Loading...
 
Skip to main content

Category: Bug

Tickets reporting bugs. Some bugs reports can be categorized in more specific categories such as "Bug::Security" and do not *have* to be directly categorized in this category, but it is never an error to categorize a bug report in this category.
Bug
Show subcategories objects

Name Type
tmpDir is the empty string by default , unable to write to temporary directory
when I choose to "Upload a new version" of a "myfile.xls" I get this error:

PHP (5.6.31) ERROR (E_WARNING):
File: lib/filegals/filegallib.php
Line: 3430
Type: move_uploaded_file(/myfile.xls.tmp): failed to open stream: Permission denied

And at the top of the browser window it says:

Check that these paths exist and are writable by the web server: /tmp/phpaMyPJu /myfile.xls.tmp

1. notice the root level directory
2. notice the space before /file
tracker item
`session_protected` feature is broken if HTTPS termination happens outside of PHP's reach
In `tiki-setup_base.php` file there is a broken piece of code that looks like this:

{CODE(wrap="0" colors="php" theme="default")}<?php
$noSSLActive = ! isset($_SERVER['HTTPS']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'off');
if (isset($prefs['session_protected']) && $prefs['session_protected'] == 'y' && $noSSLActive && php_sapi_name() != 'cli') {
header("Location: https://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}");
exit;
}{CODE}

which results in infinite loops if 'session_protected' is set to 'y' and `HTTPS` variable is not set. Also this piece of code doesn't handle different base urls, ports, ...
tracker item
'Allow full HTML' doesn't work in articles
For royalty collection, I have to add the loading of a counting pixel in an article. As long as Tiki does not have a plugin for royalties, the insertion of an image load must do.

Unfortunately, checking the checkbox "Allow full HTML" doesn't do that...

I add this to the article's source:
{CODE(Colors="Tiki")}
<img src="http://vg05.met.vgwort.de/na/002984facd3d4aae9ca54f8b724c4434" width="1" height="1" alt="">
{CODE}

And then I check "Allow full HTML" and click on Save.

The result is that the above string is output as plain text (and the double quotes get translated into typographical quote signs)...
tracker item
'Rename Wiki Page when changed in tracker' does not work with mathematical calculation
Using trackers, if I have a wiki page field getting the name from a mathematical calculation field, the wiki page name is not updated after the mathematical calculation field content changes.

Instead, the renaming works fine when the wiki page gets its name from a Text Field.

In my opinion, from the usability viewpoint this is quite critical.

A demo has been created.
tracker item
"Advanced" tables altered when "Use Wiki syntax in WYSIWYG" (wysiwyg_htmltowiki) is enabled
The WYSIWYG editor supports tables whether the content is stored as HTML or as Tiki/wiki syntax. However, Tiki syntax only supports basic tables. CKeditor offers advanced operations on tables via secondary click -> Cell, such as merging, splitting, and propably everything in Cell Properties.

The result of advanced operations will generally be lost. In a few cases, these operations will properly carry to wiki format after conversion.
After advanced operations, the issue will be noted either after saving, or simply by switching to Source and going back to WYSIWYG.

For example, the table with a fixed left cell width...
{CODE(colors="htmlmixed" theme="default")}<table class="wikitable table table-striped table-hover">
<tbody>
<tr>
<td class="wikicell" style="width: 123px;">1</td>
<td class="wikicell">3</td>
</tr>
</tbody>
</table>{CODE}
...is simply converted to wiki...
{CODE(colors="tiki" theme="default")}||1|3||{CODE}
This issue exists in both Tiki 12 and r65080 trunk.
tracker item
"Copy" action on wiki page credits author of copied page as author of copy
If user William creates wiki page Foo, then user Bob creates a copy of Foo named "Foo-ng" by using the "Copy" action on tiki-listpages.php?cookietab=1, the new wiki page's history will show William as the author of version 1 of Foo-ng, rather than Bob. While it would be useful to keep the copied page's history - including its authors - in the copy's history, this is misleading. If there is a single author mentioned, it should be Bob.
tracker item
"SVN update" button doesn't work anymore on existing show instances
{syntax type="tiki" editor="plain"}
{syntax type="tiki" editor="plain"}
As the subject says...
You can try on this item for example: https://dev.tiki.org/item6279-Icons-Unseen-with-Fivealive-Theme
tracker item
{{itemId}} broken in templates in 27.3 (works in 27.2)
{syntax type="tiki" editor="plain"}
Using { { itemId } } in a template shows the actual itemId followed by an equal sign in Tiki 27.3. This works normally is Tiki 27.2
tracker item
/templates/modules/mod-login_box.tpl broken translation
In /templates/modules/mod-login_box.tpl there are two (?) broken translations, tr in curly braces not closed & not opened, thus creating a HUGE text that gets pumped into tra, which contains mostly Tiki source code and of course lots and lots of line breaks and tabs...
{CODE(Colors="Tiki")}
{elseif $prefs.auth_method eq 'saml' && $showloginboxes neq 'y'}
<b><a class="linkmodule" href="tiki-login.php?auth=saml">{tr}
{if $prefs.saml_option_login_link_text eq ''}
Log in through SAML2 IdP
{else}
{$prefs.saml_option_login_link_text}
{/if}
{/tr}</a></b>
{if $prefs.saml_options_skip_admin eq 'y'}
<br /><a class="linkmodule" href="tiki-login_scr.php?user=admin">{tr}Log in as admin{/tr}</a>
{/if}
{else}
{CODE}
I set the importance to a higher value, because it is the user login that gets affected... Also, it affects ALL languages, including English...
tracker item
19.x: A Group assignment to many users is lost repeatedly under unknown conditions
A Group assignment to many users is lost repeatedly under unknown conditions

It's the third time I have to re-assign that groups to those users.
I have no clue why this happens :-(
tracker item
403 Error on installaition
During the installation at the step of inserting information from the database when I insert wrong information I have an error'__The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again late__' but when I insert good information everything goes correctly, in my opinion when inserting bad information we should rather display a message saying that the information inserted is not correct.
tracker item
Accounting: Illogical decimal separators
/lib/core/Tracker/Field/Computed.php says "This feature is still in place for backward compatibility. While it has no known flaws, it could be used as a vector for a malicious attack. A webservice field or custom JavaScript is recommended instead of this field.". Well, I know a flaw :-)

Look at lines 46 and 53:
{CODE(Colors="Tiki")}
'dec_point' => [
'name' => tr('Decimal separator when displaying data'),
'description' => tr('Single character. Use "c" for comma, "d" for dot or "s" for space. The valid decimal separator when inserting numbers may depend on the site language and web browser. See the documentation for more details.'),
'filter' => 'text',
'default' => '.',
'legacy_index' => 2,
],
'thousands' => [
'name' => tr('Thousand separator when displaying data'),
'description' => tr('Single character: use "c" for comma, "d" for dot or "s" for space. When inserting data, no thousands separator is needed.'),
'filter' => 'text',
'default' => ',',
'legacy_index' => 3,
],
{CODE}

Well, use c for comma or d for dot or s for space. Well. But the defaults are "." and "," :-) Whoever wrote the description did not write the defaults :-)
tracker item
Action log: changing settings on filtered view removes checkmarks on other views
When you utilize Tiki's action log, you must first set which actions to record and which to review. Because the list is quite long (although some actions are inexplicably missing, like 'remove' on articles) you can filter the view.

Let's make it a use case: You want to record & review all creations and all deletions.

So you set the filter to type="All" and action="create". Then you check all checkmarks and press Ok to save.

Then you set filters to type="All" and action="remove". Then you check all checkmarks here, too and press Ok to save.

This should be it.

When you now set filters again to type="All" and action="create" you'll see that all your checkmarks have magically disappeared.

Analysis shows that when to check checkmarks on all elements on the current view, upon saving ALL those currently not viewed get saved als "unchecked", which is wrong... Those ''must'' remain unchanged!

There is only one way to deal with all elements, and that is the unfiltered list. That gets saved faithfully. This bug renders the filtered view useless for all purposes except for viewing...
tracker item
Activity Stream doesn't display created or modified wiki pages
Activity stream / Activitystream doesn't seem to be able to display changes in wiki pages.
Tested in 20.x, with admin, adding new pages from tiki profiles, and editing pages from there.

Activity stream reports no changes in wiki pages.
This might be either a bug in the feature or a problem with the documentation about the feature:
https://doc.tiki.org/tiki-index.php?page=Activity%20Stream

Reproduced here:
http://xavi-9794-6803.show2.tikiwiki.org/tiki-index.php?page=Profile_Activity_Stream
u: admin
p: 12345

tracker item
Add checks for node/npm in tiki-check.php
{syntax type="tiki" editor="plain"}
tiki-check.php does not check for the availability of Command-Line -+npm+- or the version of -+npm+-. It should.

I believe Tiki does not need npm to run, npm is required only for running -+sh setup.sh+-.
-+sh setup.sh+- is needed for GIT installations.

The absence of -+npm+- with a propoer version means installing from GIT is not possible and tiki-check.php should inform of this.

There is a related discussion during the [https://recordings.rna1.blindsidenetworks.com/citadelrock/d559965849921585c1849af03b7a51638700d979-1763647044279/presentation/|November 2025 Roundtable Meeting]
tracker item
Admin icons on main control panel are not centered anymore
{syntax type="tiki" editor="plain"}
https://ibb.co/tTWCXJmM
tracker item
Admin interface, weird behavior with Orphan Preferences panel and the adminanchors small icons
On a Tiki25 when I go to tiki-admin.php I can see the control panels tiles and the last one is "Orphan Preferences".

If I select a control panel that then displays the adminanchors small icons the last option is never "Orphan Preferences" but is changing for the panel I'm actually on.

{img fileId="2112" thumb="box"}

{img fileId="2113" thumb="box"}

{img fileId="2114" thumb="box"}

My understanding is that the adminanchors small icons should displays the same option (if enabled) as the Control Pnael admin page.
tracker item
Admin interface; Color choice for alert-warning pref_dependency (missing preferences) link is bad (constrast)
The link displayed in a alert alert-warning pref_dependency highlight, an error we can see if a preference is missing or required, is not very good by default.

{img fileId="2049" thumb="box"}
tracker item
Admin Log-in, When using "Use email as username" the username related settings shouldn't be applied
At tiki-admin.php?page=login , Username, when I enable "Use email as username" some username settings are now hidden (meaning not in use) but they are still applied.

Minimum length
Maximum length
(And may be "Force lowercase")

I created an instance to test and reproduce.
You need to "really" register a user, not using the admin user to create new users.

How to reproduce :
# Go to Admin, Control Panels and switch to "Advanced" (to see advanced preferences)
# Go to log-in : tiki-admin.php?page=login, Registration & Log in
# Enable : Users can register
# Disable : Validate new user registrations by email (we don't want to validate email)
# Go to : Username and set "Maximum length" to 6
# Apply (save)
# Use a different browser (check you are not logged), go to the Tiki and register a new user
# Try to input more than 6 characters for the username, you will see this error:
+ {img fileId="1689" thumb="box"}
# Go back to your previous browser (logged as admin), log-in : tiki-admin.php?page=login, Username
# Enable "Use email as username" option
+ The parameters Minimum length, Maximum length, (And may be "Force lowercase") will be hidden has not relevant anymore.
# Go back to your different browser (check you are not logged)
# Create a new user with an email for login (obviously longer than 6 characters).
+ You won't see an error on focus
# Submit your registration and you will see the error:
+ {img fileId="1690" thumb="box"}

The difference of treatment in the process make me think there is some wrong additional condition that should be cancelled if "Use email as username" is enable.
tracker item
Admin page for plugins (tiki-admin.php) does not offer paymentlist checkbox
On the admin page to enable/disable plugins (tiki-admin.php) paymentlist is missing the checkbox, instead only this text is displayed: "paymentlist: Show details of payments. The payments considered may be restrained by user or date.".

The result of this bug is that the plugin Paymentlist cannot be activated or de-activated! Whatever the setting is on your Tiki installation, you cannot alter it through the Admin UI.
tracker item
Admin, CSRF timeout value; Default value is wrong and can't be reseted (saved back)
At tiki-admin.php?page=security you can set the value for the CSRF Security timeout.

The default says it is 14400 but the value displayed (by default) is 1440.
The tooltip says : ".../... subject to a default maximum of four hours in any case."

The default value set in the pref field is wrong (seems it should 1440 instead of 14400).
tracker item
Admin, preferences; The "default" status for the GUI for the list plugin is wrong
On the control panels, Editing, Plugins, right after installation, the GUI for the list plugin for several options and preferences has a "turn back" icon, "Reset to default value". (wrong as this is the default - thing was changed)

While it visually do the job (it reset the field or selector value) on Apply (Save) things are back to what they were.
Unchecking manually a checkbox seems to work.

Check the instance.
{mediaplayer src="display1939"}
tracker item
Advanced rating has no delete function
The advanced rating is so advanced, that you can only add new ratings and edit them, but there is no delete functionality... The wrench icon carries only "settings", which simply reloads /tiki-admin.php?page=rating, and there is no delete anywhere :-)
tracker item
Alert when creating an external hyperlink and Ajax auto-save is disable
On a Tiki20 I can edit the default Wiki page, select text and create an external hyperlink using the toolbar button.

If I do that with "Ajax auto-save" enable (by default) all goes well.
If "Ajax auto-save" is disable I got the following alert;
{img fileId="1308" thumb="box"}
tracker item
Allow viewing user favorites
The User favorites feature (enabled by preference user_favorites and [https://doc.tiki.org/Favorites|documented]) allows users to define favorites, but does not let them view the favorites they have defined.

A controller similar tiki tiki-user_watches.php could be added so that users can actually use the feature.
tracker item
Show PHP error messages