Changeset 42343 for trunk/src/wp-admin/setup-config.php
- Timestamp:
- 11/30/2017 11:09:33 PM (8 years ago)
- File:
-
- 1 edited
-
trunk/src/wp-admin/setup-config.php (modified) (14 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/setup-config.php
r42218 r42343 13 13 * We are installing. 14 14 */ 15 define( 'WP_INSTALLING', true);15 define( 'WP_INSTALLING', true ); 16 16 17 17 /** 18 18 * We are blissfully unaware of anything. 19 19 */ 20 define( 'WP_SETUP_CONFIG', true);20 define( 'WP_SETUP_CONFIG', true ); 21 21 22 22 /** … … 25 25 * Set this to error_reporting( -1 ) for debugging 26 26 */ 27 error_reporting( 0);27 error_reporting( 0 ); 28 28 29 29 if ( ! defined( 'ABSPATH' ) ) { … … 47 47 $config_file = file( dirname( ABSPATH ) . '/wp-config-sample.php' ); 48 48 } else { 49 wp_die( sprintf( 50 /* translators: %s: wp-config-sample.php */ 51 __( 'Sorry, I need a %s file to work from. Please re-upload this file to your WordPress installation.' ), 52 '<code>wp-config-sample.php</code>' 53 ) ); 49 wp_die( 50 sprintf( 51 /* translators: %s: wp-config-sample.php */ 52 __( 'Sorry, I need a %s file to work from. Please re-upload this file to your WordPress installation.' ), 53 '<code>wp-config-sample.php</code>' 54 ) 55 ); 54 56 } 55 57 56 58 // Check if wp-config.php has been created 57 59 if ( file_exists( ABSPATH . 'wp-config.php' ) ) { 58 wp_die( '<p>' . sprintf( 60 wp_die( 61 '<p>' . sprintf( 59 62 /* translators: 1: wp-config.php 2: install.php */ 60 63 __( 'The file %1$s already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href="%2$s">installing now</a>.' ), … … 67 70 // Check if wp-config.php exists above the root directory but is not part of another installation 68 71 if ( @file_exists( ABSPATH . '../wp-config.php' ) && ! @file_exists( ABSPATH . '../wp-settings.php' ) ) { 69 wp_die( '<p>' . sprintf( 72 wp_die( 73 '<p>' . sprintf( 70 74 /* translators: 1: wp-config.php 2: install.php */ 71 75 __( 'The file %1$s already exists one level above your WordPress installation. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href="%2$s">installing now</a>.' ), … … 90 94 */ 91 95 function setup_config_display_header( $body_classes = array() ) { 92 $body_classes = (array) $body_classes;96 $body_classes = (array) $body_classes; 93 97 $body_classes[] = 'wp-core-ui'; 94 $dir_attr = '';98 $dir_attr = ''; 95 99 if ( is_rtl() ) { 96 100 $body_classes[] = 'rtl'; 97 $dir_attr = ' dir="rtl"';101 $dir_attr = ' dir="rtl"'; 98 102 } 99 103 … … 121 125 } 122 126 123 switch ($step) {127 switch ( $step ) { 124 128 case -1: 125 129 if ( wp_can_install_language_pack() && empty( $language ) && ( $languages = wp_get_available_translations() ) ) { … … 152 156 } 153 157 ?> 154 <h1 class="screen-reader-text"><?php _e( 'Before getting started' ) ?></h1>155 <p><?php _e( 'Welcome to WordPress. Before getting started, we need some information on the database. You will need to know the following items before proceeding.' ) ?></p>158 <h1 class="screen-reader-text"><?php _e( 'Before getting started' ); ?></h1> 159 <p><?php _e( 'Welcome to WordPress. Before getting started, we need some information on the database. You will need to know the following items before proceeding.' ); ?></p> 156 160 <ol> 157 161 <li><?php _e( 'Database name' ); ?></li> … … 161 165 <li><?php _e( 'Table prefix (if you want to run more than one WordPress in a single database)' ); ?></li> 162 166 </ol> 163 <p><?php 167 <p> 168 <?php 164 169 /* translators: %s: wp-config.php */ 165 printf( __( 'We’re going to use this information to create a %s file.' ), 170 printf( 171 __( 'We’re going to use this information to create a %s file.' ), 166 172 '<code>wp-config.php</code>' 167 173 ); 168 174 ?> 169 <strong><?php 175 <strong> 176 <?php 170 177 /* translators: 1: wp-config-sample.php, 2: wp-config.php */ 171 printf( __( 'If for any reason this automatic file creation doesn’t work, don’t worry. All this does is fill in the database information to a configuration file. You may also simply open %1$s in a text editor, fill in your information, and save it as %2$s.' ), 178 printf( 179 __( 'If for any reason this automatic file creation doesn’t work, don’t worry. All this does is fill in the database information to a configuration file. You may also simply open %1$s in a text editor, fill in your information, and save it as %2$s.' ), 172 180 '<code>wp-config-sample.php</code>', 173 181 '<code>wp-config.php</code>' 174 182 ); 175 ?></strong> 183 ?> 184 </strong> 176 185 <?php 177 186 /* translators: %s: Codex URL */ 178 printf( __( 'Need more help? <a href="%s">We got it</a>.' ), 187 printf( 188 __( 'Need more help? <a href="%s">We got it</a>.' ), 179 189 __( 'https://codex.wordpress.org/Editing_wp-config.php' ) 180 190 ); 181 ?></p> 191 ?> 192 </p> 182 193 <p><?php _e( 'In all likelihood, these items were supplied to you by your Web Host. If you don’t have this information, then you will need to contact them before you can continue. If you’re all ready…' ); ?></p> 183 194 184 195 <p class="step"><a href="<?php echo $step_1; ?>" class="button button-large"><?php _e( 'Let’s go!' ); ?></a></p> 185 196 <?php 186 break;197 break; 187 198 188 199 case 1: … … 192 203 setup_config_display_header(); 193 204 ?> 194 <h1 class="screen-reader-text"><?php _e( 'Set up your database connection' ) ?></h1>205 <h1 class="screen-reader-text"><?php _e( 'Set up your database connection' ); ?></h1> 195 206 <form method="post" action="setup-config.php?step=2"> 196 207 <p><?php _e( 'Below you should enter your database connection details. If you’re not sure about these, contact your host.' ); ?></p> … … 214 225 <th scope="row"><label for="dbhost"><?php _e( 'Database Host' ); ?></label></th> 215 226 <td><input name="dbhost" id="dbhost" type="text" size="25" value="localhost" /></td> 216 <td><?php 227 <td> 228 <?php 217 229 /* translators: %s: localhost */ 218 printf( __( 'You should be able to get this info from your web host, if %s doesn’t work.' ),'<code>localhost</code>' ); 219 ?></td> 230 printf( __( 'You should be able to get this info from your web host, if %s doesn’t work.' ), '<code>localhost</code>' ); 231 ?> 232 </td> 220 233 </tr> 221 234 <tr> … … 225 238 </tr> 226 239 </table> 227 <?php if ( isset( $_GET['noapi'] ) ) { ?><input name="noapi" type="hidden" value="1" /><?php } ?> 240 <?php 241 if ( isset( $_GET['noapi'] ) ) { 242 ?> 243 <input name="noapi" type="hidden" value="1" /><?php } ?> 228 244 <input type="hidden" name="language" value="<?php echo esc_attr( $language ); ?>" /> 229 245 <p class="step"><input name="submit" type="submit" value="<?php echo htmlspecialchars( __( 'Submit' ), ENT_QUOTES ); ?>" class="button button-large" /></p> 230 246 </form> 231 247 <?php 232 break;248 break; 233 249 234 250 case 2: 235 load_default_textdomain( $language ); 236 $GLOBALS['wp_locale'] = new WP_Locale(); 237 238 $dbname = trim( wp_unslash( $_POST[ 'dbname' ] ) ); 239 $uname = trim( wp_unslash( $_POST[ 'uname' ] ) ); 240 $pwd = trim( wp_unslash( $_POST[ 'pwd' ] ) ); 241 $dbhost = trim( wp_unslash( $_POST[ 'dbhost' ] ) ); 242 $prefix = trim( wp_unslash( $_POST[ 'prefix' ] ) ); 243 244 $step_1 = 'setup-config.php?step=1'; 245 $install = 'install.php'; 246 if ( isset( $_REQUEST['noapi'] ) ) { 247 $step_1 .= '&noapi'; 248 } 249 250 if ( ! empty( $language ) ) { 251 $step_1 .= '&language=' . $language; 252 $install .= '?language=' . $language; 253 } else { 254 $install .= '?language=en_US'; 255 } 256 257 $tryagain_link = '</p><p class="step"><a href="' . $step_1 . '" onclick="javascript:history.go(-1);return false;" class="button button-large">' . __( 'Try again' ) . '</a>'; 258 259 if ( empty( $prefix ) ) 260 wp_die( __( '<strong>ERROR</strong>: "Table Prefix" must not be empty.' . $tryagain_link ) ); 261 262 // Validate $prefix: it can only contain letters, numbers and underscores. 263 if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) 264 wp_die( __( '<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.' . $tryagain_link ) ); 265 266 // Test the db connection. 267 /**#@+ 268 * @ignore 269 */ 270 define('DB_NAME', $dbname); 271 define('DB_USER', $uname); 272 define('DB_PASSWORD', $pwd); 273 define('DB_HOST', $dbhost); 274 /**#@-*/ 275 276 // Re-construct $wpdb with these new values. 277 unset( $wpdb ); 278 require_wp_db(); 279 280 /* 281 * The wpdb constructor bails when WP_SETUP_CONFIG is set, so we must 282 * fire this manually. We'll fail here if the values are no good. 283 */ 284 $wpdb->db_connect(); 285 286 if ( ! empty( $wpdb->error ) ) 287 wp_die( $wpdb->error->get_error_message() . $tryagain_link ); 288 289 $errors = $wpdb->hide_errors(); 290 $wpdb->query( "SELECT $prefix" ); 291 $wpdb->show_errors( $errors ); 292 if ( ! $wpdb->last_error ) { 293 // MySQL was able to parse the prefix as a value, which we don't want. Bail. 294 wp_die( __( '<strong>ERROR</strong>: "Table Prefix" is invalid.' ) ); 295 } 296 297 // Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password(). 298 try { 299 $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|'; 300 $max = strlen($chars) - 1; 301 for ( $i = 0; $i < 8; $i++ ) { 302 $key = ''; 303 for ( $j = 0; $j < 64; $j++ ) { 304 $key .= substr( $chars, random_int( 0, $max ), 1 ); 305 } 306 $secret_keys[] = $key; 307 } 308 } catch ( Exception $ex ) { 309 $no_api = isset( $_POST['noapi'] ); 310 311 if ( ! $no_api ) { 312 $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' ); 313 } 314 315 if ( $no_api || is_wp_error( $secret_keys ) ) { 316 $secret_keys = array(); 251 load_default_textdomain( $language ); 252 $GLOBALS['wp_locale'] = new WP_Locale(); 253 254 $dbname = trim( wp_unslash( $_POST['dbname'] ) ); 255 $uname = trim( wp_unslash( $_POST['uname'] ) ); 256 $pwd = trim( wp_unslash( $_POST['pwd'] ) ); 257 $dbhost = trim( wp_unslash( $_POST['dbhost'] ) ); 258 $prefix = trim( wp_unslash( $_POST['prefix'] ) ); 259 260 $step_1 = 'setup-config.php?step=1'; 261 $install = 'install.php'; 262 if ( isset( $_REQUEST['noapi'] ) ) { 263 $step_1 .= '&noapi'; 264 } 265 266 if ( ! empty( $language ) ) { 267 $step_1 .= '&language=' . $language; 268 $install .= '?language=' . $language; 269 } else { 270 $install .= '?language=en_US'; 271 } 272 273 $tryagain_link = '</p><p class="step"><a href="' . $step_1 . '" onclick="javascript:history.go(-1);return false;" class="button button-large">' . __( 'Try again' ) . '</a>'; 274 275 if ( empty( $prefix ) ) { 276 wp_die( __( '<strong>ERROR</strong>: "Table Prefix" must not be empty.' . $tryagain_link ) ); 277 } 278 279 // Validate $prefix: it can only contain letters, numbers and underscores. 280 if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) { 281 wp_die( __( '<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.' . $tryagain_link ) ); 282 } 283 284 // Test the db connection. 285 /**#@+ 286 * 287 * @ignore 288 */ 289 define( 'DB_NAME', $dbname ); 290 define( 'DB_USER', $uname ); 291 define( 'DB_PASSWORD', $pwd ); 292 define( 'DB_HOST', $dbhost ); 293 /**#@-*/ 294 295 // Re-construct $wpdb with these new values. 296 unset( $wpdb ); 297 require_wp_db(); 298 299 /* 300 * The wpdb constructor bails when WP_SETUP_CONFIG is set, so we must 301 * fire this manually. We'll fail here if the values are no good. 302 */ 303 $wpdb->db_connect(); 304 305 if ( ! empty( $wpdb->error ) ) { 306 wp_die( $wpdb->error->get_error_message() . $tryagain_link ); 307 } 308 309 $errors = $wpdb->hide_errors(); 310 $wpdb->query( "SELECT $prefix" ); 311 $wpdb->show_errors( $errors ); 312 if ( ! $wpdb->last_error ) { 313 // MySQL was able to parse the prefix as a value, which we don't want. Bail. 314 wp_die( __( '<strong>ERROR</strong>: "Table Prefix" is invalid.' ) ); 315 } 316 317 // Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password(). 318 try { 319 $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|'; 320 $max = strlen( $chars ) - 1; 317 321 for ( $i = 0; $i < 8; $i++ ) { 318 $secret_keys[] = wp_generate_password( 64, true, true ); 319 } 320 } else { 321 $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) ); 322 foreach ( $secret_keys as $k => $v ) { 323 $secret_keys[$k] = substr( $v, 28, 64 ); 324 } 325 } 326 } 327 328 $key = 0; 329 foreach ( $config_file as $line_num => $line ) { 330 if ( '$table_prefix =' == substr( $line, 0, 16 ) ) { 331 $config_file[ $line_num ] = '$table_prefix = \'' . addcslashes( $prefix, "\\'" ) . "';\r\n"; 332 continue; 333 } 334 335 if ( ! preg_match( '/^define\(\s*\'([A-Z_]+)\',([ ]+)/', $line, $match ) ) 336 continue; 337 338 $constant = $match[1]; 339 $padding = $match[2]; 340 341 switch ( $constant ) { 342 case 'DB_NAME' : 343 case 'DB_USER' : 344 case 'DB_PASSWORD' : 345 case 'DB_HOST' : 346 $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes( constant( $constant ), "\\'" ) . "' );\r\n"; 347 break; 348 case 'DB_CHARSET' : 349 if ( 'utf8mb4' === $wpdb->charset || ( ! $wpdb->charset && $wpdb->has_cap( 'utf8mb4' ) ) ) { 350 $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'utf8mb4' );\r\n"; 322 $key = ''; 323 for ( $j = 0; $j < 64; $j++ ) { 324 $key .= substr( $chars, random_int( 0, $max ), 1 ); 351 325 } 352 break; 353 case 'AUTH_KEY' : 354 case 'SECURE_AUTH_KEY' : 355 case 'LOGGED_IN_KEY' : 356 case 'NONCE_KEY' : 357 case 'AUTH_SALT' : 358 case 'SECURE_AUTH_SALT' : 359 case 'LOGGED_IN_SALT' : 360 case 'NONCE_SALT' : 361 $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . $secret_keys[$key++] . "' );\r\n"; 362 break; 363 } 364 } 365 unset( $line ); 366 367 if ( ! is_writable(ABSPATH) ) : 368 setup_config_display_header(); 369 ?> 370 <p><?php 326 $secret_keys[] = $key; 327 } 328 } catch ( Exception $ex ) { 329 $no_api = isset( $_POST['noapi'] ); 330 331 if ( ! $no_api ) { 332 $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' ); 333 } 334 335 if ( $no_api || is_wp_error( $secret_keys ) ) { 336 $secret_keys = array(); 337 for ( $i = 0; $i < 8; $i++ ) { 338 $secret_keys[] = wp_generate_password( 64, true, true ); 339 } 340 } else { 341 $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) ); 342 foreach ( $secret_keys as $k => $v ) { 343 $secret_keys[ $k ] = substr( $v, 28, 64 ); 344 } 345 } 346 } 347 348 $key = 0; 349 foreach ( $config_file as $line_num => $line ) { 350 if ( '$table_prefix =' == substr( $line, 0, 16 ) ) { 351 $config_file[ $line_num ] = '$table_prefix = \'' . addcslashes( $prefix, "\\'" ) . "';\r\n"; 352 continue; 353 } 354 355 if ( ! preg_match( '/^define\(\s*\'([A-Z_]+)\',([ ]+)/', $line, $match ) ) { 356 continue; 357 } 358 359 $constant = $match[1]; 360 $padding = $match[2]; 361 362 switch ( $constant ) { 363 case 'DB_NAME': 364 case 'DB_USER': 365 case 'DB_PASSWORD': 366 case 'DB_HOST': 367 $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes( constant( $constant ), "\\'" ) . "' );\r\n"; 368 break; 369 case 'DB_CHARSET': 370 if ( 'utf8mb4' === $wpdb->charset || ( ! $wpdb->charset && $wpdb->has_cap( 'utf8mb4' ) ) ) { 371 $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'utf8mb4' );\r\n"; 372 } 373 break; 374 case 'AUTH_KEY': 375 case 'SECURE_AUTH_KEY': 376 case 'LOGGED_IN_KEY': 377 case 'NONCE_KEY': 378 case 'AUTH_SALT': 379 case 'SECURE_AUTH_SALT': 380 case 'LOGGED_IN_SALT': 381 case 'NONCE_SALT': 382 $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . $secret_keys[ $key++ ] . "' );\r\n"; 383 break; 384 } 385 } 386 unset( $line ); 387 388 if ( ! is_writable( ABSPATH ) ) : 389 setup_config_display_header(); 390 ?> 391 <p> 392 <?php 371 393 /* translators: %s: wp-config.php */ 372 394 printf( __( 'Sorry, but I can’t write the %s file.' ), '<code>wp-config.php</code>' ); 373 ?></p> 374 <p><?php 395 ?> 396 </p> 397 <p> 398 <?php 375 399 /* translators: %s: wp-config.php */ 376 400 printf( __( 'You can create the %s file manually and paste the following text into it.' ), '<code>wp-config.php</code>' ); 377 ?></p> 378 <textarea id="wp-config" cols="98" rows="15" class="code" readonly="readonly"><?php 379 foreach ( $config_file as $line ) { 380 echo htmlentities($line, ENT_COMPAT, 'UTF-8'); 381 } 382 ?></textarea> 401 ?> 402 </p> 403 <textarea id="wp-config" cols="98" rows="15" class="code" readonly="readonly"> 404 <?php 405 foreach ( $config_file as $line ) { 406 echo htmlentities( $line, ENT_COMPAT, 'UTF-8' ); 407 } 408 ?> 409 </textarea> 383 410 <p><?php _e( 'After you’ve done that, click “Run the installation.”' ); ?></p> 384 411 <p class="step"><a href="<?php echo $install; ?>" class="button button-large"><?php _e( 'Run the installation' ); ?></a></p> … … 398 425 * file one level up, which is for the develop repo. 399 426 */ 400 if ( file_exists( ABSPATH . 'wp-config-sample.php' ) ) 427 if ( file_exists( ABSPATH . 'wp-config-sample.php' ) ) { 401 428 $path_to_wp_config = ABSPATH . 'wp-config.php'; 402 else429 } else { 403 430 $path_to_wp_config = dirname( ABSPATH ) . '/wp-config.php'; 431 } 404 432 405 433 $handle = fopen( $path_to_wp_config, 'w' ); … … 411 439 setup_config_display_header(); 412 440 ?> 413 <h1 class="screen-reader-text"><?php _e( 'Successful database connection' ) ?></h1>441 <h1 class="screen-reader-text"><?php _e( 'Successful database connection' ); ?></h1> 414 442 <p><?php _e( 'All right, sparky! You’ve made it through this part of the installation. WordPress can now communicate with your database. If you are ready, time now to…' ); ?></p> 415 443 … … 417 445 <?php 418 446 endif; 419 break;447 break; 420 448 } 421 449 ?>
Note: See TracChangeset
for help on using the changeset viewer.