a-v-k / phpbugtracker Goto Github PK

I need to set some text in Description when Add new bug is pressed. Where i can find it?

show warning if ATTACHMENT_MAX_SIZE not numeric

PHP Fatal error: Uncaught ErrorException: The each() function is deprecated. This message will be suppressed on further calls in /usr/share/phpbugtracker/inc/functions.php:383\nStack trace:\n#0 [internal function]: exception_error_handler(8192, 'The each() func...', '/usr/share/phpb...', 383, Array)\n#1 /usr/share/phpbugtracker/inc/functions.php(383): each(Array)\n#2 /usr/share/phpbugtracker/admin/project.php(449): sorting_headers('/bugtracker/adm...', Array, 'default', 'asc')\n#3 /usr/share/phpbugtracker/admin/project.php(484): list_projects()\n#4 {main}\n thrown in /usr/share/phpbugtracker/inc/functions.php on line 383, referer: http://localhost/bugtracker/index.php

I just downloaded and installed phpBT. I had to delete and recreate my DB and user a few times before I got the correct config.php. I added a few of my programmers and QA team. Now, when I go to add a new bug at my site, it does not have any submit button as in the documentation. I have tried Firefox and Chrome.

In a development environment with ubuntu 13.10 & php 5.5.3, DB already created I´m getting this error installing version 1.5.1.1. PDO (v5.5.3.2) module is enabled in php

DB Test Failure
The installation script could not connect to the database phpbt_1511 on the host localhost using the specified username and password.

Please check these details are correct and that the database already exists then retry.

PDOException:2005 SQLSTATE[HY000] [2005] Unknown MySQL server host 'localhost:3306' (2)

When the tracker pulls the data from the DB the bug view strips away the backslashes, I was wondering if there was a way to allow them?

In XAMPP 1.8.3 -[PHP: 5.5.6 MYSQL:5.6.14]
Config :
define ('DB_TYPE', 'mysqli'); // using PEAR::DB naming (mysql, pgsql, etc.)
define ('DB_HOST', '127.0.0.1'); // hostname of database server
define ('DB_PORT', '3306'); // hostname of database server
define ('DB_DATABASE', 'reni_labs_bug_phbtrack'); // database name
define ('DB_USER', 'root'); // username for database connection
define ('DB_PASSWORD', ''); // password for database connection

Error is :
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42S02]: Base table or view not found: 1146 Table 'reni_labs_bug_phbtrack.pbh_configuration' doesn't exist' in D:\xampp\htdocs\projects\labs\cms\bug\php_bug_tracker\inc\pdo_adapter.php:45 Stack trace: #0 D:\xampp\htdocs\projects\labs\cms\bug\php_bug_tracker\inc\pdo_adapter.php(45): PDOStatement->execute(Array) #1 D:\xampp\htdocs\projects\labs\cms\bug\php_bug_tracker\include.php(159): PdoAdapter->query('select varname,...') #2 D:\xampp\htdocs\projects\labs\cms\bug\php_bug_tracker\index.php(25): include('D:\xampp\htdocs...') #3 {main} thrown in D:\xampp\htdocs\projects\labs\cms\bug\php_bug_tracker\inc\pdo_adapter.php on line 45

Dear development team.

I found multiple SQL injection-, reflecting/stored XSS- and CSRF-vulnerabilities in your product phpBugTracker v.1.6.0.

Please provide me an email-address where I can send the technical details to. Otherwise, if you don't mind, I can post them directly on Github.

I have released a security advisory without technical details here: http://sroesemann.blogspot.de/2015/02/sroeadv-2015-16.html.

If you don't respond until 19th February 2015 (UTC+1), I will as well release the technical details of these issues and send the vulnerabilities to the security mailing list FullDisclosure, to warn people.

Thank you for your attention.

Greetings from Germany.

Steffen Rösemann

I've noted this fork at https://sourceforge.net/projects/phpbt/ ... it's all yours now.

After upgrading from v1.7.0 to 1.7.1 or 1.7.2, clicking on the Add Bug url shows "Invalid parameter value for: project".

Going back to 1.7.0 and it works again.

Any demo for this? :)