonymous_account		= '';
    
    	/**
    	 * Bug Linking
    	 * if a number follows this tag it will create a link to a bug.
    	 * eg. for # a link would be #45
    	 * eg. for bug: a link would be bug:98
    	 * @global string $g_bug_link_tag
    	 */
    	$g_bug_link_tag			= '#';
    
    	/**
    	 * Bugnote Linking
    	 * if a number follows this tag it will create a link to a bugnote.
    	 * eg. for ~ a link would be ~45
    	 * eg. for bugnote: a link would be bugnote:98
    	 * @global string $g_bugnote_link_tag
    	 */
    	$g_bugnote_link_tag			= '~';
    
    	/**
    	 * Bug Count Linking
    	 * this is the prefix to use when creating links to bug views from bug counts (eg. on the main
    	 * page and the summary page).
    	 * Default is a temporary filter
    	 * only change the filter this time - 'view_all_set.php?type=1&amp;temporary=y'
    	 * permanently change the filter - 'view_all_set.php?type=1';
    	 * @global string $g_bug_count_hyperlink_prefix
    	 */
    	$g_bug_count_hyperlink_prefix = 'view_all_set.php?type=1&amp;temporary=y';
    
    	/**
    	 * The regular expression to use when validating new user login names
    	 * The default regular expression allows a-z, A-Z, 0-9, +, -, dot, space and
    	 * underscore.  If you change this, you may want to update the
    	 * ERROR_USER_NAME_INVALID string in the language files to explain
    	 * the rules you are using on your site
    	 * See http://en.wikipedia.org/wiki/Regular_Expression for more details about regular expressions.
    	 * For testing regular expressions, use http://rubular.com/.
    	 * @global string $g_user_login_valid_regex
    	 */
    	$g_user_login_valid_regex = '/^([a-z\d\-.+_ ]+(@[a-z\d\-.]+\.[a-z]{2,4})?)$/i';
    
    	/**
    	 * Default user name prefix used to filter the list of users in
    	 * manage_user_page.php.  Change this to 'A' (or any other
    	 * letter) if you have a lot of users in the system and loading
    	 * the manage users page takes a long time.
    	 * @global string $g_default_manage_user_prefix
    	 */
    	$g_default_manage_user_prefix = 'ALL';
    
    	/**
    	 * Default tag prefix used to filter the list of tags in
    	 * manage_tags_page.php.  Change this to 'A' (or any other
    	 * letter) if you have a lot of tags in the system and loading
    	 * the manage tags page takes a long time.
    	 * @global string $g_default_manage_tag_prefix
    	 */
    	$g_default_manage_tag_prefix = 'ALL';
    
    	/**
    	 * CSV Export
    	 * Set the csv separator
    	 * @global string $g_csv_separator
    	 */
    	$g_csv_separator = ',';
    
    	/**
    	 * threshold for users to view the system configurations
    	 * @global int $g_view_configuration_threshold
    	 */
    	$g_view_configuration_threshold = ADMINISTRATOR;
    
    	/**
    	 * threshold for users to set the system configurations generically via MantisBT web interface.
    	 * WARNING: Users who have access to set configuration via the interface MUST be trusted.  This is due
    	 * to the fact that such users can set configurations to PHP code and hence there can be a security
    	 * risk if such users are not trusted.
    	 * @global int $g_set_configuration_threshold
    	 */
    	$g_set_configuration_threshold = ADMINISTRATOR;
    
    	/************************************
    	 * MantisBT Look and Feel Variables *
    	 ************************************/
    
    	/**
    	 * status color codes, using the Tango color palette
    	 * @global array $g_status_colors
    	 */
    	$g_status_colors		= array( 'new'			=> '#ffa0a0', // red    (scarlet red #ef2929)
    									 'noresolved'	=> '#ef2929', 
    									 'feedback'		=> '#ffffcc', // purple (plum        #75507b)
    									 'acknowledged'	=> '#ffd850', // orange (orango      #f57900)
    									 'confirmed'	=> '#ffffb0', // yellow (butter      #fce94f)
    									 'assigned'		=> '#c8c8ff', // blue   (sky blue    #729fcf)
    									 'hold'			=> '#729fcf', // blue   (sky blue    #729fcf)
    									 'resolved'		=> '#cceedd', // green  (chameleon   #8ae234)
    									 'closed'		=> '#e8e8e8'); // grey  (aluminum    #babdb6)
    
    	/**
    	 * The padding level when displaying project ids
    	 *  The bug id will be padded with 0's up to the size given
    	 * @global int $g_display_project_padding
    	 */
    	$g_display_project_padding	= 2;
    
    	/**
    	 * The padding level when displaying bug ids
    	 *  The bug id will be padded with 0's up to the size given
    	 * @global int $g_display_bug_padding
    	 */
    	$g_display_bug_padding		= 5;
    
    	/**
    	 * The padding level when displaying bugnote ids
    	 *  The bugnote id will be padded with 0's up to the size given
    	 * @global int $g_display_bugnote_padding
    	 */
    	$g_display_bugnote_padding	= 5;
    
    	/*****************************
    	 * MantisBT Cookie Variables *
    	 *****************************/
    
    	/**
    	 * --- cookie prefix ---------------
    	 * set this to a unique identifier.  No spaces.
    	 * @global string $g_cookie_prefix
    	 */
    	$g_cookie_prefix		= '<cookie_prefix>';
    
    	/*****************************
    	 * MantisBT Filter Variables *
    	 *****************************/
    
    	/**
    	 * The threshold required for users to be able to create permalinks.  To turn of this feature use NOBODY.
    	 * @global int $g_create_permalink_threshold
    	 */
    	$g_create_permalink_threshold = NOBODY;
    
    	/*************************************
    	 * MantisBT Database Table Variables *
    	 *************************************/
    
    	/*************************
    	 * MantisBT Enum Strings *
    	 *************************/
    
    	/**
    	 * status from $g_status_index-1 to 79 are used for the onboard customization (if enabled)
    	 * directly use MantisBT to edit them.
    	 * @global string $g_access_levels_enum_string
    	 */
    	$g_access_levels_enum_string		= '10:viewer,25:reporter,40:updater,45:developercustomer,46:updatercustomer,55:developer,65:pmcustomer,70:manager,90:administrator';
    
    	/**
    	 *
    	 * @global string $g_project_status_enum_string
    	 */
    	$g_project_status_enum_string		= '10:development,30:release,50:stable,70:obsolete';
    
    	/**
    	 *
    	 * @global string $g_project_view_state_enum_string
    	 */
    	$g_project_view_state_enum_string	= '10:public,50:private';
    
    	/**
    	 *
    	 * @global string $g_view_state_enum_string
    	 */
    	$g_view_state_enum_string			= '10:public,50:private';
    
    	/**
    	 *
    	 * @global string $g_priority_enum_string
    	 */
    	$g_priority_enum_string				= '10:none,20:low,30:normal,40:high,50:urgent';
    
    	/**
    	 *
    	 * @global string $g_severity_enum_string
    	 */
    	$g_severity_enum_string				= '20:AKTIE,30:PRD';
    
    	/**
    	 *
    	 * @global string $g_reproducibility_enum_string
    	 */
    	$g_reproducibility_enum_string		= '1:empty,3:planning,5:draft fo,10:draft to,15:plan,20:develop,30:draft procedure,50:draft flows,70:draft workinstructions,80:install,90:test,100:training';
    
    	/**
    	 *
    	 * @global string $g_status_enum_string
    	 */
    	$g_status_enum_string				= '10:new,15:noresolved,30:acknowledged,40:confirmed,50:assigned,60:hold,80:resolved,90:closed';
    
    	/**
    	 * @@@ for documentation, the values in this list are also used to define variables in the language files
    	 *  (e.g., $s_new_bug_title referenced in bug_change_status_page.php )
    	 * Embedded spaces are converted to underscores (e.g., "working on" references $s_working_on_bug_title).
    	 * they are also expected to be english names for the states
    	 * @global string $g_resolution_enum_string
    	 */
    	$g_resolution_enum_string			= '10:open,20:fixed,30:reopened,60:duplicate,90:wont fix';
    
    	/**
    	 *
    	 * @global string $g_projection_enum_string
    	 */
    	$g_projection_enum_string			= '10:none,30:tweak,50:minor fix,70:major rework,90:redesign';
    
    	/**
    	 *
    	 * @global string $g_eta_enum_string
    	 */
    	$g_eta_enum_string					= '10:none,20:< 1 day,30:2-3 days,40:< 1 week,50:< 1 month,60:> 1 month';
    
    	/**
    	 *
    	 * @global string $g_sponsorship_enum_string
    	 */
    	$g_sponsorship_enum_string          = '0:Unpaid,1:Requested,2:Paid';
    
    	/**
    	 *
    	 * @global string $g_custom_field_type_enum_string
    	 */
    	$g_custom_field_type_enum_string    = '0:string,1:numeric,2:float,3:enum,4:email,5:checkbox,6:list,7:multiselection list,8:date,9:radio';
    
    	/*********************************
    	 * MantisBT Javascript Variables *
    	 *********************************/
    
    	/*******************************
    	 * MantisBT Speed Optimisation *
    	 *******************************/
    
    	/**
    	 * Use compression of generated html if browser supports it
    	 * If you already have compression enabled in your php.ini file
    	 *  (either with zlib.output_compression or
    	 *  output_handler=ob_gzhandler) this option will be ignored.
    	 *
    	 * If you do not have zlib enabled in your PHP installation
    	 *  this option will also be ignored.  PHP 4.3.0 and later have
    	 *  zlib included by default.  Windows users should uncomment
    	 *  the appropriate line in their php.ini files to load
    	 *  the zlib DLL.  You can check what extensions are loaded
    	 *  by running "php -m" at the command line (look for 'zlib')
    	 * @global int $g_compress_html
    	 */
    	$g_compress_html		= ON;
    
    	/**
    	 * Use persistent database connections
    	 * @global int $g_use_persistent_connections
    	 */
    	$g_use_persistent_connections	= OFF;
    
    	/*****************
    	 * Include files *
    	 *****************/
    
    	/**
    	 * Specify your top/bottom include file (logos, banners, etc)
    	 * @global string $g_bottom_include_page
    	 */
    	$g_bottom_include_page			= '%absolute_path%';
    
    	/**
    	 * Specify your top/bottom include file (logos, banners, etc)
    	 * if a top file is supplied, the default MantisBT logo at the top will be hidden
    	 * @global string $g_top_include_page
    	 */
    	$g_top_include_page				= '%absolute_path%';
    
    	/**
    	 * CSS file
    	 * @global string $g_css_include_file
    	 */
    	$g_css_include_file				= 'css/default.css';
    
    	/**
    	 * RTL CSS file
    	 * @global string $g_css_rtl_include_file
    	 */
    	$g_css_rtl_include_file				= 'css/rtl.css';
    
    
    	/**
    	 * meta tags
    	 * @global string $g_meta_include_file
    	 */
    	$g_meta_include_file			= '%absolute_path%meta_inc.php';
    
    	/****************
    	 * Redirections *
    	 ****************/
    
    	/**
    	 * Default page after Login or Set Project
    	 * @global string $g_default_home_page
    	 */
    	$g_default_home_page = 'view_all_bug_page.php';
    
    	/***********
    	 * Headers *
    	 ***********/
    
    	/**
    	 * Browser Caching Control
    	 * By default, we try to prevent the browser from caching anything. These two settings
    	 * will defeat this for some cases.
    	 *
    	 * Browser Page caching - This will allow the browser to cache all pages. The upside will
    	 *  be better performance, but there may be cases where obsolete information is displayed.
    	 *  Note that this will be bypassed (and caching is allowed) for the bug report pages.
    	 *
    	 * @global int $g_allow_browser_cache
    	 */
    	// $g_allow_browser_cache = ON;
    	/**
    	 * File caching - This will allow the browser to cache downloaded files. Without this set,
    	 * there may be issues with IE receiving files, and launching support programs.
    	 * @global int $g_allow_file_cache
    	 */
    	 // $g_allow_file_cache = ON;
    
    	/*****************
    	 * Custom Fields *
    	 *****************/
    
    	/****************
    	 * Custom Menus *
    	 ****************/
    
    	/********************
    	 * My View Settings *
    	 ********************/
    
    	/**
    	 * Number of bugs shown in each box
    	 * @global int $g_my_view_bug_count
    	 */
    	$g_my_view_bug_count = 10;
    
    	/**
    	 * Boxes to be shown and their order
    	 * A box that is not to be shown can have its value set to 0
    	 * @global array $g_my_view_boxes
    	 */
    	$g_my_view_boxes = array (
    		'assigned'      => '1',
    		'unassigned'    => '7',
    		'reported'      => '3',
    		'resolved'      => '5',
    		'recent_mod'	=> '2',
    		'monitored'		=> '4',
    		'feedback'		=> '0',
    		'verify'		=> '8',
    		'my_comments'	=> '6'
    	);
    
    	/**
    	 * Toggle whether 'My View' boxes are shown in a fixed position (i.e. adjacent boxes start at the same vertical position)
    	 * @global int $g_my_view_boxes_fixed_position
    	 */
    	$g_my_view_boxes_fixed_position = ON;
    
    
    	/*************
    	 * RSS Feeds *
    	 *************/
    
    	/**
    	 * This flag enables or disables RSS syndication.  In the case where RSS syndication is not used,
    	 * it is recommended to set it to OFF.
    	 * @global int $g_rss_enabled
    	 */
    	$g_rss_enabled = OFF;
    
    
    	/**
    	 * This seed is used as part of the inputs for calculating the authentication key for the RSS feeds.
    	 * If this seed changes, all the existing keys for the RSS feeds will become invalid.  This is
    	 * defaulted to the database user name, but it is recommended to overwrite it with a specific value
    	 * on installation.
    	 * @global string $g_rss_key_seed
    	 */
    	$g_rss_key_seed = '%db_username%';
    
    	/*********************
    	 * Bug Relationships *
    	 *********************/
    
    	/**
    	 * Enable relationship graphs support.
    	 * Show issue relationships using graphs.
    	 *
    	 * In order to use this feature, you must first install either GraphViz
    	 * (all OSs except Windows) or WinGraphviz (only Windows).
    	 *
    	 * Graphviz homepage:    http://www.research.att.com/sw/tools/graphviz/
    	 * WinGraphviz homepage: http://home.so-net.net.tw/oodtsen/wingraphviz/
    	 *
    	 * Refer to the notes near the top of core/graphviz_api.php and
    	 * core/relationship_graph_api.php for more information.
    	 * @global int $g_relationship_graph_enable
    	 */
    	$g_relationship_graph_enable		= ON;
    
    	/**
    	 * Font name and size, as required by Graphviz. If Graphviz fails to run
    	 * for you, you are probably using a font name that gd can't find. On
    	 * Linux, try the name of the font file without the extension.
    	 * @global string $g_relationship_graph_fontname
    	 */
    	$g_relationship_graph_fontname		= 'Arial';
    
    	/**
    	 *
    	 * @global int $g_relationship_graph_fontsize
    	 */
    	$g_relationship_graph_fontsize		= 8;
    
    	/**
    	 * Default dependency orientation. If you have issues with lots of childs
    	 * or parents, leave as 'horizontal', otherwise, if you have lots of
    	 * "chained" issue dependencies, change to 'vertical'.
    	 * @global string $g_relationship_graph_orientation
    	 */
    	$g_relationship_graph_orientation	= 'horizontal';
    
    	/**
    	 * Max depth for relation graphs. This only affects relation graphs,
    	 * dependency graphs are drawn to the full depth. A value of 3 is already
    	 * enough to show issues really unrelated to the one you are currently
    	 * viewing.
    	 * @global int $g_relationship_graph_max_depth
    	 */
    	$g_relationship_graph_max_depth		= 3;
    
    	/**
    	 * If set to ON, clicking on an issue on the relationship graph will open
    	 * the bug view page for that issue, otherwise, will navigate to the
    	 * relationship graph for that issue.
    	 *
    	 * @global int $g_relationship_graph_view_on_click
    	 */
    	$g_relationship_graph_view_on_click	= ON;
    
    	/**
    	 * Complete path to dot and neato tools. Your webserver must have execute
    	 * permission to these programs in order to generate relationship graphs.
    	 * NOTE: These are meaningless under Windows! Just ignore them!
    	 * @global string $g_dot_tool
    	 */
    	$g_dot_tool							= '/usr/bin/dot';
    	/**
    	 * Complete path to dot and neato tools. Your webserver must have execute
    	 * permission to these programs in order to generate relationship graphs.
    	 * NOTE: These are meaningless under Windows! Just ignore them!
    	 * @global string $g_neato_tool
    	 */
    	$g_neato_tool						= '/usr/bin/neato';
    
    	/**
    	 * Number of years in the past that custom date fields will display in
    	 * drop down boxes.
    	 * @global int $g_backward_year_count
    	 */
    	$g_backward_year_count 				= 4;
    
    	/**
    	 * Number of years in the future that custom date fields will display in
    	 * drop down boxes.
    	 * @global int $g_forward_year_count
    	 */
    	$g_forward_year_count 				= 4;
    
    	/**
    	 * Custom Group Actions
    	 *
    	 * This extensibility model allows developing new group custom actions.  This
    	 * can be implemented with a totally custom form and action pages or with a
    	 * pre-implemented form and action page and call-outs to some functions.  These
    	 * functions are to be implemented in a predefined file whose name is based on
    	 * the action name.  For example, for an action to add a note, the action would
    	 * be EXT_ADD_NOTE and the file implementing it would be bug_actiongroup_add_note_inc.php.
    	 * See implementation of this file for details.
    	 *
    	 * Sample:
    	 *
    	 * array(
    	 *	array(	'action' => 'my_custom_action',
    	 *			'label' => 'my_label',   // string to be passed to lang_get_defaulted()
    	 *			'form_page' => 'my_custom_action_page.php',
    	 *			'action_page' => 'my_custom_action.php'
    	 *  )
    	 *	array(	'action' => 'my_custom_action2',
    	 *			'form_page' => 'my_custom_action2_page.php',
    	 *			'action_page' => 'my_custom_action2.php'
    	 *  )
    	 *	array(	'action' => 'EXT_ADD_NOTE',  // you need to implement bug_actiongroup_<action_without_'EXT_')_inc.php
    	 *		'label' => 'actiongroup_menu_add_note' // see strings_english.txt for this label
    	 *   )
    	 * );
    	 * @global array $g_custom_group_actions
    	 */
    	$g_custom_group_actions = array();
    
    	/********************
    	 * Wiki Integration *
    	 ********************/
    
    	/********************
    	 * Recently Visited *
    	 ********************/
    
    	/**
    	 * Whether to show the most recently visited issues or not.  At the moment we always track them even if this flag is off.
    	 * @global int $g_recently_visited
    	 */
    	$g_recently_visited = ON;
    
    	/**
    	 * The maximum number of issues to keep in the recently visited list.
    	 * @global int $g_recently_visited_count
    	 */
    	$g_recently_visited_count = 5;
    
    	/***************
    	 * Bug Tagging *
    	 ***************/
    
    	/**
    	 * String that will separate tags as entered for input
    	 * @global int $g_tag_separator
    	 */
    	$g_tag_separator = ',';
    
    	/**
    	 * Access level required to view tags attached to a bug
    	 * @global int $g_tag_view_threshold
    	 */
    	$g_tag_view_threshold = VIEWER;
    
    	/**
    	 * Access level required to attach tags to a bug
    	 * @global int $g_tag_attach_threshold
    	 */
    	$g_tag_attach_threshold = REPORTER;
    
    	/**
    	 * Access level required to detach tags from a bug
    	 * @global int $g_tag_detach_threshold
    	 */
    	$g_tag_detach_threshold = DEVELOPER;
    
    	/**
    	 * Access level required to detach tags attached by the same user
    	 * @global int $g_tag_detach_own_threshold
    	 */
    	$g_tag_detach_own_threshold = REPORTER;
    
    	/**
    	 * Access level required to create new tags
    	 * @global int $g_tag_create_threshold
    	 */
    	$g_tag_create_threshold = REPORTER;
    
    	/**
    	 * Access level required to edit tag names and descriptions
    	 * @global int $g_tag_edit_threshold
    	 */
    	$g_tag_edit_threshold = DEVELOPER;
    
    	/**
    	 * Access level required to edit descriptions by the creating user
    	 * @global int $g_tag_edit_own_threshold
    	 */
    	$g_tag_edit_own_threshold = REPORTER;
    
    	/*****************
    	 * Time tracking *
    	 *****************/
    
    	/****************************
    	 * Profile Related Settings *
    	 ****************************/
    
    	/**
    	 * Enable Profiles
    	 * @global int $g_enable_profiles
    	 */
    	$g_enable_profiles = OFF;
    
    	/********************
    	 * Twitter Settings *
    	 ********************/
    
    	/*****************
    	 * Plugin System *
    	 *****************/
    
    	/************
    	 * Due Date *
    	 ************/
    
    	 /**
    	 * threshold to update due date submitted
    	 * @global int $g_due_date_update_threshold
    	 */
    	$g_due_date_update_threshold = NOBODY;
    
    	/**
    	 * threshold to see due date
    	 * @global int $g_due_date_view_threshold
    	 */
    	$g_due_date_view_threshold = NOBODY;
    
    	/*****************
    
    	* Sub-projects
    	 *****************
    	/**
    	 * show extra dropdown for subprojects
    	 * Shows only top projects in the project dropdown and adds an extra dropdown for subprojects.
    	 * @global int $g_show_extended_project_browser
    	 */
    	$g_show_extended_project_browser = ON;
    
    	/**********************************
    	 * Debugging / Developer Settings *
    	 **********************************/
    
    	/**
    	 * Used for debugging e-mail feature, when set to OFF the emails work as normal.
    	 * when set to e-mail address, all e-mails are sent to this address with the
    	 * original To, Cc, Bcc included in the message body.
    	 * @global int $g_debug_email
    	 */
    	$g_debug_email			= OFF;
    
    	/**
    	 * --- system logging ---
    	 * This controls the logging of information to a separate file for debug or audit
    	 * $g_log_level controls what information is logged
    	 *  see constant_inc.php for details on the log channels available
    	 *  e.g., $g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT | LOG_FILTERING | LOG_AJAX;
    	 *
    	 * $g_log_destination specifies the file where the data goes
    	 *   right now, only "file:<file path>" is supported
    	 *   e.g. (Linux), $g_log_destination = 'file:/tmp/mantisbt.log';
    	 *   e.g. (Windows), $g_log_destination = 'file:c:/temp/mantisbt.log';
    	 *   see http://www.php.net/error_log for details
    	 * @global int $g_log_level
    	 */
    	$g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT;
    
    	/**
    	 *
    	 * @global string $g_log_destination
    	 */
    	$g_log_destination = 'file:<log_destination>';
    	
    	/**************************
    	 * Configuration Settings *
    	 **************************/
    
    
    ? file icon config_inc.php (76,022 bytes) 2013-02-05 16:27 + 

- Relationships
related to 0015721closedgrangeway Functionality to consider porting to master-2.0.x 
+ Relationships

-  Notes
User avatar

~0035004

dregad (developer)

Could you post your current config to facilitate issue reproduction ?
User avatar

~0035043

TomR (reporter)

Posted my config_inc.php

However Workflow is done on a per project base ( and this installations has about 150 projects ).

But be sure that even when status 'closed' is not a valid status ( by workflow for the project ), the close button is shown.
User avatar

~0035044

TomR (reporter)

If needed I can supply you with account on development enviroment.
User avatar

~0035046

dregad (developer)

Hi Tom,

> However Workflow is done on a per project base ( and this installations has about 150 projects ).

In that case, a screenshot of your workflow settings (or the definition of the corresponding records in mantis_config_table) for a sample project would be useful.
User avatar

~0035048

dregad (developer)

Nevermind my request for sample config - I had a look and see what you mean now. I think we're just missing a call to bug_check_workflow.
User avatar

~0035049

TomR (reporter)

Thanks dregad, for now wil update my installation with your patch.
User avatar

~0035050

dregad (developer)

Let me know if that works as expected (or not)
User avatar

~0035051

TomR (reporter)

Dregad, works as expected. ( Patch seems logical to me, I should have been able to tacle this one myself :-)

Thanks for your speedy reply.
User avatar

~0036100

grangeway (reporter)

Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch
User avatar

~0036537

dregad (developer)

CVE assigned on 06-Apr-2013 [1]

[1] http://article.gmane.org/gmane.comp.security.oss.general/9878 [^]
+  Notes

+ Related Changesets

- Issue History
Date Modified Username Field Change
2013-01-31 16:28 TomR New Issue
2013-02-01 03:18 dregad Note Added: 0035004
2013-02-01 03:18 dregad Status new => feedback
2013-02-05 16:26 TomR Note Added: 0035043
2013-02-05 16:26 TomR Status feedback => new
2013-02-05 16:27 TomR File Added: config_inc.php
2013-02-05 16:31 TomR Note Added: 0035044
2013-02-06 02:44 dregad Note Added: 0035046
2013-02-06 02:44 dregad Assigned To => dregad
2013-02-06 02:44 dregad Status new => feedback
2013-02-06 03:27 dregad Note Added: 0035048
2013-02-06 03:27 dregad Status feedback => confirmed
2013-02-06 03:41 dregad Changeset attached => MantisBT master 562db4f4
2013-02-06 03:41 dregad Status confirmed => resolved
2013-02-06 03:41 dregad Resolution open => fixed
2013-02-06 03:41 dregad Fixed in Version => 1.3.x
2013-02-06 03:41 dregad Changeset attached => MantisBT master-1.2.x d85e69fe
2013-02-06 03:46 dregad Fixed in Version 1.3.x => 1.2.15
2013-02-06 03:46 dregad Target Version => 1.2.15
2013-02-06 04:09 TomR Note Added: 0035049
2013-02-06 04:38 dregad Note Added: 0035050
2013-02-06 05:34 TomR Note Added: 0035051
2013-04-05 17:56 grangeway Status resolved => acknowledged
2013-04-05 17:56 grangeway Note Added: 0036100
2013-04-05 19:34 grangeway Relationship added related to 0015721
2013-04-06 03:37 dregad Status acknowledged => resolved
2013-04-06 03:37 dregad Fixed in Version 1.2.15 =>
2013-04-06 03:38 dregad Fixed in Version => 1.2.15
2013-04-06 07:21 grangeway Status resolved => acknowledged
2013-04-06 09:26 dregad Tag Attached: 2.0.x check
2013-04-06 09:26 dregad Status acknowledged => resolved
2013-04-08 05:43 dregad Note Added: 0036537
2013-04-08 05:43 dregad Summary Close button is shown on webpage despite 'close' is not a valid status by workflow => CVE-2013-1930: Close button is shown on webpage despite 'close' is not a valid status by workflow
2013-04-12 09:56 dregad Status resolved => closed
2014-09-23 18:05 grangeway Tag Detached: 2.0.x check
+ Issue History