[This is a copy of the announcement sent on mantisbt-announce@lists.sourceforge.net]

 

Ho, Ho, Ho!!!

 

The 0.18.0 official release is finally available.  It has been a long wait since 0.17.5, but it is worth it.  This release contains literally hundreds, if not thousands, of changes.  Upcoming releases will hopefully follow a quicker release cycle now that we are back on track.  This marks the first stable release of Mantis with a completely refactored API library.  All the API files are in the core/ directory should you wish to examine them in more detail.

 

Below is the change log which includes the changes in each of the intermediate alpha releases.  The changes included here are those that are done since 0.17.5.  It is recommended that all users upgrade to 0.18.0, since 0.17.x will no longer be supported.  This is in addition to the fact that 0.18.0 contains tons of new features, that you should all benefit from.

 

We would like to take this chance to thank all users and developers who have contributed in this major release.  This is in terms of reporting bugs, requesting features, translating, fixing bugs, developing features, …etc.  We consider this as a landmark in the development of Mantis which takes us from being a “Beta” product to “Production/Stable” quality product.

 

Regards,

Mantis Team

 

2003.12.08  -  0.18.0

 

 * Fix #3207: LDAP mail lookup was looking for the 'email' attribute instead of the 'mail' attribute.

 * Enh #3335: Added Estonian Language (thanks to Villem Vannas).

 * Fix #3310: Sorting of projects in menu bar.

 * Fix #3330: "Required" fields on Account Profile page.

 * Fix #3333: Support PHPMailer v1.7x.

 * Fix #3334: Invalid links in bug reminder emails.

 * Fix #3353: History not updated in bug deletion email.

 * Fix #3389: Problems upgrading existing users to administrator.

 * Fix #3417: Setting $g_manage_news_threshold to 'DEVELOPER' can't add new news.

 * Fix #3421: Users except admin can 'see' the projects disabled on the project bar.

 * Sec #0000: Various Cross-Site Scripting vulnerabilities fixed (thanks to Paul Richards).

 * Languages: Updated French localisation.

 

2003.08.24  -  0.18.0rc1

 

 * Enh #0000: New config option(user_login_valid_regex): regular expression used to validate new login names

 * Enh #0000: Added error_proceed_url() to allow pages to give a url to proceed to after displaying the next error

 * Enh #0000: Implemented parameterized error messages.  Error strings are passed through sprintf() and are parameterized with the values given to error_parameters()

 * Enh #0000: Allow spaces and hyphens in login names.

 * Enh #0000: Optimized the database query in file_list_attachments() to improve performance of viewing bugs with large attachments.

 * Enh #2377: Index user names in manage user page by letters (added config option default_manage_user_prefix).

 * Enh #2517: Security Warnings [on login page if admin folder is accessible, administrator/root account enabled, or PLAIN passwords used].

 * Enh #2981: Resolution in overview (show resolution in View Bugs page).

 * Enh #3088: Show file attachment indicator on bug list page.

 * Enh #3240: Show last login date in the main page.

 * Enh #3242: Show bugnote add form before bugnotes to minimize the scroll needed to add a note.

 * Enh #3244: Add bug status to the autogenerated bug view link tooltips.

 * Enh #3272: Bugnote links in view_all_inc now are painted in a 'not visited' color when there are new notes.

 * Security Fix #0000: All bugs were displayed if "All Projects" is selected and user has access to no projects.

 * Fix #0000: Part of filenames with '-'s were being cut off.

 * Fix #0000: Improved adherance to the XHTML standard.

 * Fix #0000: A bug in the handling of the case where a user who does not have access to a private project, but has access level >= private_project_threshold.

 * Fix #0000: Problem in filtering on reporter = 'any' in the print pages.

 * Fix #2992: Unable to attach files to bugs on Windows servers with magic quotes ON.

 * Fix #2999: Only administrators to can (to private) projects.

 * Fix #3027: History summary a little bit too wide in emails.

 * Fix #3064: View bug buttons in vertical column

 * Fix #3072: Attached file should be opened up in a new browser window.

 * Fix #3076: Bug reports are added to the "wrong" project.

 * Fix #3079: Error when using phpMailer.

 * Fix #3080: Project menu bar shows extra links.

 * Fix #3089: Hide link to Profiles management on account page based on access level.

 * Fix #3092: Problem changing printing prefs.

 * Fix #3097: App Error 700 in project_api.php when viewing certain bugs.

 * Fix #3108: No custom fields are shown in the details, if you are in "All Projects"

 * Fix #3109: Error when adding protected users.

 * Fix #3110: "Print reports" preview in explorer is not possible unless you select "Display selected only"

 * Fix #3111: Bug links in bugnotes do not contain the FQDN as they do in the full reference.

 * Fix #3115: manage_proj_cat_edit_page.php uses the wrong project id.

 * Fix #3120: Missing "Assign To" field on "Report Bug" screen.

 * Fix #3121: When creating a bug that has custom fields, the values for the custom fields are not sent out in the email.

 * Fix #3124: view_bugs: a reporter has the drop-down box of actions, but doesn't have the checkboxes.

 * Fix #3132: Email for feedback does not contain the last bugnote

 * Fix #3140: attachment.png is corrupt in CVS.

 * Fix #3143: Show a padlock instead of "p".

 * Fix #3155: Field 'date_added' (for attachments) not correctly printed in print_bug_page.php.

 * Fix #3175: Login fails when saved password is PLAIN and login_method is not PLAIN.

 * Fix #3186: $t_protocol not set right  (PHP 4.3.0/Netscape Enterprise 6.1/Linux installation with Mozilla client).

 * Fix #3218: Version vs. Product version confusing (renamed Version to OS Version in advanced pages - English language).

 * Fix #3219: Unnecesary DISTINCT SQL function call made the view_all_bugs query fail with older MySQL releases.

 * Fix #3214: Private projects links get replaced by public project links.

 * Fix #3225: Row with the "private" checkbox hasn't got a colspan of 6.

 * Fix #3231: Redirect problem when user clicks on a bug link while not logged in.

 * Fix #3230: German translation [corrections].

 * Fix #3232: Signup or password reset emails were not being sent if email notifications were turned off

 * Fix #3252: Category not selected on update if "&" is used in category name.

 * Fix #3266: Possible patches against CVS (Not all changes were applied, see bug for details)

 * Enh #3276: Add bugnote numbering and the ability to link to bugnotes directly using configured tags like with buglinks

 * Fix #3292: Exporting csv results in "cannot modify header" error.

 * Fix #3295: $g_limit_reporters doesn't work.

 * Fix #3306: PHP error if unable to connect to database.

 * Languages: Updated Italian, German, Spanish, Slovak, Swedish, French and Dutch localisations.

 * Languages: Synchronised localisation files with English localisation.

 * Added Mantis FAQ to documentation folder.

 * Mantis Manual is now available online at http://mantisbt.sourceforge.net/manual/

 

2003.03.22  -  0.18.0a4

 

 * Check whether other forms of compression are enabled before we turn on ob_gzhandler() in our output handler.  This should hopefully avoid problems people have had with blank pages resulting from compression problems.

 * Remove "show source" functionality which was a security hole and of little use

 * Languages: Updated Italian and Dutch localisations.

 * Languages: Added Slovak localisation.

 * Languages: Synchronised localisation files with English localisation.

 * Languages: Changed code page of Czech translation.

 * Enhancement: Added bug summary by project on summary page (#1759).

 * Enhancement: Reduced number of SQL queries on summary page (#3046).

 * Enhancement: Field names in bug history are now localized.

 * Enhancement: g_use_iis default value is now based on auto-detection of IIS servers.  Before it was defaulted to OFF.

 * Fix: 'Display selected only' on print bugs page fixed.

 * Fix: 'Hide resolved' now also works for report printing and export.

 * Fix: Do not call custom_field_set_value() in bug report and bug update if user has no write access.

 * Fix: Printing context in case of errors is not working properly (a lot of notices are generated).

 * Fix #2626: $g_primary_table_tags is documented and in config files but never used

 * Fix #2839: 'Join incorrect in print_reporter_options and print_assign_to_option_list'

 * Fix #2902: Project name is not printed on bug list report.

 * Fix #2953: 'View all bugs page empty'.  We now disabled compression if zlib isn't available to php.  See notes in the config_defaults_inc.php for information on enabling zlib on Windows.

 * Fix #3011: 'Hide resolved' flag is now preserved when re-sorting bug list.

 * Fix #3019: Application Error 200 after updating a bug.

 * Fix #3020: Error when deleting a bug with bugnotes.

 * Fix #3021: Error when using phpMailer.

 * Fix #3022: Add user to project form lists disabled users.

 * Fix #3047: Manually assigned developers cannot resolve in All Projects view.

 * Fix #3050: Setting Assigned To to null causes Status to change to assigned

 * Fix #3055: (Non-email) URLs containing '@' characters are now linked correctly.

 * Fix #3058: Clicking on view_all_bug_page.php results in 'file download' popup.

 * Fix #3062: category, version option lists (and custom fields/reporter/assign to) populated from current project rather than bug category.

 

2003.02.26  -  0.18.0a3

 

 * Behaviour change: allow bug IDs to get replaced when they are preceeded by any character that is not a letter, a number, or an underscore instead of requiring them to be preceeded by whitespace

 * Enhancement: Added "Hide resolved" functionality to bug list page.

 * Enhancement: When an enumeration is not found, display @<enumid>@ instead of @null@.

 * Enhancement: Added file type icons next to project documents and bug file attachments.  Also provided a set of standard icons.

 * Enhancement: Added a section to the bug view pages that lists the users that are monitoring the current bug.

 * Enhancement: Improved the layout of the "Send a reminder" form.

 * Fix: META redirects were not XHTML-compliant

 * Fix: $g_lang_current was not available to custom_strings_inc.php

 * Fix: reduced the executed number of queries throughout the interface

 * Fix: improved handling of bad cookies (you now get a chance to log in again)

 * Fix: Added the removal of invalid history entries that were added due to escaping errors to the string escaping fixes.

 * Fix: Improve speed of actions that trigger email sends by reducing the number of queries by 200x (20,000%). Queries when sending emails are now linear to the number of users receiving the email instead of the number of users in the system.

 * Fix: error deleting bug files fixed

 * Fix: display logical filename rather than file system filename for project documents in project document edit page.

 * Fix #838:  Show attached images as images instead of links.

 * Fix #2075: Mantis does not correctly display images when they are clicked ( $g_file_upload_method = DATABASE ).

 * Fix #2939: Confusing file names for uploaded project documents.

 * Fix #2940: Error when uploading document with no upload path.

 * Fix #2944: Project files are not deleted when project is deleted.

 * Fix #2953: View all bugs page empty (temporary fix by disabling compression when running on an IIS server).

 * Fix #2954: Bgcolor attribute on TD in view_all_bug_page (moved to TR) [optimisation]

 * Fix #2956: db_insert_id() did not use mysql_insert_id(), but executed another query (which is probably slower)

 * Fix #2961: A disabled project can not be the currently selected project

 * Fix #2964: proj_doc_add.php is empty if document file already exists

 * Fix #2967: Make bugnotes visible while updating bugs (updating, resolving, and closing)

 * Fix #2968: Add query counts to action pages.

 * Fix #2969: Bug not found error when deleting a bugnote.

 * Fix #2970: Sending a reminder sends two notifications.

 * Fix #2974: Message "APPLICATION WARNING #300" on main page.

 * Fix #2975: 'date modified' column of bug history in email is to tight.

 * Fix #2976: Incorrect handling of URLs.

 * Fix #2978: URLs not hyperlinked in news_add page.

 * Fix #2980: Escaping fixes are not applied to the bug history table.

 * Fix #2982: Having email_set_category set to EMAIL_CATEGORY_PROJECT_CATEGORY erased various mail headers.

 * Fix #2989: Allow managers to manage bugnotes.

 * Fix #2992: Unable to attach files to bugs (or documents to projects) [applicable to Windows servers]

 * Fix #2993: Read/Write access levels not checked in custom fields.

 * Fix #2997: 'Trouble assigning a user to a project from the Manage Account'

 * Fix #3001: Users cannot delete/edit their own bugnotes.

 * Fix #3005: custom_field_api.php does not work with PHP 4.0.6.

 * DB Upgrade: Added "id" primary key to bug history table (needed for #2980).

 * Languages: Updated German localisation.

 * Languages: Synchronised localisations with English

 * Changed config option (default_notify_flags): remove 'admin', 'manager', and 'threshold' categories and add 'threshold_min' and 'threshold_max'

 * New config option (bugnote_allow_user_edit_delete): controls whether users are allowed to edit or delete their own bugnotes.

 * New config option (email_receive_own): controls whether users receive emails for changes they make

 * New config option (display_project_padding): controls the level of padding on project ids

 * New config option (display_bug_padding): controls the level of padding on bug ids

 * New config option (display_bugnote_padding): controls the level of padding on bugnote ids

 * New config option (file_type_icons): provides mapping between file extensions and icons to be used for file types.

 * New config option (show_monitor_list_threshold): threshold needed to view the list of users monitoring a bug.

 * New config option (document_files_prefix): prefix to be used for file system names for documents uploaded to projects (eg: doc-001-myprojdoc.zip when using prefix 'doc').

 * New config option (preview_attachments_inline_max_size): Configure the maximum size for an attachment to be viewed inline.  (needed by #838)

 * Removed config option (bugnote_include_file): Used file path directly since there is no reason to make it configurable.

 * Removed config option (bugnote_view_include_file): Used file path directly since there is no reason to make it configurable.

 * Removed config option (bugnote_add_include_file): Used file path directly since there is no reason to make it configurable.

 * Removed config option (history_include_file): Used file path directly since there is no reason to make it configurable.

 * Removed config option (print_bugnote_include_file): Used file path directly since there is no reason to make it configurable.

 * Removed config option (view_all_include_file): Used file path directly since there is no reason to make it configurable.

 * Removed config option (bug_view_inc): Used file path directly since there is no reason to make it configurable.

 * Removed config option (bug_file_upload_inc): Used file path directly since there is no reason to make it configurable.

 

2003.02.19  -  0.18.0a2

 

 * Behaviour change: Project documentation is now sorted by title

 * Enhancement: Project name is shown in print_bug_page

 * Fix: #2938: 'Double quotes not handled correctly in manage_custom_field_edit_page'

 * Fix: handle special characters correctly in the rest of the manage_custom_field_* pages

 * Fix: #2937: 'Double quotes not handled correctly in version names'

 * Fix: #2936: 'SYSTEM WARNING: ob_gzhandler() used twice'

 * Fix: #2941: Checking that project upload path exists and is writable to webserver

 * Fix: #2943: Document title should be mandatory

 * Fix: #2949: News title and body should be mandatory.

 * Fix: #2952: Email address of news poster always visible.

 * Fix: at various places, the currently selected project (as specified by the cookie) was used instead of i.e. a bug's project

 * Fix: lang_api did not load the user's preferred language

 * Fix: obscure error when database connect failed

 * Fix: error when deleting news items

 * Fix: we no longer execute thousands of queries in view_all_bug_page when there are a lot of users in the database

 * Fix: the sort direction in 'View all bugs' was passed directly to the query

 * New config option (mail_priority): if use_x_priority is set to ON, what should the value of X-Priority be? The default is 3 (instead of 0 in previous version, which was misinterpreted by some MTAs)

 * New config option (long_process_timeout): the number of seconds to give long executing pages (like database upgrades) to complete before aborting them (defaults to 0 which is unlimited)

 * New config option (private_project_threshold): threshold needed to get into private project automatically

 * Removed config option (mail_send_crlf): having this option off (default) violated RFC 822bis and there shouldn't be any server which required it to be set to off

 * Languages: Updated Dutch, French, German and Italian localisations.

 * Languages: Synchronized localisation files with the English localisation.

 * Security enhancement: it is now impossible to 'fill in' forgotten language strings using GET/POST/COOKIE variables

 

2003.02.16  -  0.18.0a1

 

* Behaviour change: made 'normal' the default priority for new bugs

 * Behaviour change: Merged default/config_inc1.php and default/config_inc2.php in config_inc.php in the main directory

 * Behaviour change: Removed f_ prefix from POST and GET field names

 * Changed config options (*_color): now use $g_status_colors['<status color>'] array. For example, $g_new_color is replaced with $g_status_colors['new'].

 * Changed config options (default_advanced_report, default_advanced_view, default_advanced_update): now ON/OFF instead of BOTH/SIMPLE/ADVANCED (they never worked the other way anyway)

 * Changed config options (login_method): the constant CRYPT_FULL_SALT is now deprecated and should be replaced with CRYPT, which behaves exactly the same, or MD5

 * Code cleanup: added validation checks for all inputs that are passed on to database queries

 * Code cleanup: db_prepare_string(), db_prepare_int(), and db_prepare_bool() to be called on data before it goes into the database

 * Code cleanup: modified input-checked variables to be prefixed by $c_

 * Code cleanup: Moved admin_* scripts into admin/ directory

 * Code cleanup: Moved core_* files into core/ directory, which can be moved out of the webroot

 * Code cleanup: Replaced '/' with DIRECTORY_SEPARATOR throughout to make things cross-platform

 * Code cleanup: Rewrote large parts of Mantis to improve security

 * Copyright transfered by Kenzaburo Ito to 'Mantis Group', consisting of all of Mantis developers, as of 2002. All files have had their copyright notices changed to reflect this.

 * Enhancement: added a button to copy categories from another project, in addition to the current 'copy to'

 * Enhancement: added a direct link, with a small icon, on each bug row, so that users on a selected project can switch directly to the update bug page (simple/advanced depending on user preferences).

 * Enhancement: added a remove link next to the edit link in the project categories and project versions to allow deleting without going into edit.

 * Enhancement: added announcement flag to news.  Announcements are always kept at the top of the news page.

 * Enhancement: admin_check script moved to admin/check.php and rewritten to be more complete

 * Enhancement: added javascript autofocus to the login page

 * Enhancement: added javascript autofocus to the report bug pages

 * Enhancement: added links from the counters of bugs reported and assigned to logged in user to their corresponding filtered view

 * Enhancement: added support for custom_constants_inc.php, if this file is found in main directory it gets included after constants_inc.php.  It is useful to define constants for custom enumerations.

 * Enhancement: added support for custom_strings_inc.php, if this file is found in main directory it gets included after lang/strings_xxxx.php to allow overriding of strings without modifying the language files.  $g_active_language can be used to check the active language.

 * Enhancement: added support for modifying the reporter of a bug

 * Enhancement: Added Word2k and Excel export in print_all_bug_page.php. Users can choose the bugs to display/print, and the fields to export with the 'Printing Options' link.

 * Enhancement: Administrators can now modify the preferences for all users that are not protected.  Protected users need to be unprotected first.

 * Enhancement: allow managers to update project information, change project user list, add/edit/delete categories and versions

 * Enhancement: auto-assign bugs when a default user is specified for the category and a bug is not pre-assigned

 * Enhancement: automatic defaults for $g_path and $g_absolute_path rather than dummy values.  This should avoid the need of redefining these values in config_inc.php and also support multiple domains.

 * Enhancement: bugs can be marked private

 * Enhancement: bug change history

 * Enhancement: caching of much DB data to prevent multiple requests for the same information

 * Enhancement: Cleaned up file uploading with better error messages and hiding file upload when it's disabled in PHP

 * Enhancement: confirm a lot of destructive actions before performing them

 * Enhancement: email_api.php sends a content-type header in emails

 * Enhancement: enter a bugnote when you update a bug

 * Enhancement: html_api.php prints a META-tag defining the charset

 * Enhancement: improved the behaviour of sorting the tables of users and projects in 'Manage'

 * Enhancement: in the view all bugs page, when 'All Projects' is selected, the project name is now displayed in smaller font over the category

 * Enhancement: include tabindexes in the form fields on the bug reporting pages

 * Enhancement: look in environment variable MANTIS_CONFIG to find a config file to load after config_inc.php (useful for vhosts)

 * Enhancement: make br, hr, li, img, selected, checked, and other html elements XHTML compliant

 * Enhancement: more visual graph pages in summary_page.php. Caution, old versions of JPGraph may cause problems, use v1.6.3 or above if you can.

 * Enhancement: news can now be made private

 * Enhancement: offer multiple group bug actions in view_all_bug_page.php

 * Enhancement: private bugnotes. At present these bugnotes are omitted from sent emails, a future release will put private bugnotes in emails to those who should see them.

 * Enhancement: provide a notification when a bug is deleted

 * Enhancement: reminder feature to let you send a message about a bug to a list of users

 * Enhancement: reworked BCTimer class to be more useful for debugging

 * Enhancement: send Bug History in e-mails

 * Enhancement: added new database upgrade system to allow you to easily apply database schema changes when  upgrading.

 * Enhancement: support uploading attachments to an FTP server (so now there is DISK, DATABASE, and FTP).  Recently uploaded/downloaded attachments are cached at the web server.

 * Enhancement: User names are now auto-generated for accounts that no longer exists.  The user names are prefixed by the string given in the config option prefix_for_deleted_users.

 * Enhancement: user_api.php, login.php and login_page.php send the user back to the referring page after login

 * Enhancement: warn the user if his browser does not support cookies, either because it's too old or because it was disabled

 * Enhancement: you can add multiple categories in one step. This is done by separating category names by the pipe character '|'.  For example to add category 'A' and 'B', add 'A|B'.

 * Enhancement: you can monitor bugs even when not reporter or handler

 * Enhancement: support for custom fields.

 * Enhancement: you can now change the password encryption method by simply changing the configuration option - Mantis will change your passwords automatically as people login

 * Fix: Account pruning now also removes profiles, preferences and such.

 * Fix: all string files use single quotes instead of double quotes

 * Fix: bug that let you change your username to that of an already existing user

 * Fix: bug where upload paths with \'s in them kept getting escaped over and over

 * Fix: defects with updating project categories and versions

 * Fix: deleting the current project no longer gives an error (#2808)

 * Fix: email address validation should be much more RFC 822 compliant (#2819)

 * Fix: Made 'light grey' the default color for 'closed'

 * Fix: make form elements standards compliant

 * Fix: prevent an unauthorized user from deleting a bug by modifying the URL

 * Fix: print_api.php escapes double quotes in text fields, instead of replacing them by single quotes

 * Fix: problem deleting bugnotes

 * Fix: problem in core_API.php where constants were used before declaration

 * Fix: problem in email_api.php where an email could be sent to nobody at all, in rare cases

 * Fix: problem in manage_proj_update.php which gave a warning when editing projects with empty upload file paths

 * Fix: problem with ambiguous column names in queries when using the text search or applying filters

 * Fix: problem with print_assign_to_option_list() not selecting the current user

 * Fix: quoted various text values retrieved from a database and used in a database query.

 * Fix: Removed special status of 'closed' concerning colors. 'View all bugs' will use the configured background color.

 * Fix: Removed str_pad() we can use str_pad() from PHP4 now

 * Fix: replace & in URLs with &amp; to conform with standards

 * Fix: use single quotes whenever possible if double quotes were unnecessary

 * Fix: Use supervariables ($_SERVER, $_REQUEST, etc.) in PHP >= 4.1.0, since the old variables are deprecated

 * Fix: when viewing all bugs for all projects you no longer see bugs from disabled projects

 * Fix: Disabled user accounts no longer receive notification emails.

 * Languages: Added $s_charset to all localization files.

 * Languages: Added Chinese Simplified translation.

 * Languages: Removed French2 localization (out of date, without HTML entities. Replaced by new French localization).

 * Languages: removed HTML entities from all localization files

 * Languages: Updated comments in all localization files to point to correct file names.

 * Languages: Updated Hungarian, Russian, Romanian, German, Danish, Norwegian and Dutch localizations.

 * New APIs: see all the files in core/ ending with _api

 * New config option (allow_blank_email): allow blank email addresses (ie none specified)

 * New config option (allow_reporter_close): allow reporters to close the bugs they reported

 * New config option (allow_reporter_reopen): allows reporters to reopen closed bugs that they reported if they are unhappy with the resolution (defaults to ON) (see issue #2108)

 * New config option (auto_set_status_to_assigned): automatically set the status to ASSIGNED when an issue is assigned.  Default is ON.

 * New config option (bug_reminder_threshold): the access level required to send reminders

 * New config option (bug_resolved_status_threshold): To mark the status threshold for marking bugs as readonly.  Default is RESOLVED.

 * New config option (compress_html): optional compression of html output

 * New config option (create_project_threshold): provide a threshold for users who can create projects

 * New config option (custom_field_edit_after_create): new option to control whether a user is directed to edit a custom field after creating it

 * New config option (custom_field_link_threshold): provide a threshold for users who can link and unlink custom fields but not delte, create, or modify them

 * New config option (custom_headers): contains a list of headers to prepend to each outgoing HTTP response.  This can be used for P3P policy headers among other things (see issue #2649)

 * New config option (debug_email): allows debugging e-mail messages during development by only sending them to the specified e-mail while including the original to, cc, bcc in the message body (currently supported only when phpmailer is used).

 * New config option (default_notify_flags and notify_flags): these replace $g_notify_developers_on_new, $g_notify_on_new_threshold, and $g_notify_admin_on_new.  The old flags are no longer supported.  The new ones provide full control on who should be notified on each event/action.

 * New config option (delete_bugnote_threshold): the access level required to delete a bug

 * New config option (delete_project_threshold): provide a threshold for users who can delete projects

 * New config option (email_set_category): make Mantis set the category of the e-mail sent (via mail()/phpMailer).  This is useful in organising e-mails better using clients like Microsoft Outlook.

 * New config option (handle_bug_threshold): the access level required for a user to appear in the assign to list and be able to handle bugs

 * New config option (history_default_visible): whether bug history should be visible by default or only when requested.

 * New config option (html_make_links): Replaces allow_href_tags. When true, convert text links in strings into actual anchor tags.

 * New config option (html_valid_tags): Replaces allow_html_tags and html_tags.  Set it to a string containing a comma-separated list of tag names that should be allowed in messages.

 * New config option (limit_email_domain): only allow emails in the given domain

 * New config option (manage_custom_fields_threshold): controls who may make changes to custom fields

 * New config option (manage_news_threshold): threshold needed to manage news postings

 * New config option (manage_user_threshold): access level required to modify/create/delete users

 * New config option (notify_admin_on_new): enable/disable notifications to admins on arrival of new bugs

 * New config option (notify_on_new_threshold): the access level above which users will be notified of new bugs

 * New config option (project_user_threshold): access level required to add/remove users to/from a project

 * New config option (reminder_recipents_monitor_bug): To automatically add recipients of bug reminders to the monitor list of the defect.  This is done if the access level is greater than or equal to monitor threshold and the recipient is not the handler or the reporter.

 * New config option (show_detailed_errors):

 * New config option (show_notices):

 * New config option (show_project_menu_bar): adds a menu bar with all the projects as links

 * New config option (show_queries_count and show_queries_list): track the executed queries and display their total count, unique queries count, and the actual list of queries executed

 * New config option (show_warnings):

 * New config option (smtp_password): password to use when connection to an smtp server with phpMailer

 * New config option (smtp_username): username to use when connection to an smtp server with phpMailer

 * New config option (store_reminders): controls whether to store sent reminders as a bugnote

 * New config option (summary_category_include_project): display "[project] category" rather than "category" only in summary for "All Projects"

 * New config option (update_bug_threshold): the access level required to update a bug

 * New config option (upload_project_file_threshold, upload_bug_file_threshold, allow_reporter_upload): control what users may upload what kinds of files

 * New config option (view_attachments_threshold): the access level required to view attachments.  This is useful when there is a need to share the knowledge about the defects, but to secure customer data.

 * New config option (view_summary_threshold): the access level required for viewing the summary page

 * New file (obsolete.php): checks for obsolete variables and tells the operator

 * Removed config option (allow_href_tags): see new option html_make_links

 * Removed config option (allow_html_tags): see new option html_valid_tags

 * Removed config option (html_tags): see new option html_valid_tags

 * Removed config option (register_globals): just check the actual value of the PHP config variable

 * Removed config option (php): this variable containing the file extensions (php3 of php) was only used in config, so do a search and replace if you need it

 * Renamed config option: allow_bug_delete_access_level to delete_bug_threshold

 * Renamed config option: bug_move_access_level to move_bug_threshold

 * Renamed file: manage_create_new_user.php to manage_user_create.php

 * Renamed file: manage_create_new_user_page.php to manage_user_create_page.php

 * Renamed file: report_add.php to bug_add.php

 * Renamed file: report_bug_advanced_page.php to bug_add_advanced_page.php

 * Renamed file: report_bug_page.php to bug_add_page.php

 * Security fix: Mantis no longer relies on register_globals being turned on