Index: wp-admin/setup-config.php
===================================================================
--- wp-admin/setup-config.php	(revision 16800)
+++ wp-admin/setup-config.php	(working copy)
@@ -88,7 +88,7 @@
 <link rel="stylesheet" href="css/install.css" type="text/css" />
 
 </head>
-<body>
+<body onload="setFocus();">
 <h1 id="logo"><img alt="WordPress" src="images/wordpress-logo.png" /></h1>
 <?php
 }//end function display_header();
@@ -114,34 +114,64 @@
 	break;
 
 	case 1:
-		display_header();
+            display_header();
+            if ( isset( $_POST['setup_error'] ) ) {
+                switch( $_POST['setup_error'] ) {
+                    case 'db_connect_fail' :
+                        $error_msg = "Cannot connect to the database server with the provided username,password and host combination.";
+                        $focus_element = "uname";
+                    break;
+                    case 'db_select_fail' :
+                        $error_msg = "Cannot select the database.";
+                        $focus_element = "dbname";
+                    break;
+                    case 'invalid_prefix' :
+                        $error_msg = "The table prefix can contain only letters, numbers, and underscores.";
+                        $focus_element = "prefix";
+                    break;
+                }                
+                ?>
+                <script type="text/javascript">
+                    function setFocus() {
+                        document.getElementById( '<?php echo $focus_element; ?>' ).focus();
+                    }
+                </script>
+                <p style="color:red;"><?php echo $error_msg; ?></p>
+                <?php                
+            }
+            $dbname =   !empty( $_POST['dbname'] ) ? trim( $_POST['dbname'] ) : 'wordpress';
+            $uname  =   !empty( $_POST['uname'] ) ? trim( $_POST['uname'] ) : 'username';
+            // password can be left blank
+            $password=   isset( $_POST['pwd'] ) ? $_POST['pwd'] : 'password';
+            $dbhost =   !empty( $_POST['dbhost'] ) ? trim( $_POST['dbhost'] ) : 'localhost';
+            $prefix =   !empty( $_POST['prefix'] ) ? trim( $_POST['prefix'] ) : 'wp_';            
 	?>
 <form method="post" action="setup-config.php?step=2">
 	<p>Below you should enter your database connection details. If you're not sure about these, contact your host. </p>
 	<table class="form-table">
 		<tr>
 			<th scope="row"><label for="dbname">Database Name</label></th>
-			<td><input name="dbname" id="dbname" type="text" size="25" value="wordpress" /></td>
+			<td><input name="dbname" id="dbname" type="text" size="25" value="<?php echo htmlspecialchars( $dbname, ENT_QUOTES ); ?>" /></td>
 			<td>The name of the database you want to run WP in. </td>
 		</tr>
 		<tr>
 			<th scope="row"><label for="uname">User Name</label></th>
-			<td><input name="uname" id="uname" type="text" size="25" value="username" /></td>
+			<td><input name="uname" id="uname" type="text" size="25" value="<?php echo htmlspecialchars( $uname, ENT_QUOTES ); ?>" /></td>
 			<td>Your MySQL username</td>
 		</tr>
 		<tr>
 			<th scope="row"><label for="pwd">Password</label></th>
-			<td><input name="pwd" id="pwd" type="text" size="25" value="password" /></td>
+			<td><input name="pwd" id="pwd" type="text" size="25" value="<?php echo htmlspecialchars( $password, ENT_QUOTES ); ?>" /></td>
 			<td>...and MySQL password.</td>
 		</tr>
 		<tr>
 			<th scope="row"><label for="dbhost">Database Host</label></th>
-			<td><input name="dbhost" id="dbhost" type="text" size="25" value="localhost" /></td>
+			<td><input name="dbhost" id="dbhost" type="text" size="25" value="<?php echo htmlspecialchars( $dbhost, ENT_QUOTES ); ?>" /></td>
 			<td>You should be able to get this info from your web host, if <code>localhost</code> does not work.</td>
 		</tr>
 		<tr>
 			<th scope="row"><label for="prefix">Table Prefix</label></th>
-			<td><input name="prefix" id="prefix" type="text" id="prefix" value="wp_" size="25" /></td>
+			<td><input name="prefix" id="prefix" type="text" id="prefix" value="<?php echo htmlspecialchars( $prefix, ENT_QUOTES ); ?>" size="25" /></td>
 			<td>If you want to run multiple WordPress installations in a single database, change this.</td>
 		</tr>
 	</table>
@@ -154,33 +184,50 @@
 	case 2:
 	$dbname  = trim($_POST['dbname']);
 	$uname   = trim($_POST['uname']);
-	$passwrd = trim($_POST['pwd']);
+	$password = trim($_POST['pwd']);
 	$dbhost  = trim($_POST['dbhost']);
 	$prefix  = trim($_POST['prefix']);
 	if ( empty($prefix) )
-		$prefix = 'wp_';
-
+		$prefix = 'wp_';        
+        $setup_error = null;     
 	// Validate $prefix: it can only contain letters, numbers and underscores
-	if ( preg_match( '|[^a-z0-9_]|i', $prefix ) )
-		wp_die( /*WP_I18N_BAD_PREFIX*/'<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.'/*/WP_I18N_BAD_PREFIX*/ );
+	if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) {                
+                $prefix =   htmlspecialchars( $prefix, ENT_QUOTES );
+                $setup_error = new WP_Error( 'invalid_prefix', '<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.' );
+        }        
+        // prefix is good, let's continue
+        else {
+            // Test the db connection.
+            /**#@+
+             * @ignore
+             */
+            define('DB_NAME', $dbname);
+            define('DB_USER', $uname);
+            define('DB_PASSWORD', $password);
+            define('DB_HOST', $dbhost);
+            /**#@-*/
 
-	// Test the db connection.
-	/**#@+
-	 * @ignore
-	 */
-	define('DB_NAME', $dbname);
-	define('DB_USER', $uname);
-	define('DB_PASSWORD', $passwrd);
-	define('DB_HOST', $dbhost);
-	/**#@-*/
-
-	// We'll fail here if the values are no good.
-	require_wp_db();
-	if ( ! empty( $wpdb->error ) ) {
-		$back = '<p class="step"><a href="setup-config.php?step=1" onclick="javascript:history.go(-1);return false;" class="button">Try Again</a></p>';
-		wp_die( $wpdb->error->get_error_message() . $back );
-	}
-
+            // We'll fail here if the values are no good.
+            require_wp_db();
+            if ( ! empty( $wpdb->error ) ) {                                    
+                $setup_error = $wpdb->error;
+            }
+        }
+        // check if any error occured above        
+        if ( $setup_error->get_error_code() ) {
+            $try_again = '<p class="step">
+            <form action="setup-config.php?step=1" method="post">  
+                <input name="setup_error" type="hidden" value="' . $setup_error->get_error_code() . '" />
+                <input name="dbname" type="hidden" value="' . htmlspecialchars( $dbname, ENT_QUOTES ) . '" />		
+                <input name="uname" type="hidden" value="' . htmlspecialchars( $uname, ENT_QUOTES ) . '" />		
+                <input name="pwd" type="hidden" value="' . htmlspecialchars( $password, ENT_QUOTES ) . '" />		        
+                <input name="dbhost" type="hidden" value="' . htmlspecialchars( $dbhost, ENT_QUOTES ) . '" />		
+                <input name="prefix" type="hidden" id="prefix" value="' . $prefix . '" />    
+                <input type="submit" class="button" value="Try Again" name="try-again" />
+            </form>
+                  </p>';
+            wp_die( $setup_error->get_error_message() . $try_again );
+        }	
 	// Fetch or generate keys and salts.
 	$no_api = isset( $_POST['noapi'] );
 	require_once( ABSPATH . WPINC . '/plugin.php' );
@@ -223,7 +270,7 @@
 				$configFile[$line_num] = str_replace("'username_here'", "'$uname'", $line);
 				break;
 			case "define('DB_PASSW":
-				$configFile[$line_num] = str_replace("'password_here'", "'$passwrd'", $line);
+				$configFile[$line_num] = str_replace("'password_here'", "'$password'", $line);
 				break;
 			case "define('DB_HOST'":
 				$configFile[$line_num] = str_replace("localhost", $dbhost, $line);