BugTracker.NET Release Notes For instructions on how to upgrade, see: http://ifdefined.com/readme.html#upgrading BugTracker.NET requires .NET 4.0. IMPORTANT: If you are using the subversion integration feature and upgrading a pre-3.3.0 version, it's important that you read the notes for version 3.3.0 below. ----------------------------------------------------------------------- Version 3.6.8 2019/12/27 (svn revision 725) ----------------------------------------------------------------------- Fixed "folder not found" errors, especially when running install_btnet.cmd ----------------------------------------------------------------------- Version 3.6.7 2019/12/21 (svn revision 721) ----------------------------------------------------------------------- It only took me about eight years but I think I fixed the bug related to the error "request not available in this context". The bug occured when running in IIS integrated mode, aka, "DefaultAppPool". One of the symptoms would be that full text search wasn't working. Sorry it took so long. If your BugTracker.NET installation is working fine, you don't need this release but for new installs, this should be easier. I also updated comments in Web.config to make it easier to get started. As part of my work on this release I went through the excercise of doing a clean install of Windows 10 Pro, SQL Server, SQL Server Management Console, IIS, ASP.NET 4.7, and for my coding, the Community Edition of Visual Studio. I then followed my own BugTracker.NET setup instructions. The only glitch was the "request not available in this context", hence my motivation to fix it. ----------------------------------------------------------------------- Version 3.6.6 2019/01/02 (svn revision 716, 717) ----------------------------------------------------------------------- * Possibly fixed undefined "foo" error in add_attachment.aspx. Sometimes people ask me whether I'm still maintaining BugTracker.NET. The answer is yes. I still do try to fix bugs. But I'm not planning on any new features. I first released BugTracker.NET in November 2002 and it's still being used. Not a bad run for a piece of software, right? If you are in the mood, consider visiting my donation page: https://ifdefined.com/donate_to_bugtracker.html ----------------------------------------------------------------------- Version 3.6.5 2017/10/05 (svn revision 714) ----------------------------------------------------------------------- * Fixed bug where custom fields of type "user" would loose their value if the update didn't work because of a validation error. * Fixed bug where custom field of type "datetime" didn't display with correct format in view only. * Fixed bug where app crashed if somebody update the bug's project when view only fields were being displayed. * Custom fields of type datetime now display correctly in view only mode. * Deleted stuff that doesn't work anymore: Firefox addon, tropo (phone) thing. ----------------------------------------------------------------------- Version 3.6.4 2014/07/02 (svn revision 709) ----------------------------------------------------------------------- ********* IMPORTANT ************* * Fixed security vulnerability that allows unauthenticated users to post new bugs or add comments to existing bugs. You can either upgrade to this release or just delete the file "tropo_recording.aspx". Thanks to Tamas Szakaly for identifying this vulnerability. ----------------------------------------------------------------------- Version 3.6.3 2014/04/03 (svn revision 708) ----------------------------------------------------------------------- * Fixed bug with extracting plain text bodies from emails that aren't multipart. Thanks Mike T for sending me the email sample. * Fixed bug where customer user dropdowns weren't getting reloaded. Thanks to Raphael for the fix. * Fixed bug where custom date field was recorded as being changed in the history, even though it wasn't changed. Thanks to Brettski for the fix. ----------------------------------------------------------------------- Version 3.6.2 2013/03/10 (svn revision 704) ----------------------------------------------------------------------- * Bypassing logic to handle SSL certificates when SSL is not being used for email. This fixes a Medium Trust issue at some hosting providers. * No longer setting max-width in css for popop previews that show up when you hover in a bug list (which didn't work in IE, Firefox anyway...). * Fixed bug that caused edit_bug.aspx to sometimes complain of null when saving. * Fixed return() bug in print_bug.aspx. ----------------------------------------------------------------------- Version 3.6.1 2013/01/27 (svn revision 697) ----------------------------------------------------------------------- * Fixed bug where the email body wasn't always being found in the incoming emails, discussed here: https://sourceforge.net/p/btnet/discussion/226938/thread/de976966/ Thanks to Raphael Saccavini for help fixing this. * Fixed bug with view-only custom fields disappering in view discussed here: https://sourceforge.net/p/btnet/discussion/226938/thread/a109051b/ * Fixed bug "Validation causes wrong change history for custom fields" https://sourceforge.net/p/btnet/bugs/781/ * Re-arranged the code in edit_bug.aspx A LOT. It's a lot easier to read and work with now. Hopefully, I didn't break anything... If you encounter a bug with it, contact me at ctrager@yahoo.com and I'll try to fix it ASAP. ----------------------------------------------------------------------- Version 3.6.0 2013/01/22 (svn revision 689) ----------------------------------------------------------------------- * Fixed null bug in util.cs introduced in 3.5.9 * Added some mobile pages. Before you enable them via Web.config, note that the mobile pages *DO NOT* obey org permissions at all, nor do they obey project permissions properly. If you rely on the permission scheme, do not enable the mobile pages. They are also very limited in what they show and what they allow you to edit - description, project, status, assigned to, and comment. Having said all that, if you want to try them out, add the following to Web.config and then point your browser to mlogin.aspx. ----------------------------------------------------------------------- Version 3.5.9 2012/11/13 (svn revision 667) ----------------------------------------------------------------------- ********* IMPORTANT ************* Thanks to the folks at DefenseCode (http://defensecode.com) for notifying me about some security vulnerabilities that I've tried to fix in this release. You should upgrade to this version. I actually learned a whole new type of vulnerability from them, "HTTP Response Splitting". I'm not sure that the vulnerabilities they reported to me are that scary mainly because many of them are in pages that only admins can access. Given that in BugTracker.NET, an admin can run free-form SQL, deleting data, etc, there's no need for an admin go through the back door when he can go through the front door. ----------------------------------------------------------------------- Version 3.5.8 2012/10/28 (svn revision 664) ----------------------------------------------------------------------- Thanks to Mateusz Dobrowolny for several fixes: * Updated "editarea", http://www.cdolivet.com/editarea/, which fixes bug 3535159 "Missing www/edit_area/images/close.gif" * Fixed bug 3535164 "Custom validations error messages are not cleared". * Fixed bug 3505079 "SVN integration - empty svn_diff page for binary files" because of a typo. * Fixed typo in bug.cs relaetd to org permissions for tags. Thanks to Chris Keeling. * Fixed date formatting of Excel export. * Fixed bug where list of custom fields was displaying wrong length for nvarchar and nchar. ----------------------------------------------------------------------- Version 3.5.7 2012/06/16 (svn revision 655) ----------------------------------------------------------------------- ********* IMPORTANT ************* * Fixed XSS vulnerabiliy related to custom text fields. If you use custom text fields and if you expose your BugTracker.NET to users that you don't trust, you should upgrade to this release. Thanks (again!) to Mateusz Dobrowolny and Piotr Owsiak for their help with this. * Added new setting in Web.config "SqlCommand.CommandTimeout", for inserting large attachements in the db. * Added some logging to help diagnose Web.config misconfigurations. ----------------------------------------------------------------------- Version 3.5.6 2012/02/23 (svn revision 653) ----------------------------------------------------------------------- * For now, removed the dependency on .NET 4.0 in global.asax. Although the note at the top says BugTracker.NET requires .NET 4.0, I'm not yet using any 4.0 language features. I removed the dependency because my own GoDaddy shared hosting account doesn't support 4.0. * Fixed security hole whereby BugTracker.NET user belonging to an organization marked "external" could view posts marked "Visible to internal users only". Thanks to Jaroslav Kabrt for finding this. * "export to excel" now works with non-ascii characters. * Fixed HTML encoding/decoding bugs with custom fields and when you edit SQL statements. * Sending email no longer cares if the SMTP's SSL certificate is not from a trusted authoritiy or if its domain name doesn't match the actual domain name. * Fixed bug in btnet_screen_capture.exe where it wasn't saving its the password. Thanks Karl. ----------------------------------------------------------------------- Version 3.5.5 2011/11/20 (svn revision 644) ----------------------------------------------------------------------- * Fixed bug with pop3 logic where it wasn't handling an incoming email referencing a bug that had been deleted. Plus very minor fixes: * Added date/time to screen capture utility's screenshots. Also, fixed a bug where it wasn't delaying enough when capturing full screen. * Added favicon to a couple more pages (but not everywhere) * Hiding "AUTH_PASSWORD" when errors are logged. (Who is using Basic Authentication anyway?) ----------------------------------------------------------------------- Version 3.5.4 2011/09/08 (svn revision 635) ----------------------------------------------------------------------- * Fixed bug where the pop3 thread wasn't truncating email subjects that were too long for the db. * For the Subversion integration, you can now link one commit to multiple bugs by entering the list as comma delimited: 11,22 my checkin comment You need to change your Web.config Regex patterns for this to work: Both a certain JW and Richard Housley sent me their implementations of this feature which gave me the push to add it, althought I didn't use their implementations. Thanks to them both. * Fixed bug using the Subversion-related web pages where files in the repository had been renamed. The fix loosens the security a bit I implemented in version 3.2.9, so this fix is off by default. If you want the fix, set "SvnTrustPathsInUrls" to "1" in Web.config. ----------------------------------------------------------------------- Version 3.5.3 2011/09/05 (svn revision 632) ----------------------------------------------------------------------- * IMPORTANT: Now using .NET 4.0 (and Visual C# 2010 Express) to compile the exes. If you don't want to / can't run 4.0, use the binaries from 3.5.2. For the web pages, the changes so far are just in Web.config but eventually I may start using 4.0 language features. * IMPORTANT: Added setting "ShowPotentiallyDangerousHtml" to Web.config. HTML attachments to bugs or emails could contain malicious javascript. BugTracker.NET before version 3.5.3 made it too easy to view these attachments. Now by default, BugTracker.NET does not show html attachments when you click on "show images inline" and does not display a "view" link. Thanks to Mateusz Dobrowolny for patiently convincing me of the necessity of this change. Even if you don't want to use the entire 3.5.3 release, you should apply the changes that are in App_Code/print_bug.cs. * Added "watchdog" thread to btnet_service.exe, btnet_console.exe, which, if it detects that the mail fetching thread is stalled, kills it and spawns another. This is a workaround because some of the logic in the POP3Client.cs file issues calls that block until there are bytes to be read. * Automatic replies to email addresses like this were causing problems because of the comma: Smith, John * Added setting "EmailAddressSeparatorCharacter" to Web.config. Use it if you want to change the separator from the default comma to a semicolon. ----------------------------------------------------------------------- Version 3.5.2 2011/08/01 (svn revision 624) ----------------------------------------------------------------------- * Announcement: BugTracker.NET now supports voice integration. More info here: http://ifdefined.com/doc_bug_tracker_phone.html * Fixed bug where you couldn't see more than 30 or so tasks because the frame wasn't showing scrollbars. * Fixed bug where somebody editing a rich text comment who is not using the rich text editor would wrongly see the HTML markup codes. * For .NET 4, you will need this in your Web.config system.web section: For more info, see http://www.asp.net/learn/whitepapers/aspnet4/breaking-changes#0.1__Toc256770147 * More choices in the "from" dropdown in send_email.aspx. You can send with or without your display name. If you have some feedback or ideas for this feature, post in the forum or email me, thanks. ----------------------------------------------------------------------- Version 3.5.1 2011/06/11 (svn revision 619) ----------------------------------------------------------------------- RIGHT NOW, make sure that "install.aspx" is deleted from your BugTracker.NET websites. The instructions at http://ifdefined.com/README.html#installation do tell you to delete "install.aspx". So, hopefully, you followed that instruction. It's now especially important that you follow the instruction because "install.aspx" has a SQL injection vulnerability. Thanks to Matthieu Bouthors for the discovery. This release fixes that vulnerability, but the best thing is that you deleted that file. Please review the installation instructions at http://ifdefined.com/README.html#installation ----------------------------------------------------------------------- Version 3.5.0 2011/05/06 (svn revision 618) ----------------------------------------------------------------------- * Resizable textarea customfields were either too narrow or too wide in IE (ok in Firefox and Chrome). Changed btnet_base.css. Thanks to Ed Lance for this fix. * Added work around, null check of "stuff_to_delete" in email.cs. Not sure why it's ever null, but the workaround seems ok. Thanks to both Marko Hoven and Clifton Royston for this fix. * Some problems related to HttpRuntime.Cache.Add. Thanks to Piotr Owsiak for this fix. * Fixed bug when "> is entered into custom text field. * Fixed bug where users created from LDAP weren't having their email signatures populated. * Updated Firefox Add-on for Firefox 4. ----------------------------------------------------------------------- Version 3.4.9 2011/01/25 (svn revision 611) ----------------------------------------------------------------------- First of all, if you have installed BugTracker.NET recently, can you take a look at your Web.config and make sure the email address in "ErrorEmailTo" isn't ctrager@yahoo.com? I accidently left that in the Web.config I ship and now I'm getting many error emails per day. Thanks! * Fixed bug with pop3 thread, "pop3:exception in fetch_messages: Specified cast is not valid". This is in the new worker thread approach, not btnet_service.exe. Thanks to Werner van Deventer for this fix. * Fixed bug with custom dropdown fields of type "users" when displayed with a view only permission. The integer user_id was being displayed instead of the name. * Fixed bug where edit_styles.aspx was looking for btnet_custom.css in the root folder instead of the "custom" folder. * Fixed incompatibility with ASP.NET Medium Trust when sending emails. See the "SmtpForceSsl" in Web.config. * Fixed bug when adding a subscriber to notifications with view_subscribers.aspx. The user you added was supposed to automatically get a notification right then, but the bug was preventing that from happening. * print_bug.cs now handles exceptions when trying to read in css files. I'm having a problem with this intermittently at GoDaddy - I don't know why... * edit_custom_html.aspx now allows you to edit btnet_custom.css. ----------------------------------------------------------------------- Version 3.4.8 2010/12/24 (svn revision 604) ----------------------------------------------------------------------- * Fixed bug introduced in 3.4.7, where send_email.aspx was forcing you to supply a CC address. * Fixed bug where the "forced project" feature wasn't working with bugs entered via insert_bug.aspx (email and screen capture). * Made cosmetic improvements in send_email.aspx, and I made it easier to use display names in "to" and CC addresses. * Made the yellow highlighter a little faster in the screen capture utility. ----------------------------------------------------------------------- Version 3.4.7 2010/12/19 (svn revision 600) ----------------------------------------------------------------------- * This release contains an experimental feature, the ability to fetch email from a pop3 server using a thread spawned from the ASP.NET app instead of using a standalone service. You configure the settings using Web.config, using the keys that start with "Pop3", instead of using btnet_service.exe.config. If you try this feature, please send me feedback. Even if you feedback is just, "it works". Thanks. I tried this at my demo site on a shared host at GoDaddy.com, but it doesn't work: It conflicts with Microsoft's default "Medium Trust" setting and even GoDaddy's relaxed version of it. Read more about this feature in Web.config, witht he settings whose names start with "Pop3". As part of creating this feature I heavily revised insert_bug.aspx, so that the two ways of handling incoming emails could share code. Hopefully I didn't break anything, but I wanted folks to know that there is a bit more risk with this release. Other changes: * If you have created a "btnet_css_for_email.css" file, the logic now looks for the file in the "custom" folder. This is to work around a Medium Trust issue at GoDaddy. * "LdapUserDistinguishedName" now supports multiple values, seperated by "|" chars. * Better handling of email addresses in general, I hope, but specifically, email addresses with umlauts. Thanks to Jörgen Sjöholm (umlauts!) for help with this. * New Web.config setting "AutoReplyUseHtmlEmailFormat". The default value should work fine, no need to chaneg it. * The screen capture utility's yellow marker's color/opacity is better, the way it should be. This is a small detail that probably only matters to me, as a programmer, but it was really bothering me; I spent about 4 hours on it. ----------------------------------------------------------------------- Version 3.4.6 2010/12/12 (svn revision 592) ----------------------------------------------------------------------- * Fixed SQL error when using search.aspx with custom project fields. * Created some pages to make it easier to admin BugTracker.NET without having FTP or direct access to the server. You get to these new page from the admin page. "Edit Custom HTML" to make it easy to customize the html header, footer, logo, etc. "Edit Web.config" for editing Web.config. It will check your XML syntax before letting you save, but you can still shoot yourself in the foot. "Backup Database" to make it easier to create and download backups of the db. This won't work at GoDaddy, though, because of their permissions. "Manage Logs" to view/delete logs. * Upgraded CKEditor from 3.0.1 to 3.4.2. * Revised how the firefox extension saves configuration info, especially the password. ----------------------------------------------------------------------- Version 3.4.5 2010/11/29 (svn revision 578) ----------------------------------------------------------------------- ** IMPORTANT - This release fixes serious security vulnerabilies. ** IMPORTANT - This release fixes serious security vulnerabilies. ** IMPORTANT - This release fixes serious security vulnerabilies. ** IMPORTANT - This release fixes serious security vulnerabilies. ** If your bugs.aspx page is accessible via the internet to untrusted ** visitors, you should upgrade to this release now. ** ** I'm truly, truly, sorry about this. ** ** My thanks to the folks at Core ** Security Technologies, http://coresecurity.com, for bringing ** these to my attention today. ** ** Corey Trager Also in this release: * I added the code for a new Firefox add-on that does screen captures. If you are on Windows, use the desktop app, but if you have users who are reporting bugs in web apps and they are not on Windows, the Firefox add-on might be useful. You can download the add-on here: http://ifdefined.com/bugtrackernet.html#firefox * Fixed a bug whereby in some configurations, email notifications were not being sent. If your send_email function works, but your email notifications don't work, this might fix your problem. It did fix the problem for at least one person. * Prevented errors and error emails from being trigged by "Microsoft Office Existence Discovery" when using view_attachment.aspx. * Fixed a bug in the mass edit feature, changing orgs. ----------------------------------------------------------------------- Version 3.4.4 2010/08/21 (svn revision 566) ----------------------------------------------------------------------- There's only one change, a fix to a SQL injection vulnerability in search.aspx. Thanks to Mark van Tilburg for letting me know. This vulnerability is several years old. If you don't want to upgrade, you can instead modify your copy of search.aspx, adding the logic to replace single quotes with double quotes in the same places where I did: http://btnet.svn.sourceforge.net/viewvc/btnet/www/search.aspx?r1=559&r2=565 ----------------------------------------------------------------------- Version 3.4.3 2010/08/18 (svn revision 563) ----------------------------------------------------------------------- *** IMPORTANT!!! **** You will have to change your Web.config SMTP settings for this release. I'm switched from using the old deprecated System.Web.Mail to the newer System.Net.Mail. Your SMTP settings now come from the standard system.net elements in Web.config. The Web.config that I've included should be enough to show you how to reconfigure your email settings. There are settings, commented out, that work for me for GMail's SMTP service and GoDaddy's SMTP service if you are hosting there. Other changes: * Fixed but where external users weren't seeing the full list of users that they were supposed to see. Thanks to Jason Taylor for the fix. * You can now change the "reported by" user with the mass edit feature in the search.aspx page. * The screen capture utility now uses the descriptions you type in for the screenshot descriptions, not just the original bug description. Thanks to Javier Feria for this improvement. * The screen capture utility now works with Windows authentication, although I haven't personally tested it. I can say that the change doesn't break anything. Thanks to Lars Wuckel for thsi enhancement. ----------------------------------------------------------------------- Version 3.4.2 2010/08/15 (svn revision 555) ----------------------------------------------------------------------- * Values in project custom dropdowns where being lost if bug was updated by somebody with "Reporter" permission. Thanks to Ian Girouard and Jean François Coté for the fix. * Tags search was wrongly being hidden if category field was hidden. Thanks to Mike Abramovitch for the fix. * Fixed bug 3007867 "User friendly time in news page is sometimes wrong" Thanks to Martin Richter for the fix. * "Save search as query" button wasn't working in Chrome * The "Add new" now is hidden now when you are actually in the process of adding a bug. So that you don't hit it and lose your work. How many times have I myself hit that link thinking I was saving the bug I had just entered? Thanks to Dan Rye for this obvious-but-I-guess-not-so-obvious fix. * Printing of bug and notification emails now show Tasks. * Adding/editing of tasks now triggers email notification and is recorded in bug's history. * Lucene highlighting now controlled by css class "highlighted". ----------------------------------------------------------------------- Version 3.4.1 2010/04/11 (svn revision 543) ----------------------------------------------------------------------- * For the tasks/time tracking feature, added a way of viewing all the tasks at once, not just the tasks for one bug. Also added a way of exporting all the tasks into Excel. These features are weak, but they are better than nothing. * Fixed merge bugs feature. It wasn't merging tasks, flags, and svn/hg/git data. * Added checkbox to send_email.aspx page that controls whether the "comments visible to internal users only" are included in the email body. * Corrected Web.config comments for "NotificationSubjectFormat". Added $ASSIGNED_TO$ as one of the variables. ----------------------------------------------------------------------- Version 3.4.0 2010/03/07 (svn revision 536) ----------------------------------------------------------------------- * In screen capture app, "Go to website" now goes to the bug you just created. * In screen capture app, fixed where the crosshairs weren't always topmost. * In subversion hook script, fixed handling of URLs with spaces. * Fixed handling of tags with apostrophes (single quotes). * Fixed bug 2957930 where unusual characters didn't work right in custom dropdowns. Thanks to cjundt for the fix. ----------------------------------------------------------------------- Version 3.3.9 2010/02/13 (svn revision 529) ----------------------------------------------------------------------- * I messed up btnet_screen_capture.exe in 3.3.8. The only change here is the screen capture program. If you downloaded 3.3.8 you can get the latest screen capture app at: http://btnet.svn.sourceforge.net/viewvc/btnet/www/btnet_screen_capture.exe ----------------------------------------------------------------------- Version 3.3.8 2010/02/13 (svn revision 526) ----------------------------------------------------------------------- * 3.3.7 was accidently zipped with the wrong default Web.config. Too much stuff was enabled by default, and there were email settings in it that caused some people some trouble. * Fixed bug 2945674 - Customized "SvnBugidRegexPattern1" doesn't work properly. Thanks to "superdaigo" for the fix. * Btnet_screen_captured.exe wasn't remembering to save the password. Several enchancements to btnet_screen_capture.exe: * Ctrl-C copies contents to the Clipboard. * You can specify the projectid. * Draw straight lines with arrowheads. * Highlight with "yellow highlighter" in addition to free form red lines. ----------------------------------------------------------------------- Version 3.3.7 2010/02/02 (svn revision 516) ----------------------------------------------------------------------- The only that changed in this release is the screen capture utility. Completely rewrote the BugTracker.NET screen capture utility. It's now version "2.0". Here's the story: Several years ago I wrote a screen capture utility and it was Ok. Then Alexej Hirsch developed a really nice app, "Bug Shooting", that works great with BugTracker.NET and several other bug trackers. I abondoned my own app and started using and recommending his. But just this week, Alexej switched Bug Shooting from being a free app to being shareware with a 30-day trial. I wanted my BugTracker.NET users to have something free, but my old app from several years ago wasn't that nice, and, it was built using C++ and MFC rather than .NET. It's just harder to work with those tools than it is with .NET, and I wasn't eager to return to that codebase to improve my old app. So, I started over, using C#/.NET and Visual C# 2008 Express Edition, which is free. The source is in the "screen_capture" folder and the exe is in the www folder. Bugs.aspx incldues a link to the exe. If you already have Bug Shooting, there's no reason to switch to my app - Bug Shooting is still nicer, but if you have my old app, btnetsc_2.1.1.exe, you should switch to this new one. ----------------------------------------------------------------------- Version 3.3.6 2010/01/30 (svn revision 494) ----------------------------------------------------------------------- * Reverted back to an older Lucene.Net.dll (the full text search). The somewhat newer one was not compatible with GoDaddy's medium trust setting. I'm using Lucene.NET 2.4.0, svn revision 829685. I built the dll myself using the free VS C# Express 2008. I also tried to fetch and build a Lucene.Net.dll from the latest Lucene.Net source, but its interface has changed a lot. * Made the ad-hoc query page, "query.aspx", a bit easier by adding a dropdown listing the db tables. * Fixed missing line breaks in notification emails. ----------------------------------------------------------------------- Version 3.3.5 2010/01/03 (svn revision 487) ----------------------------------------------------------------------- * Added ability to change a custom columns default value. * Added "install_btnet.cmd", a quick and dirty install script. All I can say is that it works for me, on my Windows 7 Pro machine. * Fixed bug where multiple svn/hg repositories were being used and there was an overlap with revision numbers. The insert of revisions was wrongly being skipped. * Fixed a cosmetic defect in the side-by-side diff. The first lines were wrongly indented. * Fixed another cosmetic defect in the side-by-side diff. The changed chars weren't always marked with orange. ----------------------------------------------------------------------- Version 3.3.4 2009/11/21 (svn revision 478) ----------------------------------------------------------------------- * btnet_service.exe now looks for btnet_service.exe.config in the same folder as the exe, not in the c:\root folder. * For the svn, git, and mercurial integration, improved the diff page. The logic does a better job of coloring lines that changed yellow, and also colors the characters that changed orange. Also, the display of wide files works better (although I wish I had a splitter...). * Moved from jQuery UI version 1.6rc2 to version 1.7.2 ----------------------------------------------------------------------- Version 3.3.3 2009/11/13 (svn revision 467) ----------------------------------------------------------------------- * Fixed bug where deleting a user showed a SQL error with bug_user_flags. Deleting a user was broken by changes in 3.3.2. * Fixed the $SEEN feature. It was broken by changes in version 3.3.2. * The exes for btnet_console.exe and btnet_service.exe were missing from the zip file in version 3.3.1 and 3.3.2. They are back now. * If you use the bugid#123 feature to create hyperlinks between bugs, these are now listed on the edit bug page, as "Linked to:", to make these links easier to see. * Added a gently, only mildy annoying "nag" feature to, um, encourage, organizations to donate. Only admins will see it. It won't interfere with your work. ----------------------------------------------------------------------- Version 3.3.2 2009/11/06 (svn revision 458) ----------------------------------------------------------------------- To upgrade to this release, run the SQL for this release in the the upgrade.sql file. * Added a voting feature. It works like the $FLAG and $SEEN features. See the edit_query.aspx page for specifics, and see the "demo votes feature" sample query. * Fixed bug with the Web.config "UpdateBugAfterInsertBugAspxSql" setting. The name was one way in Web.config, a different way in the C# code. I made them the same. Thanks to Jorgen Sjoholm for this fix. * When you check "edit using fonts and colors", you are using CKEditor. That has a spell checking feature that wasn't working well before, but seems to be working better now, so I've enabled the CKEditor Spell-Check-As-You-Type feature this release. The change is just in the ckeditor/config.js file. * You can now use a regular express (regex) to control how the svn, git, hg integration logic looks for the bugid in the checkin message. See Web.config. * Version 3.3.1 was missing the javascript for the nicer editor in the edit_query.aspx page. * Made the email fields a little longer in edit_user.aspx and edit_self.aspx. * The mercurial hook script no longer relies on the HG_NODE environment variable, so you can use it with events where that var isn't available. * Now specifying UTF8 when capturing output from svn, git, hg commands. It doesn't seem to hurt me, and it seems to have solved a problem for at least one user. ----------------------------------------------------------------------- Version 3.3.1 2009/10/24 (svn revision 436) ----------------------------------------------------------------------- * Mercurial integration. It works the same as the integration with svn and git. * Upgraded to version 3.0.1 of CKEditor. Performance seems better to me. * I re-arranged folders in my own subversion repository at sourceforge, and also in the zip file. All the web folders are now in a "www" subfolder. When you create a virtual directory, point it at the "www" subfolder, not the parent. I'm no longer using the sourceforge CVS repository. * Cosmetic improvements in edit_bug.aspx. Got rid of gaps between the links on the left, visible in IE only, in edit_bug.aspx. ----------------------------------------------------------------------- Version 3.3.0 2009/10/20 (svn revision 408) ----------------------------------------------------------------------- IMPORTANT - This release contains a reworking of the Subversion integration. If you have already integrated BugTracker.NET with Subversion, you will have a little bit of extra work to do when you upgrade to this release. Also, this release no longer supports the functionality of displaying links to the php "WebSvn". If you were using that feature, contact me at ctrager@yahoo.com and complain, so that I'll have some motivation to add it back in. The new svn hook script is subversion\svn_hook_for_btnet.py. The old hook script made a connection to the BugTracker.NET database, and so there needed to be connectivity between the subversion machine and the databse machine. The new script does not connect to the database. Instead, it posts an HTTP request to a new web page, svn_hook.aspx, so your subversion machine will need connectivity with the BugTracker.NET website. I think for most people, this arrangement is easier, since the website is typically already exposed, whereas the database is typically behind a firewall. Read the instructions in the hook script file itself. You will need to edit some values in it just like you did with the old one. It will be easy. The hook script keeps track of what revision it last processed. The first time it runs (or whenever it can't find the file that it uses to keep track of the previously processed revision), it will send the subversion log for all revisions to svn_hook.aspx. If you delete its tracking file, it will send the entire log again. The Svn_hook.aspx webpage is smart enough not to do duplicate inserts. Even revisions where you forgot to add a bug id will still be inserted into the revisions table, with a bug id of 0, so you could link them up to bugs "by hand" yourself, with sql. The revised web pages won't work with the data you currently have in the svn_revisions and svn_affected_paths tables. You will need to delete your data and let the hook script reload the data. It worked fine for me. Run this SQL to delete the data in those tables: delete from svn_affected_paths delete from svn_revisions Then, when your hook script is working, delete "btnet_prev_revision.txt" that it uses keep track of the previously processed revision, change something, commit, and the two tables will get completely reloaded with your entire repository log history. The repository settings in Web.config and the project-specific svn settings in Web.config are also gone, because the repository info now is stored in the db. But, if a username and password is required to read your repository, then you configure that in Web.config. See Web.config for how to do that. Run this SQL to get rid of the obsolete db columns: alter table projects drop column pj_subversion_repository_url alter table projects drop column pj_subversion_username alter table projects drop column pj_subversion_password alter table projects drop column pj_websvn_url Finally, I apologize for the inconvenience but I think the new script is better. It's more forgiving, because you can always delete your database data and the script can be used to repopulate it. And, it connects with the web server, not the database server. Finally, because each revision is recorded along with the url needed to get back to the repository, it's very easy to use multiple repositories with one BugTracker.NET instance. Before I supported having a different repository per project, but now you can have any sort of scheme you want - even multiple repositories per bug. Other changes this release are to the git integration: * Git integration was failing if file name contained spaces. * Even commits where the message does not contain a bugid are inserted into the database, so that you could link them up to bugs "by hand". I think pretty much everything I wrote above about the svn integration also applies to the git integration. They both follow the same design. The major differences are that with git, the repository MUST be on the web machine, whereas with svn, the repository can be remote. Let me know if you are using the git integration, ok? At ctrager@yahoo.com. Would anybody use Mercurial integration if I added it? ----------------------------------------------------------------------- Version 3.2.9 2009/10/18 (svn revision 401) ----------------------------------------------------------------------- * Git integration now complete. As with the subversion integration, you can use the "log", "diff", "blame" commands. Your repositories need to be on the same machine as the web server. The hook script is git\git_hook_for_btnet.py. Rename the extension to py. The script is written in python 2.X. Read the comments in it and follow the directions. Edit the Git related settings in Web.config. If everything is set up right, when you do a checkin, start the checkin message with the bug id: git commit -a -m "123 fixed bug" * I'm not saying that the web pages related to svn integration were insecure, but I added a bit more security to them. You now can't view anything in svn via the web pages without the logic checking to make sure that you have permission for a bug related to the svn path. * Fixed a bug on the svn integration page where you can select any two revisions to diff. Sometimes the logic was getting confused and showed three revisions selected. ----------------------------------------------------------------------- Version 3.2.8 2009/10/12 (svn revision 390) ----------------------------------------------------------------------- Bug Fixes: * If you did a new install, not an upgrade, of 3.2.7, then you need to rename a field in your database using this SQL (og_domain_name should be og_name): EXEC sp_rename 'orgs.og_domain_name', 'og_domain', 'COLUMN' * The file complete_registration.aspx should reference "SelfRegisteredUserTemplate" instead of "CreateUsersFromEmailTemplate". * The explanation of "UseEmailDomainAsNewOrgNameWhenCreatingNewUser" was missing from Web.config. New Feature. Integration with git. It's still under construction, but the ability to view revisions is working and so is the "diff" link. See the hook script in the git folder, and git settings in Web.config. I'm very interested in feedback on the git integration, so please let me know how it goes, at ctrager@yahoo.com. ----------------------------------------------------------------------- Version 3.2.7 2009/10/04 (svn revision 382) ----------------------------------------------------------------------- Run this SQL to upgrade to this release: alter table orgs add og_can_search int not null default(1) alter table orgs add og_domain nvarchar(80) alter table orgs add og_can_only_see_own_reported int not null default(0) * Added "can search" setting to orgs table, so you can turn off a user's permission to search. * Added "can see only own reported bugs" setting to orgs table. If checked, a user can only see the bugs that he reported. * Improved the handling of multiple embedded images in emails when the embedded images have the same name. The new scheme no longer changes the file extension. * Fixed bug where svn hook script was hanging if there were a lot of files in the commit. Thanks to Richard Horton for the fix. * You can now resize custom field textareas by dragging them to a bigger size. The rest of the changes to this release are related to processing incoming emails. * I've REMOVED a feature from this release, the feature related to the Web.config setting "ProcessVariablesInEmails". This was a scheme that allowed you to put magic words into the email body text to set a bug's attributes. You can still put the magic words into the query string, but not into email body. I've added a new feature, though, that I think you'll like better, so keep reading. Again, this is the feature I REMOVED: * Added "domain", like "ifdefined.com" to orgs table. * Added new Web.config setting "UseEmailDomainAsNewOrgNameWhenCreatingNewUser". In the same way that you can allow incoming emails to create users, you can also allow incoming emails to create organizations. The logic checks if there is already an org with a domain that matches the from-address of the email. If there is, the new user gets assigned to that org. If the org doesn't exist, the system creates a new org based on the template user's org. The domain is used as the name of the new org. You can change the name, but you probably want to leave the domain as is, so that if another user from the same org sends an email, the new user is associated with the same org. * Added new Web.config setting "UpdateBugAfterInsertBugAspxSql" This lets you specify SQL that will run against the bug after insert_bug.aspx has inserted it. Insert_bug.aspx is what inserts the bugs that arrive from email and from the screen capture programs like mine and "Bug Shooting". See Web.config for more info and some sample SQL. You could use this feature to automatically assign the bug to a developer based on which org submitted it, for example. My sample SQL in Web.config, just for teaching purposes, sets the priority based on the email address of the sender. ----------------------------------------------------------------------- Version 3.2.6 2009/09/27 (svn revision 375) ----------------------------------------------------------------------- * The SQL based search.aspx page wasn't working when the Lucene full text search was disabled. * Fixed bug where task's times were switched from PM to AM. Thanks to Philip Parmenter for the fix. * Fixed bug 2864901 "Embedded images in emails are saved to the same name". Duplicate file error when trying to forward MS Outlook with multiple embedded images. * Fixed validation of email address to allow apostrophes. Thanks to George for the fix. * There's an obsolete field in the database, which you are free to get rid of: alter table bug_subscriptions drop column bs_id ----------------------------------------------------------------------- Version 3.2.5 2009/08/29 (svn revision 370) ----------------------------------------------------------------------- * Fixed bug where nvarchar and nchar custom fields were allowing text to be entered with more characters than could fit in the db field. * If you are using the "news" link, enabled by setting "EnableWhatsNewPage" to "1" in Web.config, then this release should be an improvement for you. Now, if you keep the web page up, you won't loose news items even if you restart the IIS server. Also, you control the number of news items via the new "WhatsNewMaxItemsCount" setting in Web.config. Performance probably wasn't an issue before, but it's even less likely to be an issue now. As before, news items are listed regardless of project and org permissions. ----------------------------------------------------------------------- Version 3.2.4 2009/08/16 (svn revision 367) ----------------------------------------------------------------------- * send_email.aspx with CKEditor was broken. This release fixes it by restoring the first line as: <%@ Page language="C#" validateRequest="false" %> * Added setting to Web.config "StripDisplayNameFromEmailAddress" to work around a problem that some users are having when email addresses are in the format Corey Trager instead of ctrager@yahoo.com I can't reproduce the problem myself. see also bug 2815733, "When sending mail to btnet, the mail address isn't correct" http://sourceforge.net/tracker/?func=detail&aid=2815733&group_id=66812&atid=515837 * If you want to maybe improve the performance of you BugTracker.NET database a little bit, and I mean just a little bit, take a look at the SQL in the file upgrade.sql for this release. The SQL mostly deals with changing which indexes are the clustered indexes. If you don't understand what that means, don't worry about it. * Performance tweak of viewing images, giving the browser a better chance of caching them. * Fix of bug in edit_query.aspx, so that admins can now edit the queries belonging to individual users. ----------------------------------------------------------------------- Version 3.2.3 2009/08/08 (svn revision 361) ----------------------------------------------------------------------- * I made it a bit easier to customize BugTracker.NET if you are able to code C#. I revised the "workflow.cs" file. I really wonder if anybody could have been using the old workflow.cs? I was hired to do some BugTracker.NET customization for somebody and I myself couldn't get my own workflow.cs to work right. If you are using workflow.cs, you'll have to rework your code to upgrade to this version. See http://ifdefined.com/doc_bug_tracker_programmers.html#workflow and the comments and sample code in App_Code/workflow.cs itself for more info. * Full text search (Lucene) now also indexes custom text fields. * Fixed bug where full text search index wasn't always being updated when bug was changed. * I removed the SCAYT (Spell Check As You Type) from the rich text editor, CKEditor, because it was working so poorly and unreliably. ----------------------------------------------------------------------- Version 3.2.2 2009/07/31 (svn revision 352) ----------------------------------------------------------------------- * Fixed javascript error in search.aspx that was preventing SQL from displaying when "EnableLucene" was set to "0" in Web.config. * Fixed bug with "FLAGS". The filtered state wasn't being preserved in the bug list when you navigated away and back to it. * Fixed bug 2821937 "NOT logic does not work for 'flag' field" * Fixed bug 2830310 "tags filter - only one result page can be used, filter remov" * Fixed bug 2821768 "sql editor in edit_report.aspx". Now using "EditArea" for edi_reports.asxp. See notes for previous version for more on "EditArea". Also, fixed bug with text being HTML encoded that should have been. * Added back the "CommentSortOrder" to Web.config. Controls whether bug posts are sorted from most recent to least recent (the default) or least recent to most. * Added "DisplayTimeOffsetInHours" to Web.config, for displaying the times in a different time zone than the server's time zone. ----------------------------------------------------------------------- Version 3.2.1 2009/07/07 (svn revision 345) ----------------------------------------------------------------------- * send_email.aspx was broken in version 3.2.0 because it still referenced FCKEditor 2.6. Fixed. * The list of email addresses you see when you hit the "To" button was lost if you had a validation error, like forgetting to enter a "To" address. * The page for editing your SQL queries now has syntax highlighting, using "EditArea", from http://www.cdolivet.com/index.php?page=editArea. Thanks to "Gettinlucky" for the suggestion. * "FromCannotContain" setting in btnet_service.exe.config wasn't working. ----------------------------------------------------------------------- Version 3.2.0 2009/07/03 (svn revision 343) ----------------------------------------------------------------------- Run this SQL to upgrade to this release: alter table orgs add og_active int not null default(1) * Changed search.aspx form method from "GET" back to "POST" See 3.1.9 release notes too. So, now, wtill with IE8, clicking on a link in search.aspx to drill down into a bug, and then hitting Back to get back to the list, results in "Webpage has expired". I don't really have a practical solution to this. * Tweaked the SQL I inject to enforce permissions, as described here: http://sourceforge.net/forum/forum.php?thread_id=3318801&forum_id=226938 Thanks to Luca Pardo for the idea. * Switched the rich text editor from FCKEditor 2.6 to the newer CKEditor 3.0 RC * You can now set organizations to be inactive. It works the same as setting projects to be inactive. Users adding or editing bugs won't be able to see in inactive org in the dropdown, but existing bugs still assigned to that org will work ok. * Fixed bug where prompt wasn't being displayed if you tried to leave a "dirty" bug page after changing a dropdown. ----------------------------------------------------------------------- Version 3.1.9 2009/06/23 (svn revision 336) ----------------------------------------------------------------------- * The "fix" in version 3.1.7 "Changed code to work around OnServerClick not working..." (see below) broke the way the project dropdown works in edit_bug.aspx. In this version, I revert back to the pre-3.1.7 behavior. * Changed search.aspx form method from "POST" to "GET" to avoid IE8 "Webpage has expired" message (but now there's an anti-xss false alarm. Sigh...) ----------------------------------------------------------------------- Version 3.1.8 2009/06/02 (svn revision 335) ----------------------------------------------------------------------- * If you are running BugTracker.NET on the public internet, this version has better protection against brute force attempts to crack user passwords. See "FailedLoginAttemptsMinutes" and "FailedLoginAttemptsAllowed" in Web.config. * Fixed bug in Subversion hook scripts. Now, if you use TortoiseSVN and check in without filling in the bugid, the script won't wrongly use the comment length as the bug id. * Add "last updated by", "last updated on" to search results columns. ----------------------------------------------------------------------- Version 3.1.7 2009/05/03 (svn revision 329) ----------------------------------------------------------------------- * Run this sql to upgrade to this release: alter table orgs add og_can_assign_to_internal_users int not null default(0) * Added "can assign to internal users" to Organization. Setting this to true would allow an external user to assign bugs to an internal user. * Fixed "bugid2 was not defined" error when clicking on "detach" in relationships.aspx * Fixed where filtering wasn't working for flags or seen, because the old logic was expecting them to be in a specific column of the query. Thanks to Sergey Vasiliev for helping solving this bug. * Changed code to work around OnServerClick not working, at least for one user. The magical OnServerClick event wasn't firing. The handler (usually on_update) wasn't being called. So, I got rid of all the OnServerClick's. I don't know what the magic recipe is to make the bug happen, but it might involve IIS using Windows Authentication. Thanks again to Sergey Vasiliev for spending a lot of time with me on this bug. * Changed btnet_service.exe and btnet_console.exe to work with a website that doesn't allow anonymous access. You need to run the service using a login that windows allows. The bug itself will be added using the ServiceUserName from the config. ----------------------------------------------------------------------- Version 3.1.6 2009/04/04 (svn revision 321) ----------------------------------------------------------------------- * Fixed bug 2722585 - "Message 'You have unsaved changes' is shown in view mode" * Fixed bugs related to handling German, etc, decimal formats in the time/tasks feature. * Fixed bug 2686179 - "bug with resizing inline text, html files" * Fixed bug 2726356 - "title modifier is missing in orgs.aspx" * There's now a delay of one minute between the time that you edit a bug and when the notification email is sent. If you edit the bug again within that minute, the system will only send one notification email, not many. * Updated jQuery from version 1.3 to version 1.3.2 ----------------------------------------------------------------------- Version 3.1.5 2009/03/16 (svn revision 319) ----------------------------------------------------------------------- Just one fix, in edit_bug.aspx. This fixes a bug introduced in version 3.1.4. Here's what the error looks like, the important part being at ASP.edit_bug_aspx.does_assigned_to_have_permission_for_org EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object. at ASP.edit_bug_aspx.does_assigned_to_have_permission_for_org(Int32 assigned_to, Int32 org) in c:\cit\btnet2\edit_bug.aspx:line 1986 ----------------------------------------------------------------------- Version 3.1.4 2009/03/14 (svn revision 317) ----------------------------------------------------------------------- * I'm reverting back to the old way of handling sessions, using my own "sessions" table. If you have a BugTracker.NET version of 3.0.7 or older, you already have a "sessions" table. Otherwise, run this SQL to create the table: create table sessions ( se_id char(37) not null, se_date datetime not null default(getdate()), se_user int not null ) The problem with using ASP.NET sessions was that people had trouble finding all the places that had to administer the timeout value. In newer versions of IIS, setting it in Web.config isn't enough. You also have to set the IIS Application Pool timeout, and that was giving people trouble. * Added logic that validates a bug's org against the assigned-to user, preventing you from assigning a bug to somebody who doesn't have permission for that org. * Deletion of bugs was leaving some orphan rows in child tables. * Fixed bug 2660653 "Date Conversion Error on tasks_frame.aspx". Dates in the tasks/time page weren't being put into the format that SQL expects. * Fixed bug 2668288 "Pie and Line reports in Gif format". That is, I changed the format of the images from jpeg to gif. * Fixed bug where incoming emails with long "From" addresses were having the address truncated. ----------------------------------------------------------------------- Version 3.1.3 2009/03/01 (svn revision 313) ----------------------------------------------------------------------- * Fixed bug 2634870 - "edit_task.aspx crash if bug has empty assigned-to" * Fixed bug 2414881 "btnet_post_commit svn script makes erroneous posts". The post-commit script was associating the incorrect bugid with the the revision when the bugid wasn't entered with the checkin. Thanks to Sam Eads for tracking this down. I also improved the debug output. * Fixed bug 2446465 "subversion diff fails when comparing one-line files" * Fixed bug 2526512 "problems when subversion thinks file is binary" * Fixed bug with custom dropdowns of type char/nchar. The app was recording changes even when the user made no change, because of values being padded with spaces in the database. * Fixed bug with svn_view.aspx. It was displaying the source with my own copyright notice. * Fix for "Request is not available in this context" error for IIS integrated mode. Thanks to Per-Erik Stendahl for the code. * Added a subversion post commit script in python, for those who are running a subversion server on linux, etc. * Added tip for short description. If it's longer than the INPUT and you hover over it, you can see all the text. * The formatting of the links at the top of the page are now controlled by "menu_td" css class. * When replying to an email, and quoting the original email, blank lines are now inserted into the reply before the quoted email. ----------------------------------------------------------------------- Version 3.1.2 2009/02/21 (svn revision 309) ----------------------------------------------------------------------- * Fixed bug when inserting a null into the qn_last_exception column of the queued_notification table. Discussed here: http://sourceforge.net/forum/forum.php?thread_id=3015629&forum_id=226938 * Fixed bug 2596624 - "Blank comment entered when using the rich text editor". * Version 3.0.5 broke the features where BugTracker.NET records the most recent login date of a user. Fixed in this version. * Corrected some typos in the hour dropdowns in the time tracking feature. * Fixed [+], [-] links to resize rich text editing area. ----------------------------------------------------------------------- Version 3.1.1 2009/02/07 (svn revision 304) ----------------------------------------------------------------------- * Fixed bug with "show images inline" when MIME type was pjpeg or x-png. IE7 tends to use these MIME types. * Fixed bug: Custom fields rendered as textareas were getting HtmlEncoded twice. * Fixed bug: Custom fields displayed in textareas lost their formatting when displayed as read only. ----------------------------------------------------------------------- Version 3.1.0 2009/01/31 (svn revision 302) ----------------------------------------------------------------------- * You can now have the incoming emails from btnet_service.exe trigger the creation of new BugTracker.NET users, with the "from" address being the username. See these new settings in Web.config: CreateUserFromEmailAddressIfThisUsername CreateUsersFromEmailTemplate * Fixed bug 2453704 "Null reference when adding bug with news on", in whatsnew.cs. * Added Web.config setting "AspNetFormId" which you can use to override what form id some of the the javascript looks for. Different versions of ASP.NET have generated HTML forms with different ids, and the previous logic was guessing those ids wrong for some configurations. * Changed "FCKConfig.EnterMode" from

to
, so that enter key in rich text editor adds just a line break, not a paragraph break. * Updated SharpMimeTools dll to handle commas in quoted printable email subjects. ----------------------------------------------------------------------- Version 3.0.9 2009/01/25 (svn revision 300) ----------------------------------------------------------------------- * Fixed a bug with send_email.aspx introduced in version 3.0.8. Prior to version 3.0.8, list of email addresses wasn't taking into account the users organization permissions. I fixed that in 3.0.8 but broke the logic related to project permissions. With this release, both organization and project permissions should be working (I hope). * Updated included Web.config so that the session timeout is 120 minutes. ----------------------------------------------------------------------- Version 3.0.8 2009/01/18 (svn revision 298) ----------------------------------------------------------------------- * Fixed bug with send_email.aspx. It was showing email addresses that a user with limited permissions shouldn't see, like one client seeing the email addresses of another client. See thread: http://sourceforge.net/forum/forum.php?thread_id=2856651&forum_id=226938 * Fixed bug (I think) where extraneous "00:00:00" appear in date range searches. I couldn't reproduce the bug, but I think the logic in this version will prevent it. * Upgraded fckEditor, the rich text editor, from version 2.4.2 to version 2.6.3. There's no specific reason why I upgraded. It just seemed to be about time. For more info about fckEditor changes, visit http://www.fckeditor.net. If you are upgrading an existing installation, you need to replace both your fckeditor folder and the dll in the bin folder. * Upgraded jQuery from 1.2.6 to 1.3. There was no specific reason why I upgraded. For more about jQuery, visit http://docs.jquery.com. * Exporting a list of bugs to excel now handles line breaks better, thanks to Michael Wilson. * No longer using the "Sessions" table in the database. Years ago, I wanted BugTracker.NET to avoid using the ASP.NET Session object, to be more compatible with web farms, but for a long time now BugTracker.NET has been dependent on the Session object, so no point in keeping the Sessions table. ----------------------------------------------------------------------- Version 3.0.7 2009/01/10 (svn revision 292) ----------------------------------------------------------------------- Minor bug fixes. * Fixed bug 2477163 "Cannot view or edit tasks/time even though admin" * Fixed bug 2494633 "Bug updated even if unchanged if field permission view only" * Fixed bug with validation of decimal format custom fields. The logic was allowing too many digits to the left of the decimal, leading to an overflow error. * Fixed bug with page for retrieving a forgotten password, when two users have the same email address. * Made changes that might make BugTracker.NET more compatible with new IIS "Integrated Pipeline", but I'm not sure (because I don't have II7 to test with...) * Added RFE 2490904 "Display position in list edit_bug.aspx, near prev/next" ----------------------------------------------------------------------- Version 3.0.6 2008/12/22 ----------------------------------------------------------------------- To upgrade to this release, make the following changes to your Web.config file: 1) Delete the line in your web config that begins like this:

0 group by og_name, datepart(year,tsk_created_date), datepart(month,tsk_created_date) Here's a report of hours still left to do based on "planned duration" and "percent complete". select pj_name [project], convert(decimal(8,1),sum( case when tsk_duration_units = 'minutes' then tsk_planned_duration / 60.0 * .01 * (100 - isnull(tsk_percent_complete,0)) when tsk_duration_units = 'days' then tsk_planned_duration * 8.0 * .01 * (100 - isnull(tsk_percent_complete,0)) else tsk_planned_duration * .01 * (100 - isnull(tsk_percent_complete,0)) end)) [total hours] from bug_tasks inner join bugs on tsk_bug = bg_id inner join projects on bg_project = pj_id where isnull(tsk_planned_duration,0) <> 0 group by pj_name ----------------------------------------------------------------------- Version 3.0.4 2008/11/28 ----------------------------------------------------------------------- See upgrade.sql for upgrading to this release. * New feature: Time tracking and/or Sub-tasks. See the "EnableTasks" setting in Web.config for more info. The goal of this feature is to give you a way of entering tasks related to a bug and/or time that you spent working on a bug and/or scheduling info related to the bug. The page where you enter the info is very configurable. You can hide the fields you aren't using via Web.config. * Tweaked the logic for determining which user to display in the "assigned to" dropdown. See this thread: http://sourceforge.net/forum/forum.php?forum_id=226938 * Added ability for admin to try to resend unsent emails. The system tries to resend automatically anyway whenever there is a new notification, but the new feature lets an admin do it explicitly. * Fixed bug in relationships page when trying to add a relationship after deleting one. * Printing of bug detail now includes images if show/hide images inline is toggled to show, and it includes change history if show/hide change history is toggled to show. ----------------------------------------------------------------------- Version 3.0.3 2008/11/24 ----------------------------------------------------------------------- Everybody who downloaded 3.0.2 should replace it with this release. Fixed bug in bug.cs, line 1168, when sending a notification email. ----------------------------------------------------------------------- Version 3.0.2 2008/11/21 ----------------------------------------------------------------------- * New feature: Field level permissions for custom fields. You can control which organizations can view/edit which custom fields. Minor bug fixes: * Fixed bug with the list of users shown in edit_bug.aspx dropdowns when the viewer had no permissions to for other organizations. Users from other organizations were being shown. * Fixed to svn_diff.asxp to work with newer versions of Subversion, thanks to Christian Hoffmann. * Fixed bug related to showing images inline. When the attachment was an .ini file, the user was wrongly being prompted to download the file. * Fixed bug 2323190 "Top button doesn't change on copy bug" ----------------------------------------------------------------------- Version 3.0.1 2008/11/14 ----------------------------------------------------------------------- * Fixed bugs in search.aspx. Saved SQL was incorrect when there are custom fields, and especially if there are spaces in the names of the custom fields. Also, handling of custom fields of type "char" and "nchar" was incorrect * Fixed false error about needing to refresh due to an intervening update, after adding an attachment and then making a subsequent change to a bug. ----------------------------------------------------------------------- Version 3.0.0 2008/11/09 ----------------------------------------------------------------------- * Fixed the "suggest" feature in search.aspx, when you are searching by "description contains". I broke it in version 2.9.9. * Fixed searching by date range. I broke it in version 2.9.9. * Fixed bug searching by date range with a custom field of type date. It was searching *up to* the "to" date, not *through* the "to" date. * Fixed bug 2219380 - Lucene: SQL SERVER - Cannot resolve collation conflict UNION * Fixed bug with non-admin users who have permission to add users. * Fixed bug with logic (regular expression) that turns URLs into links. It was including the final period as part of the URL. * Upgraded jQuery Datepicker to 1.6rc2 to pick up some of their bug fixes. * Added ability to toggle column filters from "something" to "NOT something". When you have a filter set to some value, hold down the Ctrl key and click in it. ----------------------------------------------------------------------- Version 2.9.9 2008/11/01 ----------------------------------------------------------------------- * IMPORTANT: Check you Web.config settings related to date formats if you have a problem with this release. Keep reading: * Now using the jQuery javascript library. Changed the calendar popup to the jQuery datepicker. It uses Web.config "DatepickerDateFormat" to decide which date format the picker puts into the input field. Please read the comments in this new Web.config related to the settings "DatepickerDateFormat", "DateTimeFormat", and "JustDateFormat". and the comments about them in the Web.config in this zip. Historically, I've tended to make mistakes with non-US date formats, so be suspicious. The logic now tries to guess when to display just the date and when to display both the date and time. * Fixed bug where the display of the popup was truncated if the window was scrolled down from the top. * Catching exception "Request is not available in this context" when Application_Start references the Request object on IIS7 in "Integrated" mode. Google the error message for more info. * Fixed bug 1239351 "SQL saved from search can have incorrect date format" * Fixed bug 2189739 "'Seen' field appears in print and export to excel results: * Fixed bug 2207549 "HTML tags bug in edit_customfield.aspx" * Fixed bug with custom dropdowns based on char datatypes not working because of the values from the db being padded with spaces. * Fixed cosmetic bug, missing form border in IE. * Fixed problem with ids in search.aspx where custom field has spaces in its name. That made them impossible to select using a custom css file. * If "DisplayAnotherButtonInEditBugPage" is set to 1, the error message is also duplicated at the top of the form along with the button. * Completed the logic that warns you if you are are leaving the edit bug page with unsaved changes. Now it's working with the menu and comment links too. ----------------------------------------------------------------------- Version 2.9.8 2008/10/25 ----------------------------------------------------------------------- * Fixed "get notifications", "stop notifications" link. It was broken in version 2.9.7. * Fixed bug related to receiving emails with Cc addresses. * Fixed bug with flickering of popup when bug description was multiple lines. Fixed javascript bug when popup would be displaying below the bottom edge of the screen. * Fixed bug with search and custom dropdowns where one of the dropdown values is blank. You can now search for bugs where the custom dropdown value has not been specified. This only completely works on newly inserted bugs. To make the fix retroactive, run sql like this: update bugs set [YOUR COLUMN] = N'' where [YOUR COLUMN] is null * Fixed bug with flickering of "suggest" feature, the green dropdown that appears when you are typing a bug description to search for on search.aspx. * When you enter the pipe-delimited values for custom dropdown, it's now ok to use line breaks to format what you entered to be more readable for the admin. * Added Web.config setting "DisplayAnotherButtonInEditBugPage" which causes a second Update button to appear on the edit_bug.aspx, at the top of the form, so you don't have to scroll down to find the button if you have a lot of custom fields. * Added a Web.config setting "SubversionAdditionalArgs". These are appended to every command BugTracker.NET sends to Subversion. Use this if you need to set, for example, "--config-dir" * A few more cosmetic changes... * Some experiments on the relationships.aspx page. ----------------------------------------------------------------------- Version 2.9.7 2008/10/18 ----------------------------------------------------------------------- ** IMPORTANT CHANGE: Changed how the special "guest" user works. Before this release, even if you gave the guest user permission to edit bugs, the system automatically reduced his permissions to "Reporter". I've removed the logic that automatically reduces his permissions. You now control the guest user's permissions like any other user. If you don't want a guest user to be able to edit bugs, change his permissions before you upgrade to this release. A guest user is still different in these ways: - no settings - no "edit dashboard" - can't save searchs as sql queries - can't delete anything. Also in this release: * Fixed bug when Lucene.Net was dealing with floats in the form 1,23 instead of 1.23. * Fixed bug 2171746 "Server error with blank Lucene search" * Fixed bug 1969789 "bugs.aspx popup flickers when it's a big popup" * Fixed bug 2165900 "Error sending email notifiations" due to null characters in the message body. How does that happen? * Fixed bug 1968648 "Internal comments not on popup" * Cosmetic improvements. Well, I hope you think the cosmetic changes are improvements. Highlights of the changes include re-arragnement of the menu bar across the page, icons next to some of the links, icons to distinguish the different post types, popup now looks like a miniture version of the posts on the edit_bug.aspx page, animation effect when adding posts. Please do let me know what you think of the changes. ----------------------------------------------------------------------- Version 2.9.6 2008/10/12 ----------------------------------------------------------------------- * Fixed missing second-from-last-line in Web.config: * In search_text.aspx, the new full text search, nvarchar(MAX) doesn't work on SQL Server 2000. Changed to nvarchar(3000). * Minor security improvements related to fckEditor ----------------------------------------------------------------------- Version 2.9.5 2008/10/12 ----------------------------------------------------------------------- * New feature: Full text search! Available at the top of every page. The search uses the Lucene.Net search engine. This feature is enabled by default. It uses the App_Data\lucene_index folder for its index. The folder gets created automatically. This full text search *DOES* obey project and org permissions, so it's safe to use even if you are using permissions. The text that is searchable includes the description, tags, comments, and both incoming and outgoing emails. Text that is not searchable, at least for now, includes comments marked hidden from external users and text in custom text fields. (Note, the version of Lucene.Net included with this release has a slightly changed FSDirectory class. I've included the source code of the file I changed.) * Now using App_Data by default for new installations for logs, uploads, and the new Lucene index. You can still override the locations via Web.config. (The uploads folder isn't used if you are using file-based attachments instead of storing attachments in the database. The default handling of attachments is to store in the database). * Added a magic word, $ALTER_HERE, to tell my permissions logic where to alter you bug queries, in cases where my logic gets confused. This allows for more complicated bug queries than my old logic could handle. * Moved almost all the code out of the old "inc" files. * The util.cs function strip_dangerous_tags has been made a little smarter and little stronger, but it's still weak... ----------------------------------------------------------------------- Version 2.9.4 2008/10/10 ----------------------------------------------------------------------- To upgrade to this version, run this SQL: alter table bug_posts add bp_email_cc nvarchar(800) null * Fixed bug where SMTP servers were rejecting emails because of empty CC field. * Fixed bug where adding an attachment failed because of null content type. * Fixed bug that prevented the "I forgot my password" from being used unless you also enabled self-registration. * Removed the "CommentSortOrder" from Web.config. No longer supporting that option. * Improved how the "Cc" and the "Subject" of emails are handled. They are saved and displayed in edit_bugs.aspx * Changed how email address links work in edit_bugs.aspx. They used to be " to this, adding the additional assembly reference: * The file "seen.aspx" was missing from the 2.9.2 .zip file, so the new/old, read/unread feature didn't work. Added to this .zip file. * Fixed bug in setup.sql that happens if you were to run it twice. No problem if you run it just once. * Fixed bug 2140368 "Calendar broken if custom field has space like "Due Date" versus "DueDate". * Richard Adleta has contributed a new feature, Windows user auto registration. That means, if you are using windows security, and a Windows user visits the site, BugTracker.NET will automatically insert a user into its user table. Thanks Richard Adleta! Look at Web.config in this .zip for the new Web.config settings related to this feature, starting with "EnableWindowsUserAutoRegistration". Note the settings in Web.config that allow BugTracker.NET to fetch additional info about a user from an LDAP server. ----------------------------------------------------------------------- Version 2.9.2 2008/ 9/26 ----------------------------------------------------------------------- To upgrade to this release, run the following SQL: create table bug_user_seen ( sn_bug int not null, sn_user int not null, sn_seen int not null ) create unique index sn_index_1 on bug_user_seen (sn_bug, sn_user) * Added new feature, new/old, read/unread. The implementation is similar to $FLAG. See edit_query.aspx for details. Also, to enable, add this to your Web.config: * Fixed bug 2121394 "Error when editing an old comment with FckEditor enabled" * Fixed bug 2129279 "add_svn_revision.aspx doesnt work with ie and opera" * Fixed unintentional case-sensitivity in tags filtering logic. * Changed display of read-only custom-fields when there is a lot of text without line breaks. Discussed here: http://sourceforge.net/forum/forum.php?thread_id=2265713&forum_id=226938 ----------------------------------------------------------------------- Version 2.9.1 2008/ 9/20 ----------------------------------------------------------------------- To upgrade to this release, run this SQL from upgrade.sql: alter table bugs add bg_tags nvarchar(200) null alter table orgs add og_tags_field_permission_level int not null default(2) * Fixed crash in edit_bug.aspx due to Request["label_pcd"] being null. * Add new feature: Tags. You can mark your bugs with free-form keywords and then use those keywords to filter your bug lists. This feature was originally added in version 2.8.6 in a very rough, experimental way, but this release now supports the feature well (I hope). To turn on this feature, add this line to your Web.config: Note that you might not want to use this feature if you are also using tricky permissions, because the page that displays already-used tags and their counts looks at all bugs, not just the bugs that the user is elegible to see. That is, if somebody with rights only to project A tags 3 bugs with "Foo", then somebody with rights only to project B will see "Foo(3)" in the tags.aspx page. Maybe that matters to you, maybe not. * Fixed bug 1917493 "Non-Admin users may create other users in other organization". Now, if you give rights to a non-admin user to create users, he can only assign that user to organizations that he has permission to edit. * Fixed bug with searching custom datetime fields using a range. * Added new Web.config setting "UseTransmitFileInsteadOfWriteFile" to handle view_attachment.aspx failing with large files. See discussion at the link below and see comments in Web.config. http://sourceforge.net/forum/forum.php?thread_id=2230054&forum_id=226938 ----------------------------------------------------------------------- Version 2.9.0 2008/ 9/13 ----------------------------------------------------------------------- * Fixed a bug with btnet_service.exe and btnet_console.exe that I introduced in 2.8.8 that caused them to skip every email. Here's a thread about it, and a workaround: https://sourceforge.net/forum/forum.php?thread_id=2241106&forum_id=226938 * Added Web.config setting "DisableFCKEditor", which turns off the rich text editor for everybody. Just in case there turns out to be a security hole with FCKEditor. * Changed the function strip_dangerous_tags to be more aggressive at cleansing text entered using FCKEditor. * Removed the "Image" button from the FCKEditor toolbar configuration because the upload doesn't work anyway out of the box. You need an advanced understanding of FCKEditor itself to get it to work. * Fixed bug with Subversion post commit script described here: http://sourceforge.net/forum/forum.php?thread_id=2225181&forum_id=226938 * Fixed bug 2100237 "invalid tag parameter in relationships.aspx" * Fixed bug 2100130 "HTML tags 'bug' in edit_project.aspx" * Fixed bug 2100042 "HTML tags 'bug' in edit_dashboard.aspx" * Removed Web.config option "PromptBeforeLeavingEditBugPage". Now the page will automatically warn you if you are going to leave it with unsaved data. ----------------------------------------------------------------------- Version 2.8.9 2008/9/6 ----------------------------------------------------------------------- * Ok, this time *REALLY* fixed bug 2064647. I didn't really fix it in version 2.8.8, but I really fixed it this time. I was able to reproduce the bug using ASP.NET 3.5 SP1. The only difference between this version and 2.8.8 is in add_attachment.aspx, I removed action=add_attachment.aspx form the
tag. ----------------------------------------------------------------------- Version 2.8.8 2008/9/6 ----------------------------------------------------------------------- * Fixed bug (I hope) described here. http://knitinr.blogspot.com/2008/07/script-exploit-via-fckeditor.html See btnet.Util.strip_dangerous_tags. I encourage you to contact me at ctrager@yahoo.com with improvements to BugTracker.NET security, and especially my handling of fckEditor. * Fixed bug 2064647 - ".net 3.5 sp1 issue or Unable to add attachment." I changed all the query string and form variables named "action" to "actn". * Fixed how the red/green flags look in FireFox 3. The change is in inc_bugs.inc. * Fixed bug 2080213 - "edit_bug.aspx, use pcd1, not Request['pcd1']" * Fixed bug 2073466 - "Project level SVN overrides should be individual" * Fixed bug 2073380 - "WebSVN url is too short". Expanded it to 120 chars. * Fixed bug 2039058 - "Long bug description causes error". Increased size of qn_subject column. * Fixed bug 2026669 - "Category drop down on a new bug not defaulting correctly" * Fixed bug in btnet_service.exe, btnet_console.exe. "SubjectCannotContain" and "FromCannotContain" settings weren't working. ----------------------------------------------------------------------- Version 2.8.7 2008/ 6/19 ----------------------------------------------------------------------- Bug fixes. 1997641 - Filters in bugs.aspx and search.aspx not working. This was broken in 2.8.6. The fix is in the file inc_bugs.inc. 1992767 - Saved Search failure with custom fields in IE. The fix is in the file search.aspx. To move from 2.8.6 to 2.8.7, you can just extract the two files inc_bugs.inc and search.aspx. ----------------------------------------------------------------------- Version 2.8.6 2008/ 6/15 ----------------------------------------------------------------------- * Fixed bug 1967847 - Show/hide change history doesn't refresh. This was introduced in version 2.8.5. * Fixed bug 1963824 - Unable to cast object of type 'System.DBNull' to type String. This was also introduced in version 2.8.5. * Fixed bug 1968605 - Bug when last row meeting filter criterion is changed * Fixed bug processing the $ORGANIZATION$, $CATEGORY$, and $UDF$ magic variables in incoming emails, using the fix reported in this thread: http://sourceforge.net/forum/forum.php?thread_id=2047054&forum_id=226938 * Fixed bug with deleting custom columns, using the fix reported in this thread: http://sourceforge.net/forum/forum.php?thread_id=2047968&forum_id=226938 * Fixed SQL error with the "bugs with attachments" query that installs with setup.sql. This release also includes some experimental code that allows you to tag bugs and the filter your bug lists using the tags. To try out the experimental code update your bugs table as follows: alter table bugs add bg_tags nvarchar(100) null and add the following line to your Web.config: I don't think the tags code will hurt anything if you turn it on, but it's not very high quality yet nor does it look very good. ----------------------------------------------------------------------- Version 2.8.5 2008/ 4/19 ----------------------------------------------------------------------- Bug fixes: * Fixed bug where edit_dashboard.aspx was actually editing everybody's dashboard instead of just the one user's dashboard. * Fixed bug 1935727 InvalidCastException drawing line chart, if the x values were strings instead of integers. * Fixed bug where edit_bug.aspx crashed if it was trying to display a bug with its project value set to a non-existent project. That can happened if the bug is posted via the screen capture utility. * Fixed bug 1959132 where the message "Somebody changed it while you were editing it" was wrongly being displayed. Add an attachment and then on the same bug, update a comment. * Fixed bug 1960395 "Running Setup.sql gives duplicate key error" - the same query was in it twice. * No longer displaying "diff" link on subversion revisions where the Subversion action was an add. Clicking on diff was causing an error to display because there is no previous version to diff with. Enhancements: * Added status column to relationships.aspx * Popups that display when you hover over items in the bug list now show all comments, not just the first. Also, popups show after hovering 250 milliseconds, instead of after 400 milliseconds. * Custom date fields - now you can search them using a date range. ----------------------------------------------------------------------- Version 2.8.4 2008/4/8 ----------------------------------------------------------------------- To migrate to this release from 2.8.3, run this SQL: update custom_col_metadata set ccm_dropdown_type = '' where ccm_dropdown_type = 'not a dropdown' * Fixed bug introduced in version 2.8.3. If you used version 2.8.3 to add a custom field that was not a dropdown, you need this fix. Also fixed: * Non-dropdown custom columns whose size was big enough to be displayed as textareas were wrongly being displayed as textareas. * Screen label for change_password.aspx was wrong. Should read "New Password", not "Email". * If you have two browswer windows open, clicking on flags could trigger flags.aspx to report a duplicate insert error. The error is harmless, but annoying, so now suppressing it. ----------------------------------------------------------------------- Version 2.8.3 2008/4/5 ----------------------------------------------------------------------- Small bug fixes: * If you were inactive awhile and then clicked on logoff, you could get an error. * When adding a non-dropdown custom field and checking required, the following error was wrongly being displayed: Checking "Required" is not compatible with a normal or users dropdown * Corrected the autocomplete behavior for confirm password in edit_user.aspx autocomplete=off Enhancments: * Queries.aspx now gives admins the ability to see everybody's private queries. * btnet_service.exe now works even if the SSL certificate is untrusted. * btnet_service.exe's setting "SubjectCannotContain" now supports multiple strings separated by pipes. Also added new settings "FromMustContain", "FromCannotContain". See btnet_service.exe.config for more info. * Admins can now delete a bug subscriber, but note that there's a general quirk/bug that if a user's automatic subscription criteria indicates that the user should be subscribed, the logic will add the user back as a subscriber. This is a problem even if you yourself click "stop notifications" for a specific bug that your auto-subscribe settings say you should be subscribed to. You'll think that you are no longer subscribed, but really you still are. * Added new query sample to setup.sql, "bugs with related bugs" * Added ability to use GROUP BY clauses in the bug queries which had previously confused the logic that alters the bug queries so that they obey the project and organization permissions. See the "bugs with related bugs" sample. The "/*ENDWHR*/" marks the end of the where clause. (I need to document this better...) ----------------------------------------------------------------------- Version 2.8.2 2008/ 3/22 ----------------------------------------------------------------------- Small bug fixes: * Fixed bug: Self registration wasn't working for names like "O'Brien", with an apostrophe. Fixed now. * Added more validation to the "add custom field" page. The validation takes care of the following bugs: 1843742 Custom column named "URL" breaks search.aspx 1843726 Newline, trailing spaces in dropdown vals causes error 1914410 "required" not working with custom field of type "user" 1916585 error in print_bug.cs with custom field of type "user" * Some links were visible to guests even though logic downstream would prevent them from actually being used, like merge and mass edit. Now the links aren't shown to guests. * Even if the password authentication is done via LDAP, now checking whether the BugTracker.NET user is marked active, and also now updating the last login datetime. Enhancements: * Added filtering to users.aspx, in case you have many, many users, to limit how many users are displayed. * Added "LdapAuthType" setting to Web.config. * RFE 1919939 Show a bug's related bugs in the print and email ----------------------------------------------------------------------- Version 2.8.1 2008/ 3/15 ----------------------------------------------------------------------- To upgrade to this release, run the SQL near the bottom of upgrade.sql. * Fixed bug 1914408 "bp_comment_search contains formating info from fckEditor". If you entered text using fckEditor, there was logic to strip out the formating so that searching in the text would work ok. For example, instead of saving hot and cold the logic would save hot and cold At some point in time, the logic to strip out the formating was accidently removed. My changes here won't fix any data that's already been stored in your database. I also corrected one of the sample queries to display data from bp_comment_search instead of bp_comment. * Fixed bug 1913912 "LimitUsernameDropdownsInSearch doesn't work with NULLs". Thanks to "matro" for the fix. * Added a last login date to the user table, to keep track of when a user last logged in. Now that there is a public demo of BugTracker.NET, I myself need the date to be able to get rid of users who have been inactive for a long time. * Added new "dashboard" page. It's a way of displaying the results of several reports all on one page, customized for you. Go to "reports" and click on "dashboard" link and then "edit dashboard" to try it out. * Added another query to setup.sql, which helps with finding bugs with large attachments, useful to me to manage my public demo: insert into queries (qu_desc, qu_sql, qu_default) values ( 'bugs with attachments', + char(10) + ' select bp_bug, sum(bp_size) bytes ' + char(10) + ' into #t ' + char(10) + ' from bug_posts ' + char(10) + ' where bp_type = ''file'' ' + char(10) + ' group by bp_bug ' + char(10) + ' select ''#ffffff'', bg_id [id], bg_short_desc [desc], ' + char(10) + ' bytes ' + char(10) + ' from bugs ' + char(10) + ' inner join #t on bp_bug = bg_id ' + char(10) + ' WhErE 1 = 1 ' + char(10) + ' order by bytes desc ' + char(10) + ' drop table #t ', 0) ----------------------------------------------------------------------- Version 2.8.0 2008/3/8 ----------------------------------------------------------------------- To upgrade to this release, run the sql in upgrade.sql to create a new table: create table queued_notifications ( qn_id int identity primary key not null, qn_date_created datetime not null, qn_bug int not null, qn_user int not null, qn_status nvarchar(30) not null, qn_retries int not null, qn_last_exception nvarchar(1000), qn_to nvarchar(200) not null, qn_from nvarchar(200) not null, qn_subject nvarchar(200) not null, qn_body ntext not null ) Fixed bug 1900496 "print bug, emails, history, don't obey fld permissions". As part of this bug fix, the Web.config option "SendJustOneEmail" is now obsolete. I've rewritten the logic for sending out the notifications so that it first stores the email into the new "queued_notifications" table and then another thread sends the emails. The only way for me to fix the bug 1900496 was to compose and send a separate email for each user receiving a notification. But the sending itself can take a long time, so that's why I now queue them at first, and then send them in another thread later. The admin page now has a new link, "view queued notifications". That new page says: "Email notifications are put into a table into the database and then the system attempts to send them. If the system fails to send the notification, it records the reason for the failure with the row. The system makes three attempts to send the notification. After the third attempt, you can either give up and delete the unsent notifications or you can reset the retry count and let the system continue trying." Also related to bug 1900496, the view_bug_history.aspx page is now obsolete. You should delete it from your web server. Also in this release: * The "PrintHistory" key in Web.config has been obsolete for a while, but I only just now have removed it from Web.config. * Added new setting to Web.config that might help you if you have lots of users. Here's what it says in Web.config ----------------------------------------------------------------------- Version 2.7.9 2008/3/1 ----------------------------------------------------------------------- Bug fixes. A few of these fixes are the result of me running a public instance of BugTracker.NET hosted at GoDaddy, at http://ifdefined.com/btnet. * Fixed bug 1891559, "Email message no longer has a border around each item." Same bug described here: http://sourceforge.net/forum/forum.php?thread_id=1890301&forum_id=226938 Some people reported that the css doesn't work in the email notifications. As a workaround, I added a "ForceBordersInEmails" which uses border=1 instead of css to create a border in the emails. See also "btnet_css_for_email.css.renamed". If you rename that file to "btnet_css_for_email.css", notifications will use that css file. * Fixed bug with generate_btnetsc_reg.aspx. It's the page that generates a .reg file for the screen capture utility's settings. There was some debugging code accidently left in it. * Fixed bug 1904370 "index out of range error on edit_bugs.aspx" when user is guest and there are no projects in the project dropdown. * Modified email.cs after experimenting with hosting an instance of BugTracker.NET at GoDaddy. Now, even if you storing attachments in the db, the app will still use the "UploadFolder" in order to temporarily store attachments in the files system before being loaded into the db. Before, the logic always tried to create a temporary folder, which it doesn't have the rights to do at GoDaddy. * Fixed a bug where sometimes the bugs.aspx would crash trying to use a filter that no longer applied to the query.You had to switch back and forth between the search and bugs page to make the crash happen. * Fixed "Object reference not set to an instance of an object" bug that was happening at BugTracker.NET running at GoDaddy. Where the logic was looking for a custom field in the Request's variable collection, the logic now handles the case of the variable being missing. * Merged in code from Gerard Chanekon that adds ids to project specific custom fields in edit_bug.aspx, to help with css. * Corrected insert_bug.aspx to truncate short description at 200 chars, not 100. Enhancements: * Added "days ago" to the dates displayed in edit_bug.aspx * Some cosmetic changes to edit_bug.aspx and search.aspx. * The app intercepts errors and writes them to the log and can also send an email with the info. Now writing the server variables into the log and error notification emails. Server variables means things like the IP of the browser, User Agent, Referer, Cookie Values... ----------------------------------------------------------------------- Version 2.7.8 2008/ 2/23 ----------------------------------------------------------------------- To upgrade to this release, run the SQL from upgrade.sql that creates the emailed_links table. You only need this table if you turn on the new features related to the new Web.config settings "AllowSelfRegistration" and "ShowForgotPasswordLink". * Fixed bug 1884391 - prevent entry of more text into a custom TEXTAREA field that would cause a databse truncation error. * Fixed bug on relationship page - sibling/parent/child radio button wasn't being initialized * Corrected the sample code in workflow.cs. * Fixed bug where emails with subjects longer than 200 chars were failing to be inserted into the db. Now insert_bugs.aspx truncates the subject at 200. * Added option to enforce strong passwords. See"RequireStrongPasswords" in Web.config. Turning on the flag has no effect on users until they try to change their passwords. This satisfies RFE 1726311. * Users can now reset their own passwords if they forget them. See "ShowForgotPasswordLink" in Web.config. This satisifies RFE 904044. * Users can now register themselves (add themselves to the user table). See the following settings in Web.config: "AllowSelfRegistration" "SelfRegisteredUserTemplate" "RegistrationExpiration" * Format of user's email address is now validated. ----------------------------------------------------------------------- Version 2.7.7 2008/ 2/16 ----------------------------------------------------------------------- * Added new Web.config setting "AllowGuestWithoutLogin". This is the explanation from Web.config: There's a special user in the database, "guest". Think of it as a user account that can be shared by several people. The guest user can't save settings and can't save searches. If "AllowGuestWithoutLogin" is set to "0", then the guest user still has to login with a password. If set to "1", then the guest user doesn't need to even enter a password. Instead, a link will appear on the login page, default.aspx, saying: Continue as "guest" without logging in You can control the per-project permissions of the guest user in the same way as other users EXCEPT that even if you give the guest user permissions beyond View Only and Reporter, the system will automatically reduce his permissions downward. * Modified search of comments to also search email bodies. * Bug's last update datetime/user is now updated when an email is sent. * Some people have reported that there are no borders around the comments in the email notifications. I made changes to print_bug.cs that may have fixed the problem. Not sure, sinece I could never reproduce the problem. If you had this problem before and this release fixes it, please let me know at ctrager@yahoo.com. * Added another query sample to setup.sql. This one shows the bugs that have been stuck the longest time without a status change. Here's the SQL if you want to try it out: select case when datediff(d, isnull(bp_date,bg_reported_date), getdate()) > 90 then '#ff9999' when datediff(d, isnull(bp_date,bg_reported_date), getdate()) > 30 then '#ffcccc' when datediff(d, isnull(bp_date,bg_reported_date), getdate()) > 7 then '#ffdddd' else '#ffffff' end, bg_id [id], bg_short_desc [desc], datediff(d, isnull(bp_date,bg_reported_date), getdate()) [days in status], st_name [status], isnull(bp_comment,'') [last status change], isnull(bp_date,bg_reported_date) [status date] from bugs inner join statuses on bg_status = st_id left outer join bug_posts on bg_id = bp_bug and bp_type = 'update' and bp_comment like 'changed status from%' and bp_date in (select max(bp_date) from bug_posts where bp_bug = bg_id) WhErE 1 = 1 order by 4 desc * In queries.aspx, now preserving the line breaks in the SQL, for easier reading. * Cosmetic changes to edit_bug.aspx, which I hope folks will like. * Printing of "detail" reports should have better performance. Before, the css styles were wrongly being included once per bug, not once for the whole page. ----------------------------------------------------------------------- Version 2.7.6 2008/2/8 ----------------------------------------------------------------------- * Fixed bug: when user has only view or reporter permission, the bug's short description was hidden on the edit_bug.aspx page. * Changed the implementation of filters dropdowns in the bug lists so that usually, they only show choices that are actually present in the bug list. Before this change, if you had external users looking at bugs assigned to internal users, the filter dropdowns would have been missing the internal users. Thanks to Suchacek Zdenek for reporting this. * I added a way to make it a bit easier for somebody with C# coding skills to build strict workflow rules in BugTracker.NET. See the new file, App_Code\workflow.cs. It's the designated spot for your custom C# code to control the transition of statuses. For example, if you want to say that the only valid status after "tested" is "deployed", or if you only want users in the "testers" group to mark a bug as "tested", then you could add your logic to this file. See the comments in the file for more detail. ----------------------------------------------------------------------- Version 2.7.5 2008/2/2 ----------------------------------------------------------------------- This release adds some LDAP/Active Directory support. Before deploying this release, you must change your Web.config file. Your Web.config might be different from mine, but for me, the change I had to make was from this: to this: To enable LDAP support, configure these settings in your Web.config: When you enable LDAP support, the application checks user passwords against the ones stored in your LDAP directory rather than the ones stored in the database. The zip also contains sample code for importing users from LDAP into BugTracker.NET's database. See "import_users_from_ldap_sample.cs". Also: * Fixed bug with duplicate users in user dropdowns that affected "external" users. Thanks to Suchacek Zdenek for help with this. * Fixed how app was handling bugs associated with inactive projects or inactive users, or users who are no longer marked assignable. Before, if a bug was assigned to an inactive user, and then you updated the bug in some other way, you would inadvertently also change the user too, because the inactive user was missing from the dropdown. Now, the current project/user is always FORCED into the dropdown, even if it is inactive. ----------------------------------------------------------------------- Version 2.7.4 2008/ 1/27 ----------------------------------------------------------------------- * With this version, BugTracker.NET no longer supports storing user passwords unencrypted. The setting "EncryptStoredPasswords" is now ignored because passwords are now ALWAYS stored encrypted. To upgrade to this version, run the following SQL to modify your database before deploying the new web pages: alter table users add us_salt int null As users log in, if their passwords had been stored unencrypted, the app will automatically update the database with the encrypted passwords. Or, you can encrypt all the passwords by invoking this page: upgrade_273_to_274.aspx Even passwords that had been encrypted before will be re-encrypted with a stronger encryption scheme. * Now using the the ASP.NET "App_Code" folder. Util.cs has been split up into several smaller files. * Adding attachments now updates the bug's last update date and user id. ----------------------------------------------------------------------- Version 2.7.3 2008/ 1/19 ----------------------------------------------------------------------- See "upgrade.sql" for database changes for this release. Run the relevant part of the script against your database to upgrade. * Added field level permissions for the non-custom fields. As admin, go to "organization" and see the field level permissions related to project, org, category, priority, assigned_to, status, and the user-defined-field. No field level permissions on custom fields or project-specific custom fields. * Added the concept of parent/child to relationships between bugs. ----------------------------------------------------------------------- Version 2.7.2 2008/ 1/12 ----------------------------------------------------------------------- THIS RELEASE FIXES SECURITY VULNERABILITIES. Please email me at ctrager@yahoo.com if you think there are still vulnerabilities. * Fixed the worst Cross Site Request Forgery (CSRF) vulnerabilities. This is work is related to bug 1867089 "Multiple XSS and CSRF vulnerabilities". Many thanks to Si Wong for discovering and reporting these important vulnerabilities. For more about CSRF, also known as "session riding", read here: http://www.cgisecurity.com/articles/csrf-faq.shtml Until you install this release, a worst-case scenario is, if you are an admin and logged into BugTracker.NET, and while you are logged in - while your browser cookie is still in effect - if a bad guy could get you to view his malicious web page, then just by viewing that page you could delete bugs from your BugTracker.NET database. With the fixes in this version, I've closed all the vulnerabilities that I know about. Specifically, I revised all the delete_xxx.aspx pages. I've also revised massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx. * Fixed the specific XSS vulnerability described in bug 1867089, where a user could enter javascript into a text custom field that would then be executed if a user without edit permissions views the page. I'm not aware of any other XSS vulnerability. * Fixed edit_self.aspx's project subscription dropdown. It shouldn't have been showing the "no project" option. * Fixed bug 978216 "Globalization problem on custom fields when type is float". Or rather decimal. Edit_bug.aspx was changed to handle the European decimal fields, which can use a comma as the separator instead of a period. Thanks to Christian Jundt for the code. * Added logic to insert_bug.aspx to allow for an attachment to be posted without wrapping it inside an email message. ----------------------------------------------------------------------- Version 2.7.1 2008/1/6 ----------------------------------------------------------------------- * The flag column in queries now has a filter, just like category, status, priority, etc. * Friendlier handling of sql errors in bugs.aspx, so that if you edit a query introducing a syntax error in the SQL, it's easier to get back to the query page. * Fixed bug 1661602 "Bug count is incorrect when filtering bugs". Now when a filter changes the number of bugs shown in a query, the text becomes: Showing N out of N bugs returned by query. * Resolved bug 1863186 "HideSql flag ineffective in 2.7.0". Actually, support for the Web.config "HideSql" setting was dropped in version 2.5.8, but I forgot to remove it from Web.config itself. ----------------------------------------------------------------------- Version 2.7.0 2007/12/21 ----------------------------------------------------------------------- * Fixed bug - "or" logic in search page allowed people to see items in the list that they don't have permission to see. The sql had been wrong, something like this: where has permission OR matches criteria 1 OR matches criteria 2 The corrected SQL is something like this: where (has permission) AND (matches criteria 1 OR matches criteria 2) * Fixed bug in search screen - the "organization" dropdown was showing organizations even if the user didn't have permission to see them. Now, if the user doesn't have permissions to see other organizations, the dropdown isn't even shown. * Fixed bug with the flag feature - flag.aspx was caching. Add logic to tell the browser not to cache flag.aspx. * Added new feature, "create copy". It will create a copy of a bug, not including related posts. ----------------------------------------------------------------------- Version 2.6.9 2007/12/14 ----------------------------------------------------------------------- Bugs: * Fixed bug in search "left outer join orgs on ct_id = bg_org" should read "left outer join orgs on og_id = bg_org". * Fixed javascript error with svn_log.aspx. Thanks to Walt Crosby for being persistent about reporting the bug and supplying the correct code. * Added missing permission check to subscribe.aspx. * Added isnull() to check for project custom fields in search.aspx, in case you have nulls in those fields. * Fixed some typos related to project custom dropdowns in search, for dropdowns 2 and 3. Also, improved performance of search with regards to project custom dropdowns. The page no longer makes a trip to the server if you are NOT using project custom dropdowns. * Fixed "Object not set to reference bug on this line in edit_bug.aspx when a user with Reporter permission tries to update a bug with a custom field: Line 1851: string val = Request[drcc["name"].ToString()].Replace("'","''"); New Feature: Add ability for each user to mark bugs with a personal flag, like, "Flag for follow-up". Use the new magic "$FLAG" macro in your queries as shown below. You also need the left outer join with the bug_user_flags table. Select ...., isnull(fl_flag,0) [$FLAG],... from bugs left outer join bug_user_flags on fl_bug = bg_id and fl_user = $ME ----------------------------------------------------------------------- Version 2.6.8 2007/12/07 ----------------------------------------------------------------------- Upgrade your database for this version using the SQL here: alter table bugs add bg_org int not null default(0) alter table orgs add og_other_orgs_permission_level int not null default(2) * Fixed bug 843284 "svn diff, blame can't handle unix style line endings" * Fixed recently introduced bug where view-only users were seeing the wrong values in the dropdowns. * Fixed bug with edit_user.aspx. It was losing the user's default query selection. * Fixed bug with adding subscribers in view_subscribers.aspx. Only the newly added subscriber should get a notification. * Fixed bug for when there are two "WHERE" clauses in the SQL and it's the second one that needs to be altered for the permissions. It's a workaround. First the logic looks for "WhErE", with the upper/lower case letters exactly like that. Note the weird capitalization. For an example, see setup.sql, "demo last comment as column". * Fixed bug with add_svn_file_revisions.aspx. It was submitting the data twice. Thanks to Walt Crosby for the fix. * Fixed bug 1707551 "[No project] = no edit" - when somebody adds a bug and doesn't set the project, then nobody can get to it in order to add the project if the DefaultPermissionLevel is not 2. New features: * You can now associate a bug to an "Organization". Typically, an "Organization" would be your company's customer, but it could also be a department within your company, or whatever group of users you want. * Added "Permission level for bugs associated with other (or no) organizations". This allows you to restrict a gorup of users to just being able to see bugs associated with that group. Typically, you would use this to restrict a customer, or an individual, to only seeing bugs associated with that customer or individual. ----------------------------------------------------------------------- Version 2.6.7 2007/12/01 ----------------------------------------------------------------------- * Added "organizations". See admin page. Some of the permissions that used to be on the third tab of the add/edit user page page are now on the add/edit organization page. If you are looking for something like a user "role", use "organization". Actually, this new "organization" entity doesn't really do much yet, but its the basis for the next round of changes, to make BugTracker.NET a better tool for an internal team to collaborate with external customers. * A query can now be visible either to 1) everybody, or 2) just one user or 3) just one organization. If anybody wants to modify the code, and upgrade.sql too, so that the query-role relationship is many-to-many, so that one query can be associated with multiple organizations, I'd welcome that. Send it to ctrager@yahoo.com * Repaired the very poorly documented "guest" user feature that's been in the app for a couple years. It still needs documentation. Set up a user with the username of "guest" and limited either view only, or reporter only permissions. He will be different than other users because he will not be able to save searches as queries or change his own settings. In this way, several people can share the same "guest" account. ----------------------------------------------------------------------- Version 2.6.6 2007/11/25 ----------------------------------------------------------------------- New Features: * Search now handles project custom dropdowns. Thanks to Jason Kresowaty, who took my primitive implementation and fixed and finished it. * The edit_bug.aspx page now has more "AJAX" behavior. Specifically, you can now do the following without having to first save your bug changes: add attachments dd relationships toggle show/hide images toggle show/hide change history get/stop notifications You still have to save your changes before clicking a link that would bring you to the send_email.aspx page. * You can now delete received emails if you are admin or have been given the permission by an admin. * Some changes to btnet_base.css to make it easier for folks to customize the layout of edit_bug.aspx. Bug fixes: * Adding an attachment caused the user doing the adding to receive notification even when "Send notifications even for items you add or change" was not checked. * Emails with attachements and bugs posted by screen capture caused an additional notification per attachment. * Along with this release I'm posting a new version of the screen capture utility, btnetsc.exe version 2.1.1. There was a bug fix: Posting a screenshot to an EXISTING bug wrongly created a NEW bug instead of adding an attachment to the specified existing bug. ----------------------------------------------------------------------- Version 2.6.5 2007/11/18 ----------------------------------------------------------------------- * !!!!!IMPORTANT!!!!! Print bug AND email notifications were both broken by 2.6.4 because the logic was looking for btnet_custom.css in the wrong folder. If you don't want to move to this release, then you can put an additional copy of btnet_custom.css into the parent btnet folder to fix the problem. * Cosmetic changes in the add/edit bug form. The goal is to make it easier to read for all three categories of users: - full add/edit permission - reporter only permission - view only permission In general, in the coming releases, I want to make BugTracker.NET better as a tracker that faces outside, customers, clients, users, rather than just a tracker that is used internally. * "Comment visible to internal users only" shouldn't have been visible to view-only users * In relationships page, "detach" link shouldn't have been visible to view-only users. * Hid links that view-only users shouldn't see: add attachment send email ----------------------------------------------------------------------- Version 2.6.4 2007/11/17 ----------------------------------------------------------------------- See "upgrade.sql" for database changes for this release. Run the relevant part of the script against your database to upgrade. * Created new "custom" folder and moved several files into it. All the files intended for customization are in this folder now, except for Web.config. When you upgrade to a new version of BugTracker.NET, just make sure you don't overlay your Web.config and all the files in the "custom" folder. * Added ability to specify subversion repository, user, password and WebSvn URL for specific projects different from the overall global settings in Web.config. * Fixed svn_blame.aspx. It wasn't HTML encoding the text of the document, so if the code had HTML tags, the page displayed nonsense. * RFE 1750613 "Project Description and name, not just name" * BugTracker.NET now gives you the choice of storing attachments in the database instead of in a file folder. You can switch the setting back and forth, because the app will always look in both locations if it can't find the attachment in the first location. Thanks to Jason Kresowaty who did all the work on this change. This satisifies the following RFE's: 1825966 "Attachment as BLOB field in DB" 1468063 "Image Upload in SQL Database" * "UploadFolder" setting was missing from recent versions of the Web.config file. * Fixed bug with send_email.aspx when forwarding comments entered with font/color formatting. Thanks to Jochen Jonckheere for the fix. * Changed "about.aspx" to "about.html". * RFE 1832515 "Show Field Name When Editing Custom Field" * Fixed default.aspx to use custom_logo.html. ----------------------------------------------------------------------- Version 2.6.3 2007/11/10 ----------------------------------------------------------------------- * The Web.config setting "LogoHtml" is now obsolete. Instead, there are now three new files that give you even more control over the look: custom_logo.html - The "BugTracker.NET" logo is in this file. If you are using "LogoHtml", copy your HTML to this file instead. You don't have to escape the HTML characters. custom_header.html - HTML that is written before the logo and links at the top. custom_footer.html - HTML this is written just before the closing tag. Changes you make in these files don't take effect until you restart the Web application - For example, by "touching" Global.asax by entering a space character in it. * More subversion integration: Added "TortoiseSVN_integration.bat" to the Subversion folder. It's another, nicer, way to integrate Subversion with BugTracker.NET. For general information about how this script works, see: http://tortoisesvn.net/issuetracker_integration Also modified btnet_post_commit.vbs to have the option to work with the nicer TortoiseSVN integration. It can optionally look for the bugid at the end of the checkin comment instead of the beginning. ----------------------------------------------------------------------- Version 2.6.2 2007/11/8 ----------------------------------------------------------------------- Along with this release of the web pages, there's a new release of the screen capture utility, btnetsc_2.0.exe. The new screen capture supports SSL. If you aren't using SSL, you don't need to upgrade. Thanks to Jason Kresowaty, who did all the work. Bug fixes in this release: * svn_diff.aspx ("diff") wasn't escaping HTML tags. * svn_diff.aspx didn't color some diffs right (when unified diff output omitted the number of lines in the block) * If "PromptBeforeLeavingEditBugPage" setting was turned on, toggle images/history links resulted in page-not-found. Also: * Added an additional way to integrate with Subversion, by adding a link to a WebSvn (or similar) web page. See the new Web.config setting "WebSvnUrl". * Swapped svn_log.aspx back to listing most recent on top. * Removed the "edit" column at the far right of the bug lists * Revised the page that generates registry settings for the screen capture utility, generate_btnetsc_reg.aspx. It no longer creates a setting for "Port" since you would now specify that in the URL itself, if it's not a standard port. ----------------------------------------------------------------------- Version 2.6.1 2007/11/5 ----------------------------------------------------------------------- Important bug fixes: * Adding a user didn't set the user's password correctly. You had to re-edit the users password before it really got into the db. This bug was introduced in version 2.5.8. * "EncryptStoredPasswords" setting in Web.config was being ignored. I think also introduced in 2.5.8. * Version 2.6.0 Subversion post-commit script wasn't handling multiline checkin comments. * Subversion post-commit script wasn't handling single quotes in checkin comments. * With the addition of the additional user fields in 2.5.8, the users.aspx page, the list of users, was hard to user because the "edit" link was so far from the name of the user. Moved it to the far left. Also, added the revised pre-commit script by Jason Kresowaty. Thanks Jason, for your patience. Also from Jason: * now displaying Subversion dates in a nice format. * svn_log.aspx handles deleted files better. ----------------------------------------------------------------------- Version 2.6.0 2007/11/3 ----------------------------------------------------------------------- Big changes to the Subversion integration. If you are using the new Subversion pages in 2.5.9, you should upgrade to 2.6.0. First of all, if you aren't using version control at all, start using Subversion and TortoiseSVN. If you are using SourceSafe, you might still want to experiment with Subversion/TortoiseSVN and BugTracker.NET together just to see what you are missing. IMPORTANT: To migrate to this release, run the SQL in upgrade.sql. The sql creates two new tables, svn_revisions and svn_affected_paths and loads them with whatever data you have in the bug_file_revisions table. These two new tables REPLACE your old bug_file_revisions table. I am not deleting that table, but I'm no longer supporting it. IMPORTANT: You **MUST** replace your BugTracker.NET subversion post-commit hook script to work with the new database tables and new web pages. Just modify the new one the same as the old, changing the path to the "svnlook.exe" command and your database connection string. I've also revised the script to make it easier to read and debug. Also, several new pages REPLACE the view_file_revisions.aspx page. You will be able to do the svn commands cat, log, diff, and blame from within BugTracker.NET. I'm interested in feedback on the Subversion integration, so please let me know what you think at ctrager@yahoo.com. For admins, there is a link at the bottom of the "revisions" page to manually connect a revision to a bug, in case there's a glitch with the post-commit script (like, the db was down at the time of the commit?), or if you forgot to put the bugid in the comment. Bug fixes in the subversion pages include: * Better handling of file renames, although it's not perfect. See the note on renames in Subversion's documentation: http://svn.collab.net/repos/svn/trunk/doc/user/svn-best-practices.html * Handling of spaces in file paths. * Fixed ocassionaly hangs capturing the stdout output of the svn command. Also, bug fixes unrelated to Subversion: * Added title to reports produced by "view data" link. * Fixed bug with single quotes in the both the labels and values of project-level custom dropdowns. ----------------------------------------------------------------------- Version 2.5.9 2007/10/30 ----------------------------------------------------------------------- Inportant bug fixes. New features too. Also, better Subversion integration. First, thanks to everybody who quickly reported the bugs in 2.5.8 and especially to Jochen Jonckheere who provided several of the fixes. And sorry to everybody for the inconvenience. So, first these are bugs that I introduced in 2.5.8 and am fixing in this release: * Edit_user.aspx as broken. If you tried to add a new user. * Notifications didn't get sent if the ONLY change was a change to comments. * Delete_comment.aspx was broken. * Translate.aspx was broken. * In the admin pages that list categories, statuses, priorities, the "id" column was missing and a new "hidden" column was showing. Other changes: * In the lists of bugs on the bugs and search pages, the filters, sorts, and page (when the list is long and has to be broken into pages) is remembered until you run a new query. This fulfills RFE 1720096 "Retain applied filters on bugs screen" and RFE 1632312 persistent sort/filter. * Now checking for dupe query names before saving * Changed the behavior of the "history", "relationships", "subscribers" links in edit_bug.aspx. Instead of them opening a fake modal-ike window, they open a real browser window. * Added "PromptBeforeLeavingEditBugPage" setting to Web.config. If you set it to "1", then clicking on the "add attachment", "send email", and the hide/show toggle links causes their to be a prompt warning the user that unsaved changes will be lost. It should be a per-user setting, but right now it's not. Sorry. Subversion Integration Because of the bugs I introduced in 2.5.8, I am doing this release ASAP I happen to be in the middle of improving the Subversion integration. If you give the web server machine client access to subversion, and set the following settings in Web.config appropriately, you'll see some of the new pages working. Maybe you want to experiment with them and give me feedback? In the next week or two I hope to complete this work and provide documentation. But for now, maybe experiment. I've also put a new Subversion "pre-commit" script into the Subversion folder. The author is Jason Kresowaty. Thanks to Jason for the script and for good info/advice about Subversion. "EnableSubversionIntegration" "SubversionRepositoryUrl" "SubversionPathToSvn" "SubversionUsername" "SubversionPassword" ----------------------------------------------------------------------- Version 2.5.8 2007/10/26 ----------------------------------------------------------------------- To migrate from 2.5.7 to 2.5.8 run the sql in upgrade.sql. IMPORTANT: This release affects user permissions and the behavior of the search page. It's possible that some non-admins will temporarily have FEWER permissions because I'm changing some settings to be from global, for the entire installation, to per-user. All users will be able to save searches as queries, but only users you choose will be allowed to edit the raw sql. Please keep reading for the details: * The following settings in Web.config are now obsolete. Instead of the global switches here in Web.config, you can now control these settings for individual users, which is explained in the next bullet point: HideSql AllowQueryPageForNonAdmins AllowBugDeletionForNonAdmins AllowCommentDeletionForNonAdmins AllowBugMergingForNonAdmins AllowAttachmentDeletionForNonAdmins AllowQueryEditingForNonAdmins * The following fields have been added to the users page, permission tab. Here's how they are explained on the page edit_user.aspx, in the permissions pane: Use the following settings to control permissions for non-admins. Admins have all permissions regardless of these settings. [] External user (External users cannot view posts marked "Visible for internal usrs only") [] Can edit sql and create/edit queries for everybody [] Can delete bugs [] Can edit and delete comments and attachments [] Can merge two bugs into one [] Can mass edit bugs on search page [] Can use reports [] Can create/edit reports [X] Appears in "assigned to" dropdown in edit bug page (defaults to true) Except for "Appears in 'assigned to' dropdown in edit bug page", all the other fields default to false. That is, if you had any of the "Allow" settings in Web.config set to "1", you will have to edit the user permissions to restore the feature to that user. For example, if you had "AllowBugDeletionForNonAdmins" set to "1", you will have to edit each user and check "Can delete bugs". You could also run some SQL to update settings for all users. The format would be: update users set XXX = 1 Replace X with one of the new fields: us_can_edit_sql us_can_delete_bug us_can_edit_and_delete_posts us_can_merge_bugs us_can_mass_edit_bugs us_can_use_reports us_can_edit_reports The end result of removing the fields from Web.config and putting them on the user page is that you now have finer-grained control over who can do what. * All users by default now have the ability to save search criteria as a private query that only that user can see. Users with minimum permissions cannot see or edit the sql itself. Admin can grant permission to individual users to see and edit sql, create public queries. * Added new feature/concept: a distinction between internal and external users. The feature is turned off by default. Enable by setting "EnableInternalOnlyPosts" in Web.config to "1". When enabled, acheckbox appears where you can add/edit comments or attachments. The checkbox lets you mark the comment or attachment as "Visible to internal users only". Users marked "external" on the edit_user.aspx permission pane won't be able to see them. Please read the entire comment in Web.config. * Added the ability to create a new user by copying an existing user. Everything on the edit_user.aspx page gets copied except for the source user's username, first and last name, password, email address, and email signiture. All the permissions get copied. * Cosmetic change. The links to "edit" or "delete" things like users, projects, categories have been moved from the far right to the far left. ----------------------------------------------------------------------- Version 2.5.7 2007/10/14 ----------------------------------------------------------------------- The changes in this release only affect appearance - the css files and how they interact with the web pages. Btnet_base.css has been changed so that more control of the tables is in .css. But good luck actually changing anything - I found that Firefox and Internet Explorer's reaction to table-related css changes to be very different. If you have made changes css changes to customize the look of tables, it's possible that you will have to adjust them with this release. But you'll end up with more css control. Also, if you have wanted to use css positioning, you might have found that changes to the edit page break the search page. Now the edit bug page, edit_bug.aspx, now additionally includes the btnet_edit_bug.css and the search page, search.aspx now additionally includes btnet_search.css. These new css pages allow you to change css positioning of elements on those pages indepenently, so that changes to positioning on one page don't affect the other. * Fixed bug 1806180 - "Sortable.js doesn't maintain class attribute on table." * Fixed bug 1778632 - "Using custom CSS formats Search page too" * Did RFE 1033103 - "Move All Formatting to CSS" ----------------------------------------------------------------------- Version 2.5.6 2007/ 9/23 ----------------------------------------------------------------------- No features or bug fixes in this release. The code is now more compatible with Visual Studio. The ideas for these changes come from Andrew McKay. You can now compile and publish the web pages using Visual Studio. More detail about the changes: * The files related to SharpMimeTool.dll have been moved to a separate "SharpMime" folder and now there is a csproj file too. * Likewise, code for btnet_service.exe and btnet_console.exe also have been moved to a seperate "btnet_service" folder and there are csproj files for each. * Renamed some "inc..." files so that they have an .inc file extension instead of an .aspx extension. The .aspx was confusing to Visual Studio. * Made minor changes to the code to make a lot of the compile warnings go away. You can ignore the warnings about about the obsolete System.Web.Mail and System.Configuration.ConfigurationSettings. They still work fine. ----------------------------------------------------------------------- Version 2.5.5 2007/ 9/21 ----------------------------------------------------------------------- Important bug fix: * Fixed bug 1800000 "Search.aspx throwing error in SQL" - because there's a space missing after the "and" or after the "or". * Fixed bug in insert_bug.aspx if screen capture or btnet_service.exe tries to use it after website has been idle for a while, related to forum thread "project email insertion causes strange error". ----------------------------------------------------------------------- Version 2.5.4 2007/ 9/16 ----------------------------------------------------------------------- * Enhanced search: Added radio button that allows users to use "or" logic between SQL where clauses instead of always "and". So, instead of where A = 1 and B = 2 and C = 3 You can do where A = 1 or B = 2 or C = 3 It's either all "and" or all "or". Also, for custom text fields that are not dropdowns, SQL uses "like" operator instead of equals. That is, search looks for rows where the field has a value that contains the text the user typed in rather than rows where the field has a value that exactly matches what the user typed in. * Fixed bug 1647742 "Popups don't close always and should have a delay". I you have disabled the popups because you thought they were annoying, I encourage you to try them again. Email me at ctrager@yahoo.com and tell me what you think. * Fixed bug in send_mail.aspx. The bug description and the fix are from Jochen Jonckheere: "The forwarded email didn’t contain the original e-mail, or just a part of it. The cause is that FCKeditor sees a < or > as the beginning of a tag and if it isn’t a valid one the rest of the text is ignored. This only occurs when using Firefox." * Fixed bug 1789400 "Error when searching with no criteria selected". The problem was a custom column with the characters "order" as part of its name. Confused my logic that looks for the "ORDER BY" clause in SQL. ----------------------------------------------------------------------- Version 2.5.3 2007/9/3 ----------------------------------------------------------------------- * Added support for GMail SMTP and POP3. See new settings in Web.config and btnet_service.exe.config. Thanks to Eric (TehOne) Lebetsamer for the code. * Fixed bug 1771868 "Tabs don't change on settings pages for IE" * Fixed bug 1766649 "Decimal custom fields cause search.aspx to crash" Thanks to "David" for the code. * Added "LogSqlEnabled" setting in Web.config, which you can use to log less by setting to "0". ----------------------------------------------------------------------- Version 2.5.2 2007/ 7/15 ----------------------------------------------------------------------- * I posted version 1.9 of btnetsc.exe, the screen capture utility. It now works with non ascii (Chinese, Arabic, etc), both the short description and the longer comment area. Also, you no longer have to tell it the "codepage". (This was my own personal #1 bug. I probably spent 100 hours trying to get btnetsc.exe to fully support Unicode. Whew!) * RFE 1749357 "Allow filtering on empty field" - Added [none] and [any] options to the dropdown filters. In order for these to work right, you have to make sure that all your bug queries return blanks, not nulls for columns with no value. See setup.sql for how I've used "isnull" in the queries, for example: select .... isnull(ct_name,'') .... left outer join categories.... * RFE 1744256 "please remove 7000 character limitation" - removed the restriction. * RFE 1746947 "Filter User List (Admin page) - show/hide inactive users" * Fixed date format in btnet log (for debugging). It should always show time down to seconds regardless of app's display format. * Added some logging messages that might help folks who have the problem where they log in and get redirected back to the login page over and over. It doesn't fix the problem, but it makes it clearer if the problem is being caused by the failure of the browser to send the cookie back that was issued to it when the browser logged in. ----------------------------------------------------------------------- Version 2.5.1 2007/ 6/26 ----------------------------------------------------------------------- * Fixed upgrade.sql. It was missing the "pu_admin" column on project_user_xref, required for upgrading to 2.5.0. * Fixed generate_btnetsc_reg.aspx. It had the wrong registry key. Thanks to "romwil" for the code for this fix. * Enhanced insert_bug.aspx so that categories, etc can be controlled from the query string. See README.HTML. Look for "$CATEGORY$". * Added a "more CSS info..." link to edit_priority.aspx, edit_status.aspx. If you are using CSS styles to indicate different priorities and statuses, or if you are interested in doing so, then click on that link. The new page (edit_styles.aspx) gives you an overview of the combined effect of the priority and status styles. ----------------------------------------------------------------------- Version 2.5.0 2007/ 6/15 ----------------------------------------------------------------------- Run this SQL for this upgrade (also found in upgrade.sql) alter table users add us_enable_bug_list_popups int not null default(1) alter table users add us_created_user int not null default(1) * Added new feature "project admin". An admin is able to give permission to a regular user to add and delete users for specified projects. This features satisfies RFE: 1451208 "New role of project admin - can add users for his project" Does not satisfy the following which deals with changing project settings. 1719295 "Admin for his own project" * Added ability in user settings to turn OFF the green popups in the bug lists. * This won't matter to you unless you have modified your copy of BugTracker.NET's source code: Re-arranged some code. I moved things out of a couple of the "inc" files and into util.cs. I also organized the code a bit within util.cs into more classes. The following files are now gone: inc_insert_bug.aspx inc_print_bug.aspx edit_user_permissions.aspx * Added a link "screen capture" to bugs.aspx to make it easier to get started with the screen capture utility. From it you can download the screen capture utility from sourceforge and you can generate a .reg file to initialize btnetsc.exe's settings. *Along with this release, I'm posting btnetsc_1.8.exe. (The screen capture utility). It now looks for its settings in a new place in the registry that isn't version dependent, so that as you upgrade without loosing your previous settings. * Also new in screen capture utility, You can now also post screen capture images to EXISTING bugs rather than being forced to create new ones. * Rearranged the code in upgrade.sql, so that the most recent entries are at the bottom instead of the top. * Emails are now sent UTF8 encoded. If somehow that breaks things for you, set the new "BodyEncodingUTF8" Web.config setting to "0". * Made cosmetic changes to the "settings" page the pages for editing users, edit_self.aspx and edit_user.aspx. They have something like tabs now, except that the tabs don't look like tabs. ----------------------------------------------------------------------- Version 2.4.9 2007/ 5/12 ----------------------------------------------------------------------- To migrate from 2.4.8 to 2.4.9, run the sql in upgrade.sql: alter table bug_posts add bp_comment_search ntext null alter table users add us_use_fckeditor int not null default(0) alter table bug_relationships alter column re_type nvarchar(500) * This release integrates "FCKEditor" (www.fckeditor.net). To try it out, go to your user settings and check "edit using colors and fonts". Thanks to Jochen Jonckheere for this nice new feature. * Changed the documentation in README.html. Most important to some of you, I added instructions on how to use the Visual Studio debugger with BugTracker.NET. (Thanks to the anonymous person who posted the instructions on the sourceforge forum.) * Fixed bug 1708170 "Using presets does not refresh Re-assign drop down". I fixed it by removing "project" as one of the fields that the preset link changes. * Fixed bug - Dropdown filter was showing users who didn't have permissions in projects for which the logged in user has permissions. * Fixed bug 1689731 "bug relationship with long comment causes SQL error". I increased the size of the column 500. * Fixed bug where users without project permissions related to the logged on user were being displayed in the user filter dropdowns of the bug lists. * Changed the send_email.aspx "To:" field allow for more characters. * The "edit comment" page is now only available for comments. Not for sent emails, history of updates. It doesn't make sense to be able to edit the text of an email after it has been sent. * Cosmetic improvements: Changed edit_bug.aspx so that its appearance can be a bit more controlled using style sheets. I also added some more sample code to btnet_custom.css. The intent of the changes and the sample code was to show that you could align the column of the labels and dropdowns the way you liked, using css. * Recompiled btnet_service.exe, just in case I had forgotten to last time... Sorry... * Corrected the spelling of "EXCEPTION" in Global.asax. * Added a note about the "sessionState" setting and the "mode" attribute in Web.config. * Fixed another null object error in "print details" related to ASP.NET session timeout. * Fixed bug where emails weren't being processed right because header fields said "from:" instead of "From:". Discussed in Help Forum topic "from: missing from emailed bugs". For more info, see: http://www.devnewsgroups.net/group/microsoft.public.dotnet.framework/topic62515.aspx * Now preventing passwords from being filled in automatically on the "edit user" pages. Added "autocomplete=off" to password and confirm password fields. * Not sure if this made it into the compiled version of btnet_service.exe or not in 2.4.8, but this time for sure the service now is marked as having a dependency on TCPIP. That allows Windows to know that it needs to start the network stuff before it starts this service, like when the server is rebooted. Thanks to Jochen Jonckheere. ----------------------------------------------------------------------- Version 2.4.8 2007/ 3/11 ----------------------------------------------------------------------- * Fixed bug 1663239 "Swedish characters stripped in email bug reports" The problem is related to how the POP3 service client reads the input. I'm a little bit worried that my fix is risky, so only turn on the fix if you think you need it. To turn it on, set "ReadInputStreamCharByChar" in btnet_service.exe.config to "1". * Fixed bug 1672988 "Custom user dropdown shows integer rather than name in email" * Fixed bug 1643938 "Item has already been added. Key in dictionary: SERVER_NAME". Or, at least I hope I fixed it. I can't reproduce it, but I got rid of the line of code that was causing it, I think. Let me know if you still have this problem. The folks who have had it say it is very infrequent. * Fixed bugs 1649980, 1638919 "ERROR AFTER SESSION TIMEOUT". I'm still using ASP.NET session variables in a few places, but not the one here that was causing problems. * Added logic for RFE 836604 "allow customization of subject field of e-mail notifications". Related to this RFE, the app is no longer using Web.config setting "PutTrackingIdStringInNotifications". Instead, it is using new Web.config setting "NotificationSubjectFormat", which can do what the "PutTrackingIdStringInNotifications" setting did, and much more too. See comments in Web.config for "NotificationSubjectFormat" on how to use the new setting. * When you add somebody ELSE as a subscriber to a bug, that person will now get a notification at that moment, instead of having to do a subsequent change to trigger the sending of the email. * Changed btnet_base.css to make the filter dropdowns less wide. Not much difference on IE, but it helps with screen real estate on Firefox. * Added X axis labels to the line charts you can view from the "reports" page. * Made some minor performance improvements by batching up SQL on the search.aspx page. ----------------------------------------------------------------------- Version 2.4.7 2007/ 3/02 ----------------------------------------------------------------------- * "Fixed" bug 1654938 "Edit a comment destroys Umlaut's". Actually, I can't reproduce the problem, but I added a line in Web.config so that if you do have the problem you can turn on a fix for yourself. See the new Web.config setting "HtmlDecodeComment". * Add others as subscribers. From the subscribers link on the edit_bug.aspx page, you can now add others besides yourself as subscribers. * Changed btnet_service.exe "Installer" to record dependency on TCP/IP. Used code from Jochen Jonckheere verbatim. * Added "TotalErrorsAllowed" to btnet_service.exe.config. The comment there says: "How many errors should we allow before the fetch loop automatically stops? This is a safeguard in case there is some sort of problem with the web server where insert_bug.aspx does succeed in inserting the bug, but somehow fails to give a good response to this service. If the service doesn't get a good response, it will not delete the email from the pop3 server and will try to insert the email again when the fetch interval triggers another loop. The result can be a lot of duplicate bugs generated from the one problem email. This has happened to a couple people...." ----------------------------------------------------------------------- Version 2.4.6 2007/ 2/24 ----------------------------------------------------------------------- I added some integration with Subversion. If you aren't using Subversion, don't bother with this release. If you want to do the integration, run the sql in upgrade.sql and then read the instructions in the file. "btnet_post_commit.rename_to_vbs" Before using it, rename it to btnet_post_commit.vbs. With this script, when you commit to cvs, if you put the bugid at the start of you commit comment, the script will insert recs into a new bug_file_revisions table connecting the bug with the revision and the files. ----------------------------------------------------------------------- Version 2.4.5 2007/ 2/22 ----------------------------------------------------------------------- The handling of incoming emails is better with this release. I'm using the latest SharpMimeTools, downloaded from here: http://anmar.eu.org/projects/sharpmimetools Here's the line I use to compile the source into the dll: C:\cit\btnet>csc /debug /R:log4net.dll /target:library SharpMimeTools.cs ABNF.cs SharpMessage.cs SharpMimeAddress.cs SharpMimeHeader.cs SharpMimeMessage.cs SharpMimeMessageCollection.cs SharpMimeMessageStream.cs SharpDecodeOptions.cs SharpTnefMessage.cs Besides using a newer SharpMimeTools, I also made fixes to my code: * Fixed bug 1665336 "Thunderbird e-mails end up as HTML code". I'm now making an attachment of everything that does NOT look like the plain text message body. * Fixed bug 1663242 "Email attachments not working for Thunderbird". A variation on the same problem. * Fixed bug parsing incoming emails with multiparts nested within multiparts. A symptom of the bug was that I was failing to find a message body. * New Web.config "ProcessVariablesInEmails" setting for turning variable parsing on and off. Set to 0 by default, so if you were using these variables, make sure your Web.config now has this set to 1. * Added another variable parsed in the email, $PROJECT$. See sourcecode of insert_bug.aspx for how these work. * Changed all uses of @@IDENTITY in SQL to scope_identity(). * Added "PutTrackingIdStringInNotifications" to Web.config. This is related to the forum thread "TrackingIdString". http://sourceforge.net/forum/forum.php?thread_id=1676067&forum_id=226938 * Added support for RFE 1641374 "Automatically re-open an issue". See Web.config setting "StatusResultingFromIncomingEmail". ----------------------------------------------------------------------- Version 2.4.4 2007/ 1/14 ----------------------------------------------------------------------- Minor bug fixes only in this release. Fixed bug 1635411 "error when user is view only, and default perm lvl is 0". Fixed bug with bugs.aspx and $fullnames in SQL, in bugs.aspx Fixed bug with "[first]" link as discussed in Help forum topic "[last] / [first] link issue". Fixed problem with old sql in upgrade.sql as discussed in Help forum topic "Updgrade issues from v1.9.6 to v2.4.3" Fixed problem with custom user dropdowns as discussed in Help forum topic "User type custom col history shows user id" Fixed bug 1605280 "SSPI login fails if the user's full name contains ' [single quote]". I added "HtmlEncodeSql" setting in web.config. If you are having the problems described in these bugs, try setting it to 1 and let me know at ctrager@yahoo.com if it helps. 1590120 html encoding wrong for editing queries 1585740 "Saving Query does not allow < or > symbols?" You can now pass the user and password to default.aspx in the URL, like http://YOURHOST/default.aspx?user=admin&password=admin ----------------------------------------------------------------------- Version 2.4.3 2006/11/19 ----------------------------------------------------------------------- Minor fixes: * Fixed bug 1595637 "btnet 2.4.2, ToTable() doesn't compile in .NET 1.1" * Fixed bug 1597628 "Default search.aspx SQL doesn't work with UseFullNames" * Fixed crash on null when bug's fk to user defined attribute table, or something similar was pointing to a non-existent row. This happens if you delete a row in the status, permission, category, or user defined attribute table directly in SQL instead of going through the webpages. The webpages stop you from deleting rows if they are referenced by bugs. * I added a page "default_simple.aspx". Some folks have experienced the following symptom: They setup up BugTracker.NET and try to log in for the first time and after typing in the valid user/password the next page they see is still default.aspx, with no error message. If you are having this problem, try default_simple.aspx, and maybe that will work? ----------------------------------------------------------------------- Version 2.4.2 2006/11/12 ----------------------------------------------------------------------- For this upgrade, run these sql statements: alter table custom_col_metadata add ccm_sort_seq int default(0) alter table custom_col_metadata add ccm_dropdown_type varchar(20) null I changed Bug_list.js. Sometimes when I change javascript files folks report problems. The solution is to clear the browser cache so that the browser gets the latest file. * When adding a new bug, now displaying a project's default user before the bug has been added to the db. * Fixed bug where searching on text fields wasn't working with unicode. * There's now a new type of custom field, a "user" dropdown. It is populated with the same list of users as "assigned to". In other words, it follows the same permission rules. For those of you who wanted an "owner", in addition to the "assigned to", or something like that, I think this will work for you. * You can now specify what order custom fields appear on the screen. It used to be they displayed in the order that you created them. Now they display in the order that you arrange them. If you want more control over layout, use the custom css file. * The filters feature, the ones that you see in the column headings, has been enhanced. There are now filters for custom fields which are dropdowns, including the new "users" dropdown, the "User Defined Attribute", and the "reported by" and "assigned to" fields. * Custom columns are now automatically added as "SELECT" columns in the SQL being generated by the search page. In the past, they had been added to the search results, but not to the SQL you could see at the bottom of the page, that you could save as a query. * On the search page, custom columns which are dropdowns are presented as dropdowns that allow multiple selection, just like the built in fields like "category", etc. * On the search page, custom columns which are NOT dropdowns, which are presented as simple input fields now support multiple entries, seperated by commas. ----------------------------------------------------------------------- Version 2.4.1 2006/10/28 ----------------------------------------------------------------------- * Fixed bug 1583153 "Add New Bug" gives security warning using IE, this page contains both secure and nonsecure items. * Fixed bug 1583310 "Print Detail crashed tracker when bg_id isn't called 'id'" * Fixed bug 1584916 "Custom dropdown, first option not visible in IE" * Corrected HTML encoding in popups in bug list. * Added Web.config setting "SmtpUseSSL". If your SMTP provider requires SSL. Gmail, apparently, does. * Added Web.config setting "BugListFormSubmitMethod". Here's what I wrote in Web.config: "When navigating back to the bug list using the browser's "Back" button, do you get a warning "Warning: Page has Expired"? If so, try changing this from "POST" to "GET". But, if you get a javascript error when submitting the form around the line "theForm.submit()", then use "POST". GET can break if you are sending too much data back to the server - and ASP.NET's viewstate mechanism is kind of long." This change covers RFE 1583779 "back to the view page" ----------------------------------------------------------------------- Version 2.4.0 2006/10/21 ----------------------------------------------------------------------- You will need to run this SQL to upgrade to this release. create table custom_col_metadata ( ccm_colorder int not null, ccm_dropdown_vals nvarchar(1000) not null default('') ) create unique index cdv_index on custom_col_metadata (ccm_colorder) * Finally added ability to create as many dropdown custom fields as you want. Try the "admin" "custom fields" page. This change is related to these RFEs: 1578265 "custom listbox" 1063616 "CODE TO CREATE PICKLIST CUSTOM FIELD POSTED HERE" 1556453 "allow unlimited custom dropdowns - global or proj specific" * Made default values for custom fields actually work right. This was RFE 1017561 "Ability to create default value for custom fields". * Added "Presets" feature to edit_bug.asp. Set all 6 dropdowns with one click. * Adjusted copyright notice so as not to interfere with exporting to excel. * Fixed bug 1578303 "edit_self.aspx can't handle NULL in users.us_default_query" * When there were to many pages, the links to move from pages stretched across the page. Now showing thirty at a time. * Fixed bug 1014749 "CHNGING PRJCT: shouldn\'t be able to change to view only prj" * Fixed bug 1346170 "Bugs stranded if no Project assigned" * Fixed bug 1463935 "View only user should not be able to edit comments" * Fixed bug 1040849 "CHNGING PRJCT: bug_subscriptions not updated". ----------------------------------------------------------------------- Version 2.3.9 2006/10/13 ----------------------------------------------------------------------- * Fixed bug 1575345 "Datetime conversion error on bug updt (localization problem)". If your times use "." as a seperator instead of a ":", this will help you. * Related to above, corrected default "SQLServerDateFormat" in Web.config to "yyyyMMdd HH\:mm\:ss". * I revised Web.config comments based on info in 1239348 "CultureName comments in Web.config misleading regarding date". * Fixed bugs 1521559 "Search Page Too Wide With Long Custom Fields" and 1575969 "large custom field shows as "text", not "textarea" in search" * Fixed bug where a ">" in the sql saved as a query were saved as ">". * Fixed handling of single quotes in search.aspx in custom fields. * RFE 1575859 "custom link at post level, same as link at bug level" Jochen Jonckheere did the work and contributed a fun example that can translate a bug comment from one language to another. See the new "CustomPostLinkLabel" and "CustomPostLinkUrl" settings in Web.config. ----------------------------------------------------------------------- Version 2.3.8 2006/10/11 ----------------------------------------------------------------------- Just one big fix - for bug 1575066 "bugs.aspx not dispayed in IE". Sorry everybody. You can just edit your copies of bugs.aspx and search.aspx instead of downloading this version. Change this: