WordPress.org

Make WordPress Core

Opened 8 years ago

Closed 5 years ago

#5538 closed enhancement (duplicate)

wp-config.php generator should allow setting of secret key and other advanced options

Reported by: DD32 Owned by: westi
Milestone: Priority: normal
Severity: normal Version: 2.5
Component: Upgrade/Install Keywords: needs-patch
Focuses: Cc:

Description

The web based wp-config.php generator should allow setting of the secret key(with a default of a randomly generated password) as not everyone modifies the wp-config.php file by hand.

Attachments (1)

advanced-config-options.diff (3.9 KB) - added by davidszp 8 years ago.
Adds preliminary advanced config options to wp-config.php generator

Download all attachments as: .zip

Change History (12)

comment:1 follow-up: @johnbillion8 years ago

Shouldn't it be set transparently to avoid showing another field during setup? That way we avoid showing an additional field during setup and having to explain what it's for.

comment:2 in reply to: ↑ 1 @DD328 years ago

Replying to johnbillion:

Shouldn't it be set transparently to avoid showing another field during setup? That way we avoid showing an additional field during setup and having to explain what it's for.

Maybe we can add an "Advanced" section to the install screen where it asks for the database credentials, The Advanced section can contain the secret key, and anything else which the user may want to set (ie, the Debug settings - default to none, Database charsets, anything else which can be set in wp-config -- Object cache?)

The Advanced section by default wouldbt be shown, But a [+] could expand it using javascript or something?

comment:3 @JeremyVisser8 years ago

Can we add the ability to set WP_HOME and WP_SITEURL values into your new "Advanced" section?

@davidszp8 years ago

Adds preliminary advanced config options to wp-config.php generator

comment:4 @davidszp8 years ago

  • Keywords has-patch needs-testing added

I spent a little while putting together a patch to get this started. The Advanced options section isn't hidden and there could probably be more error checking (then again, almost anything is better than what's there already :-) and prettifying. It also doesn't include the debug option as I'm not familiar with that, but it has everything else requested so far in this ticket.

I generated the secret key by taking the MD5 hash of the output of wp_generate_password (and thus had to include pluggable.php to get that function). I don't know if that's secure enough for this purpose.

Leaving needs-patch and added has-patch, since it has a patch but it still needs work! I wrote and tested this against 2.4-bleeding (revision 6499).

comment:5 @davidszp8 years ago

  • Summary changed from wp-config.php generator should allow setting of secret key to wp-config.php generator should allow setting of secret key and other advanced options

comment:6 @ryan8 years ago

We shouldn't encourage changing the DB charset and collation. UTF-8 for all.

Don't md5 the result of wp_generate_password(). It just reduces the number of possible characters. We can add a length argument to wp_generate_password() to get a longer random key.

comment:7 @hansengel8 years ago

  • Keywords needs-patch removed

comment:8 @westi7 years ago

  • Owner changed from anonymous to westi
  • Status changed from new to assigned

We should probably just pull some values from api.wordpress.org for the KEY's using the HTTP api we have now rather than using wp_generate_password.

I'll look at massaging this into something committable.

comment:9 @santosj7 years ago

  • Cc jacobsantos added

comment:10 @Denis-de-Bernardy6 years ago

  • Component changed from Administration to Upgrade/Install
  • Keywords needs-patch added; has-patch needs-testing removed
  • Milestone changed from 2.9 to Future Release

comment:11 @dd325 years ago

  • Milestone Future Release deleted
  • Resolution set to duplicate
  • Status changed from accepted to closed

See #12159

Note: See TracTickets for help on using tickets.