#34200 closed defect (bug) (duplicate)
Prompted to upgrade database when visiting /wp-admin/ and logged out
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | |
| Component: | Database | Keywords: | |
| Focuses: | administration | Cc: |
Description
When accessing /wp-admin/ while signed out on a site that was autoupdated from 4.3.0 to 4.3.1, I was prompted to update the database before continuing, even though I wasn't logged in as an administrator. Non-logged-in visits to the admin page should not prompt to take administrative actions (like upgrading a DB) without first authenticating the user as someone who has permissions to do so.
Change History (12)
#4
@
9 years ago
Confirmed in: 4.1.1, 4.3.1 and 4.3.2.
Current result: Non-logged in users visiting /wp-admin/ are requested to upgrade the database.
Expected result: Display log-in screen.
This ticket was mentioned in Slack in #core by boone. View the logs.
9 years ago
#7
@
9 years ago
To be clear: The problem here is the potential for simultaneous upgrades — see #3901 — *not* any kind of authentication issue. We've long ago made the determination that DB upgrades do not require authentication.
The existing core upgrader currently relies on this — it fires a DB upgrade automatically by sending an unauthenticated HTTP request. This means that most people actually never see this page anymore.
Cron jobs that run curl -s .../wp-admin/upgrade.php?step=upgrade_db also rely on this.
#9
@
9 years ago
- Keywords close removed
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed
- Version 4.3.1 deleted
Duplicate of #3901.
It's also worth noting that the risk of simultaneous upgrades causing problem is very low. Running the same ALTER TABLE at the same time, for example, will cause the ALTER to occur in whichever thread gets the table lock first. The second ALTER will return quickly, finding that it no longer has anything to do.
This ticket was mentioned in Slack in #core by ocean90. View the logs.
8 years ago
This ticket was mentioned in Slack in #core by skithund. View the logs.
6 years ago
#12
@
6 years ago
Can we re-visit this discussion?
My concern isn't over "potential for simultaneous upgrades" or whether or not authentication is required. My concern is over the user experience.
I just went to login to a site and got the “Database Update Required” screen. I wasn't logged in. I didn't get the login screen. Just the database update screen.
Now I'm a WordPress dev, not a "not dev experienced" site owner and even I freaked out. I thought there was a serious bug on the site. I didn't know we don't require authentication to do database upgrades.
But I'm not here to discuss/argue whether or not to require authentication for DB upgrades. But I would like to question the need for this screen because its confusing, if not frightening.
This UX seems to go against a lot of what we try to teach users about security.
Is it possible to, instead of displaying the screen, to just trigger the DB update and then redirect to the login screen?
Why do we need this screen? Why do we need a user to click the button?
Thanks!
Related/Duplicate: #3901