Opened 17 years ago
Closed 15 years ago
#5538 closed enhancement (duplicate)
wp-config.php generator should allow setting of secret key and other advanced options
Reported by: | DD32 | Owned by: | westi |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.5 |
Component: | Upgrade/Install | Keywords: | needs-patch |
Focuses: | Cc: |
Description
The web based wp-config.php generator should allow setting of the secret key(with a default of a randomly generated password) as not everyone modifies the wp-config.php file by hand.
Attachments (1)
Change History (12)
#2
in reply to:
↑ 1
@
17 years ago
Replying to johnbillion:
Shouldn't it be set transparently to avoid showing another field during setup? That way we avoid showing an additional field during setup and having to explain what it's for.
Maybe we can add an "Advanced" section to the install screen where it asks for the database credentials, The Advanced section can contain the secret key, and anything else which the user may want to set (ie, the Debug settings - default to none, Database charsets, anything else which can be set in wp-config -- Object cache?)
The Advanced section by default wouldbt be shown, But a [+] could expand it using javascript or something?
#3
@
17 years ago
Can we add the ability to set WP_HOME and WP_SITEURL values into your new "Advanced" section?
#4
@
17 years ago
- Keywords has-patch needs-testing added
I spent a little while putting together a patch to get this started. The Advanced options section isn't hidden and there could probably be more error checking (then again, almost anything is better than what's there already :-) and prettifying. It also doesn't include the debug option as I'm not familiar with that, but it has everything else requested so far in this ticket.
I generated the secret key by taking the MD5 hash of the output of wp_generate_password (and thus had to include pluggable.php to get that function). I don't know if that's secure enough for this purpose.
Leaving needs-patch and added has-patch, since it has a patch but it still needs work! I wrote and tested this against 2.4-bleeding (revision 6499).
#5
@
17 years ago
- Summary changed from wp-config.php generator should allow setting of secret key to wp-config.php generator should allow setting of secret key and other advanced options
#6
@
17 years ago
We shouldn't encourage changing the DB charset and collation. UTF-8 for all.
Don't md5 the result of wp_generate_password(). It just reduces the number of possible characters. We can add a length argument to wp_generate_password() to get a longer random key.
#8
@
16 years ago
- Owner changed from anonymous to westi
- Status changed from new to assigned
We should probably just pull some values from api.wordpress.org for the KEY's using the HTTP api we have now rather than using wp_generate_password.
I'll look at massaging this into something committable.
Shouldn't it be set transparently to avoid showing another field during setup? That way we avoid showing an additional field during setup and having to explain what it's for.