Ticket #15729: 15729-4.diff

wp-admin/setup-config.php

@@ -114 +114 @@
         break;
 
         case 1:
-                display_header();
+            display_header();
+            if(is_numeric($_POST['error'])) {
+                switch($_POST['error']) {
+                    case 1 :
+                        $error_msg = "Cannot connect to the database server with the provided username,password and host combination.";
+                        $focus_element = "uname";
+                    break;
+                    case 2 :
+                        $error_msg = "Cannot select the database.";
+                        $focus_element = "dbname";
+                    break;
+                    case 3 :
+                        $error_msg = "The table prefix can contain only letters, numbers, and underscores.";
+                        $focus_element = "prefix";
+                    break;
+                }                
+                ?>
+                <script type="text/javascript">
+                    function setFocus() {
+                        document.getElementById('<?php echo $focus_element; ?>').focus();
+                    }
+                </script>
+                <p style="color:red;"><?php echo $error_msg; ?></p>
+                <?php                
+            }
+            $dbname =   !empty($_POST['dbname']) ? htmlspecialchars(trim($_POST['dbname']),ENT_QUOTES) : 'wordpress';
+            $uname  =   !empty($_POST['uname']) ? htmlspecialchars(trim($_POST['uname']),ENT_QUOTES) : 'username';
+            // password can be left blank
+            $passwrd=   isset($_POST['pwd']) ? htmlspecialchars($_POST['pwd'],ENT_QUOTES) : 'password';
+            $dbhost =   !empty($_POST['dbhost']) ? trim(htmlspecialchars(trim($_POST['dbhost']),ENT_QUOTES)) : 'localhost';
+            $prefix =   !empty($_POST['prefix']) ? trim(htmlspecialchars(trim($_POST['prefix']),ENT_QUOTES)) : 'wp_';            
         ?>
 <form method="post" action="setup-config.php?step=2">
         <p>Below you should enter your database connection details. If you're not sure about these, contact your host. </p>
         <table class="form-table">
                 <tr>
                         <th scope="row"><label for="dbname">Database Name</label></th>
-                        <td><input name="dbname" id="dbname" type="text" size="25" value="wordpress" /></td>
+                        <td><input name="dbname" id="dbname" type="text" size="25" value="<?php echo $dbname; ?>" /></td>
                         <td>The name of the database you want to run WP in. </td>
                 </tr>
                 <tr>
                         <th scope="row"><label for="uname">User Name</label></th>
-                        <td><input name="uname" id="uname" type="text" size="25" value="username" /></td>
+                        <td><input name="uname" id="uname" type="text" size="25" value="<?php echo $uname; ?>" /></td>
                         <td>Your MySQL username</td>
                 </tr>
                 <tr>
                         <th scope="row"><label for="pwd">Password</label></th>
-                        <td><input name="pwd" id="pwd" type="text" size="25" value="password" /></td>
+                        <td><input name="pwd" id="pwd" type="text" size="25" value="<?php echo $passwrd; ?>" /></td>
                         <td>...and MySQL password.</td>
                 </tr>
                 <tr>
                         <th scope="row"><label for="dbhost">Database Host</label></th>
-                        <td><input name="dbhost" id="dbhost" type="text" size="25" value="localhost" /></td>
+                        <td><input name="dbhost" id="dbhost" type="text" size="25" value="<?php echo $dbhost; ?>" /></td>
                         <td>You should be able to get this info from your web host, if <code>localhost</code> does not work.</td>
                 </tr>
                 <tr>
                         <th scope="row"><label for="prefix">Table Prefix</label></th>
-                        <td><input name="prefix" id="prefix" type="text" id="prefix" value="wp_" size="25" /></td>
+                        <td><input name="prefix" id="prefix" type="text" id="prefix" value="<?php echo $prefix; ?>" size="25" /></td>
                         <td>If you want to run multiple WordPress installations in a single database, change this.</td>
                 </tr>
         </table>
@@ -159 +189 @@
         $prefix  = trim($_POST['prefix']);
         if ( empty($prefix) )
                 $prefix = 'wp_';
-
+        
+        $setup_error    =   null;        
         // Validate $prefix: it can only contain letters, numbers and underscores
-        if ( preg_match( '|[^a-z0-9_]|i', $prefix ) )
-                wp_die( /*WP_I18N_BAD_PREFIX*/'<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.'/*/WP_I18N_BAD_PREFIX*/ );
+        if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) {                
+                $prefix =   htmlspecialchars($prefix,ENT_QUOTES);
+                $setup_error =   array('message' => '<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.','code' => 3);                                                                
+        }
+        
+        // if a prefix related error hasn't happened, test the database credentials
+        if( $setup_error==null ) {
+            // Test the db connection.
+            /**#@+
+             * @ignore
+             */
+            define('DB_NAME', $dbname);
+            define('DB_USER', $uname);
+            define('DB_PASSWORD', $passwrd);
+            define('DB_HOST', $dbhost);
+            /**#@-*/
 
-        // Test the db connection.
-        /**#@+
-         * @ignore
-         */
-        define('DB_NAME', $dbname);
-        define('DB_USER', $uname);
-        define('DB_PASSWORD', $passwrd);
-        define('DB_HOST', $dbhost);
-        /**#@-*/
-
-        // We'll fail here if the values are no good.
-        require_wp_db();
-        if ( ! empty( $wpdb->error ) ) {
-                $back = '<p class="step"><a href="setup-config.php?step=1" onclick="javascript:history.go(-1);return false;" class="button">Try Again</a></p>';
-                wp_die( $wpdb->error->get_error_message() . $back );
-        }
-
+            // We'll fail here if the values are no good.
+            require_wp_db();
+            if ( ! empty( $wpdb->error ) ) {                    
+                switch(key($wpdb->error->errors)) {
+                    case 'db_connect_fail':
+                       $setup_error = array('code' => 1);
+                    break;
+                    case 'db_select_fail':
+                       $setup_error = array('code' => 2);
+                    break;
+                }
+                $setup_error['message'] = $wpdb->error->get_error_message();
+            }
+        }
+        // check if any error occured above        
+        if( is_array( $setup_error ) ) {
+            $try_again = '<p class="step">
+            <form action="setup-config.php?step=1" method="post">  
+                <input name="error" type="hidden" value="' . $setup_error['code'] . '" />
+                <input name="dbname" type="hidden" value="' .htmlspecialchars($dbname,ENT_QUOTES). '" />                
+                <input name="uname" type="hidden" value="' .htmlspecialchars($uname,ENT_QUOTES). '" />          
+                <input name="pwd" type="hidden" value="' .htmlspecialchars($passwrd,ENT_QUOTES). '" />                  
+                <input name="dbhost" type="hidden" value="' .htmlspecialchars($dbhost,ENT_QUOTES). '" />                
+                <input name="prefix" type="hidden" id="prefix" value="' .$prefix. '" />    
+                <input type="submit" class="button" value="Try Again" name="try-again">
+            </form>
+                  </p>';
+            wp_die($setup_error['message'] . $try_again);
+        }       
         // Fetch or generate keys and salts.
         $no_api = isset( $_POST['noapi'] );
         require_once( ABSPATH . WPINC . '/plugin.php' );