Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

setup-config.php

Last change on this file was 57427, checked in by johnbillion, 4 months ago

Database: Remove back-compat for database servers that don't support utf8mb4.

Since WordPress 6.5, the minimum supported version of MySQL and MariaDB is 5.5.5. This means all supported database servers now support the utf8mb4 character set and therefore the conditional logic for this is no longer necessary.

Props l1nuxjedi, craigfrancis, OllieJones, johnbillion

Fixes #60096

Built from https://develop.svn.wordpress.org/trunk@57926

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 17.5 KB

Line
1	<?php
2	/**
3	* Retrieves and creates the wp-config.php file.
4	*
5	* The permissions for the base directory must allow for writing files in order
6	* for the wp-config.php to be created using this page.
7	*
8	* @package WordPress
9	* @subpackage Administration
10	*/
11
12	/**
13	* We are installing.
14	*/
15	define( 'WP_INSTALLING', true );
16
17	/**
18	* We are blissfully unaware of anything.
19	*/
20	define( 'WP_SETUP_CONFIG', true );
21
22	/**
23	* Disable error reporting
24	*
25	* Set this to error_reporting( -1 ) for debugging
26	*/
27	error_reporting( 0 );
28
29	if ( ! defined( 'ABSPATH' ) ) {
30	define( 'ABSPATH', dirname( __DIR__ ) . '/' );
31	}
32
33	require ABSPATH . 'wp-settings.php';
34
35	/** Load WordPress Administration Upgrade API */
36	require_once ABSPATH . 'wp-admin/includes/upgrade.php';
37
38	/** Load WordPress Translation Installation API */
39	require_once ABSPATH . 'wp-admin/includes/translation-install.php';
40
41	nocache_headers();
42
43	// Support wp-config-sample.php one level up, for the develop repo.
44	if ( file_exists( ABSPATH . 'wp-config-sample.php' ) ) {
45	$config_file = file( ABSPATH . 'wp-config-sample.php' );
46	} elseif ( file_exists( dirname( ABSPATH ) . '/wp-config-sample.php' ) ) {
47	$config_file = file( dirname( ABSPATH ) . '/wp-config-sample.php' );
48	} else {
49	wp_die(
50	sprintf(
51	/* translators: %s: wp-config-sample.php */
52	__( 'Sorry, I need a %s file to work from. Please re-upload this file to your WordPress installation.' ),
53	'<code>wp-config-sample.php</code>'
54	)
55	);
56	}
57
58	// Check if wp-config.php has been created.
59	if ( file_exists( ABSPATH . 'wp-config.php' ) ) {
60	wp_die(
61	'<p>' . sprintf(
62	/* translators: 1: wp-config.php, 2: install.php */
63	__( 'The file %1$s already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href="%2$s">installing now</a>.' ),
64	'<code>wp-config.php</code>',
65	'install.php'
66	) . '</p>',
67	409
68	);
69	}
70
71	// Check if wp-config.php exists above the root directory but is not part of another installation.
72	if ( @file_exists( ABSPATH . '../wp-config.php' ) && ! @file_exists( ABSPATH . '../wp-settings.php' ) ) {
73	wp_die(
74	'<p>' . sprintf(
75	/* translators: 1: wp-config.php, 2: install.php */
76	__( 'The file %1$s already exists one level above your WordPress installation. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href="%2$s">installing now</a>.' ),
77	'<code>wp-config.php</code>',
78	'install.php'
79	) . '</p>',
80	409
81	);
82	}
83
84	$step = isset( $_GET['step'] ) ? (int) $_GET['step'] : -1;
85
86	/**
87	* Display setup wp-config.php file header.
88	*
89	* @ignore
90	* @since 2.3.0
91	*
92	* @param string\|string[] $body_classes Class attribute values for the body tag.
93	*/
94	function setup_config_display_header( $body_classes = array() ) {
95	$body_classes = (array) $body_classes;
96	$body_classes[] = 'wp-core-ui';
97	$dir_attr = '';
98	if ( is_rtl() ) {
99	$body_classes[] = 'rtl';
100	$dir_attr = ' dir="rtl"';
101	}
102
103	header( 'Content-Type: text/html; charset=utf-8' );
104	?>
105	<!DOCTYPE html>
106	<html<?php echo $dir_attr; ?>>
107	<head>
108	<meta name="viewport" content="width=device-width" />
109	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
110	<meta name="robots" content="noindex,nofollow" />
111	<title><?php _e( 'WordPress &rsaquo; Setup Configuration File' ); ?></title>
112	<?php wp_admin_css( 'install', true ); ?>
113	</head>
114	<body class="<?php echo implode( ' ', $body_classes ); ?>">
115	<p id="logo"><?php _e( 'WordPress' ); ?></p>
116	<?php
117	} // End function setup_config_display_header();
118
119	/**
120	* @global string $wp_local_package Locale code of the package.
121	* @global WP_Locale $wp_locale WordPress date and time locale object.
122	*/
123	$language = '';
124	if ( ! empty( $_REQUEST['language'] ) ) {
125	$language = preg_replace( '/[^a-zA-Z0-9_]/', '', $_REQUEST['language'] );
126	} elseif ( isset( $GLOBALS['wp_local_package'] ) ) {
127	$language = $GLOBALS['wp_local_package'];
128	}
129
130	switch ( $step ) {
131	case -1:
132	if ( wp_can_install_language_pack() && empty( $language ) ) {
133	$languages = wp_get_available_translations();
134	if ( $languages ) {
135	setup_config_display_header( 'language-chooser' );
136	echo '<h1 class="screen-reader-text">Select a default language</h1>';
137	echo '<form id="setup" method="post" action="?step=0">';
138	wp_install_language_form( $languages );
139	echo '</form>';
140	break;
141	}
142	}
143
144	// Deliberately fall through if we can't reach the translations API.
145
146	case 0:
147	if ( ! empty( $language ) ) {
148	$loaded_language = wp_download_language_pack( $language );
149	if ( $loaded_language ) {
150	load_default_textdomain( $loaded_language );
151	$GLOBALS['wp_locale'] = new WP_Locale();
152	}
153	}
154
155	setup_config_display_header();
156	$step_1 = 'setup-config.php?step=1';
157	if ( isset( $_REQUEST['noapi'] ) ) {
158	$step_1 .= '&noapi';
159	}
160	if ( ! empty( $loaded_language ) ) {
161	$step_1 .= '&language=' . $loaded_language;
162	}
163	?>
164	<h1 class="screen-reader-text">
165	<?php
166	/* translators: Hidden accessibility text. */
167	_e( 'Before getting started' );
168	?>
169	</h1>
170	<p><?php _e( 'Welcome to WordPress. Before getting started, you will need to know the following items.' ); ?></p>
171	<ol>
172	<li><?php _e( 'Database name' ); ?></li>
173	<li><?php _e( 'Database username' ); ?></li>
174	<li><?php _e( 'Database password' ); ?></li>
175	<li><?php _e( 'Database host' ); ?></li>
176	<li><?php _e( 'Table prefix (if you want to run more than one WordPress in a single database)' ); ?></li>
177	</ol>
178	<p>
179	<?php
180	printf(
181	/* translators: %s: wp-config.php */
182	__( 'This information is being used to create a %s file.' ),
183	'<code>wp-config.php</code>'
184	);
185	?>
186	<strong>
187	<?php
188	printf(
189	/* translators: 1: wp-config-sample.php, 2: wp-config.php */
190	__( 'If for any reason this automatic file creation does not work, do not worry. All this does is fill in the database information to a configuration file. You may also simply open %1$s in a text editor, fill in your information, and save it as %2$s.' ),
191	'<code>wp-config-sample.php</code>',
192	'<code>wp-config.php</code>'
193	);
194	?>
195	</strong>
196	<?php
197	printf(
198	/* translators: 1: Documentation URL, 2: wp-config.php */
199	__( 'Need more help? <a href="%1$s">Read the support article on %2$s</a>.' ),
200	__( 'https://developer.wordpress.org/advanced-administration/wordpress/wp-config/' ),
201	'<code>wp-config.php</code>'
202	);
203	?>
204	</p>
205	<p><?php _e( 'In all likelihood, these items were supplied to you by your web host. If you do not have this information, then you will need to contact them before you can continue. If you are ready…' ); ?></p>
206
207	<p class="step"><a href="<?php echo $step_1; ?>" class="button button-large"><?php _e( 'Let’s go!' ); ?></a></p>
208	<?php
209	break;
210
211	case 1:
212	load_default_textdomain( $language );
213	$GLOBALS['wp_locale'] = new WP_Locale();
214
215	setup_config_display_header();
216
217	$autofocus = wp_is_mobile() ? '' : ' autofocus';
218	?>
219	<h1 class="screen-reader-text">
220	<?php
221	/* translators: Hidden accessibility text. */
222	_e( 'Set up your database connection' );
223	?>
224	</h1>
225	<form method="post" action="setup-config.php?step=2">
226	<p><?php _e( 'Below you should enter your database connection details. If you are not sure about these, contact your host.' ); ?></p>
227	<table class="form-table" role="presentation">
228	<tr>
229	<th scope="row"><label for="dbname"><?php _e( 'Database Name' ); ?></label></th>
230	<td><input name="dbname" id="dbname" type="text" aria-describedby="dbname-desc" size="25" placeholder="wordpress"<?php echo $autofocus; ?>/>
231	<p id="dbname-desc"><?php _e( 'The name of the database you want to use with WordPress.' ); ?></p></td>
232	</tr>
233	<tr>
234	<th scope="row"><label for="uname"><?php _e( 'Username' ); ?></label></th>
235	<td><input name="uname" id="uname" type="text" aria-describedby="uname-desc" size="25" placeholder="<?php echo htmlspecialchars( _x( 'username', 'example username' ), ENT_QUOTES ); ?>" />
236	<p id="uname-desc"><?php _e( 'Your database username.' ); ?></p></td>
237	</tr>
238	<tr>
239	<th scope="row"><label for="pwd"><?php _e( 'Password' ); ?></label></th>
240	<td>
241	<div class="wp-pwd">
242	<input name="pwd" id="pwd" type="password" class="regular-text" data-reveal="1" aria-describedby="pwd-desc" size="25" placeholder="<?php echo htmlspecialchars( _x( 'password', 'example password' ), ENT_QUOTES ); ?>" autocomplete="off" spellcheck="false" />
243	<button type="button" class="button pwd-toggle hide-if-no-js" data-toggle="0" data-start-masked="1" aria-label="<?php esc_attr_e( 'Show password' ); ?>">
244	<span class="dashicons dashicons-visibility"></span>
245	<span class="text"><?php _e( 'Show' ); ?></span>
246	</button>
247	</div>
248	<p id="pwd-desc"><?php _e( 'Your database password.' ); ?></p>
249	</td>
250	</tr>
251	<tr>
252	<th scope="row"><label for="dbhost"><?php _e( 'Database Host' ); ?></label></th>
253	<td><input name="dbhost" id="dbhost" type="text" aria-describedby="dbhost-desc" size="25" value="localhost" />
254	<p id="dbhost-desc">
255	<?php
256	/* translators: %s: localhost */
257	printf( __( 'You should be able to get this info from your web host, if %s does not work.' ), '<code>localhost</code>' );
258	?>
259	</p></td>
260	</tr>
261	<tr>
262	<th scope="row"><label for="prefix"><?php _e( 'Table Prefix' ); ?></label></th>
263	<td><input name="prefix" id="prefix" type="text" aria-describedby="prefix-desc" value="wp_" size="25" />
264	<p id="prefix-desc"><?php _e( 'If you want to run multiple WordPress installations in a single database, change this.' ); ?></p></td>
265	</tr>
266	</table>
267	<?php
268	if ( isset( $_GET['noapi'] ) ) {
269	?>
270	<input name="noapi" type="hidden" value="1" /><?php } ?>
271	<input type="hidden" name="language" value="<?php echo esc_attr( $language ); ?>" />
272	<p class="step"><input name="submit" type="submit" value="<?php echo htmlspecialchars( __( 'Submit' ), ENT_QUOTES ); ?>" class="button button-large" /></p>
273	</form>
274	<?php
275	wp_print_scripts( 'password-toggle' );
276	break;
277
278	case 2:
279	load_default_textdomain( $language );
280	$GLOBALS['wp_locale'] = new WP_Locale();
281
282	$dbname = trim( wp_unslash( $_POST['dbname'] ) );
283	$uname = trim( wp_unslash( $_POST['uname'] ) );
284	$pwd = trim( wp_unslash( $_POST['pwd'] ) );
285	$dbhost = trim( wp_unslash( $_POST['dbhost'] ) );
286	$prefix = trim( wp_unslash( $_POST['prefix'] ) );
287
288	$step_1 = 'setup-config.php?step=1';
289	$install = 'install.php';
290	if ( isset( $_REQUEST['noapi'] ) ) {
291	$step_1 .= '&noapi';
292	}
293
294	if ( ! empty( $language ) ) {
295	$step_1 .= '&language=' . $language;
296	$install .= '?language=' . $language;
297	} else {
298	$install .= '?language=en_US';
299	}
300
301	$tryagain_link = '</p><p class="step"><a href="' . $step_1 . '" onclick="javascript:history.go(-1);return false;" class="button button-large">' . __( 'Try Again' ) . '</a>';
302
303	if ( empty( $prefix ) ) {
304	wp_die( __( '<strong>Error:</strong> "Table Prefix" must not be empty.' ) . $tryagain_link );
305	}
306
307	// Validate $prefix: it can only contain letters, numbers and underscores.
308	if ( preg_match( '\|[^a-z0-9_]\|i', $prefix ) ) {
309	wp_die( __( '<strong>Error:</strong> "Table Prefix" can only contain numbers, letters, and underscores.' ) . $tryagain_link );
310	}
311
312	// Test the DB connection.
313	/**#@+
314	*
315	* @ignore
316	*/
317	define( 'DB_NAME', $dbname );
318	define( 'DB_USER', $uname );
319	define( 'DB_PASSWORD', $pwd );
320	define( 'DB_HOST', $dbhost );
321	/*#@-/
322
323	// Re-construct $wpdb with these new values.
324	unset( $wpdb );
325	require_wp_db();
326
327	/*
328	* The wpdb constructor bails when WP_SETUP_CONFIG is set, so we must
329	* fire this manually. We'll fail here if the values are no good.
330	*/
331	$wpdb->db_connect();
332
333	if ( ! empty( $wpdb->error ) ) {
334	wp_die( $wpdb->error->get_error_message() . $tryagain_link );
335	}
336
337	$errors = $wpdb->suppress_errors();
338	$wpdb->query( "SELECT $prefix" );
339	$wpdb->suppress_errors( $errors );
340
341	if ( ! $wpdb->last_error ) {
342	// MySQL was able to parse the prefix as a value, which we don't want. Bail.
343	wp_die( __( '<strong>Error:</strong> "Table Prefix" is invalid.' ) );
344	}
345
346	// Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password().
347	try {
348	$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?\|';
349	$max = strlen( $chars ) - 1;
350	for ( $i = 0; $i < 8; $i++ ) {
351	$key = '';
352	for ( $j = 0; $j < 64; $j++ ) {
353	$key .= substr( $chars, random_int( 0, $max ), 1 );
354	}
355	$secret_keys[] = $key;
356	}
357	} catch ( Exception $ex ) {
358	$no_api = isset( $_POST['noapi'] );
359
360	if ( ! $no_api ) {
361	$secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
362	}
363
364	if ( $no_api \|\| is_wp_error( $secret_keys ) ) {
365	$secret_keys = array();
366	for ( $i = 0; $i < 8; $i++ ) {
367	$secret_keys[] = wp_generate_password( 64, true, true );
368	}
369	} else {
370	$secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
371	foreach ( $secret_keys as $k => $v ) {
372	$secret_keys[ $k ] = substr( $v, 28, 64 );
373	}
374	}
375	}
376
377	$key = 0;
378	foreach ( $config_file as $line_num => $line ) {
379	if ( str_starts_with( $line, '$table_prefix =' ) ) {
380	$config_file[ $line_num ] = '$table_prefix = \'' . addcslashes( $prefix, "\\'" ) . "';\r\n";
381	continue;
382	}
383
384	if ( ! preg_match( '/^define\(\s*\'([A-Z_]+)\',([ ]+)/', $line, $match ) ) {
385	continue;
386	}
387
388	$constant = $match[1];
389	$padding = $match[2];
390
391	switch ( $constant ) {
392	case 'DB_NAME':
393	case 'DB_USER':
394	case 'DB_PASSWORD':
395	case 'DB_HOST':
396	$config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes( constant( $constant ), "\\'" ) . "' );\r\n";
397	break;
398	case 'DB_CHARSET':
399	if ( 'utf8mb4' === $wpdb->charset \|\| ( ! $wpdb->charset ) ) {
400	$config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'utf8mb4' );\r\n";
401	}
402	break;
403	case 'AUTH_KEY':
404	case 'SECURE_AUTH_KEY':
405	case 'LOGGED_IN_KEY':
406	case 'NONCE_KEY':
407	case 'AUTH_SALT':
408	case 'SECURE_AUTH_SALT':
409	case 'LOGGED_IN_SALT':
410	case 'NONCE_SALT':
411	$config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . $secret_keys[ $key++ ] . "' );\r\n";
412	break;
413	}
414	}
415	unset( $line );
416
417	if ( ! is_writable( ABSPATH ) ) :
418	setup_config_display_header();
419	?>
420	<p>
421	<?php
422	/* translators: %s: wp-config.php */
423	printf( __( 'Unable to write to %s file.' ), '<code>wp-config.php</code>' );
424	?>
425	</p>
426	<p id="wp-config-description">
427	<?php
428	/* translators: %s: wp-config.php */
429	printf( __( 'You can create the %s file manually and paste the following text into it.' ), '<code>wp-config.php</code>' );
430
431	$config_text = '';
432
433	foreach ( $config_file as $line ) {
434	$config_text .= htmlentities( $line, ENT_COMPAT, 'UTF-8' );
435	}
436	?>
437	</p>
438	<p class="configuration-rules-label"><label for="wp-config">
439	<?php
440	/* translators: %s: wp-config.php */
441	printf( __( 'Configuration rules for %s:' ), '<code>wp-config.php</code>' );
442	?>
443	</label></p>
444	<textarea id="wp-config" cols="98" rows="15" class="code" readonly="readonly" aria-describedby="wp-config-description"><?php echo $config_text; ?></textarea>
445	<p><?php _e( 'After you’ve done that, click “Run the installation”.' ); ?></p>
446	<p class="step"><a href="<?php echo $install; ?>" class="button button-large"><?php _e( 'Run the installation' ); ?></a></p>
447	<script>
448	(function(){
449	if ( ! /iPad\|iPod\|iPhone/.test( navigator.userAgent ) ) {
450	var el = document.getElementById('wp-config');
451	el.focus();
452	el.select();
453	}
454	})();
455	</script>
456	<?php
457	else :
458	/*
459	* If this file doesn't exist, then we are using the wp-config-sample.php
460	* file one level up, which is for the develop repo.
461	*/
462	if ( file_exists( ABSPATH . 'wp-config-sample.php' ) ) {
463	$path_to_wp_config = ABSPATH . 'wp-config.php';
464	} else {
465	$path_to_wp_config = dirname( ABSPATH ) . '/wp-config.php';
466	}
467
468	$error_message = '';
469	$handle = fopen( $path_to_wp_config, 'w' );
470	/*
471	* Why check for the absence of false instead of checking for resource with is_resource()?
472	* To future-proof the check for when fopen returns object instead of resource, i.e. a known
473	* change coming in PHP.
474	*/
475	if ( false !== $handle ) {
476	foreach ( $config_file as $line ) {
477	fwrite( $handle, $line );
478	}
479	fclose( $handle );
480	} else {
481	$wp_config_perms = fileperms( $path_to_wp_config );
482	if ( ! empty( $wp_config_perms ) && ! is_writable( $path_to_wp_config ) ) {
483	$error_message = sprintf(
484	/* translators: 1: wp-config.php, 2: Documentation URL. */
485	__( 'You need to make the file %1$s writable before you can save your changes. See <a href="%2$s">Changing File Permissions</a> for more information.' ),
486	'<code>wp-config.php</code>',
487	__( 'https://developer.wordpress.org/advanced-administration/server/file-permissions/' )
488	);
489	} else {
490	$error_message = sprintf(
491	/* translators: %s: wp-config.php */
492	__( 'Unable to write to %s file.' ),
493	'<code>wp-config.php</code>'
494	);
495	}
496	}
497
498	chmod( $path_to_wp_config, 0666 );
499	setup_config_display_header();
500
501	if ( false !== $handle ) :
502	?>
503	<h1 class="screen-reader-text">
504	<?php
505	/* translators: Hidden accessibility text. */
506	_e( 'Successful database connection' );
507	?>
508	</h1>
509	<p><?php _e( 'All right, sparky! You’ve made it through this part of the installation. WordPress can now communicate with your database. If you are ready, time now to…' ); ?></p>
510
511	<p class="step"><a href="<?php echo $install; ?>" class="button button-large"><?php _e( 'Run the installation' ); ?></a></p>
512	<?php
513	else :
514	printf( '<p>%s</p>', $error_message );
515	endif;
516	endif;
517	break;
518	} // End of the steps switch.
519	?>
520	<?php wp_print_scripts( 'language-chooser' ); ?>
521	</body>
522	</html>

Note: See TracBrowser for help on using the repository browser.

Trac UI Preferences

WordPress build repository browser

Context Navigation

source: trunk/wp-admin/setup-config.php

Download in other formats: