[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-admin/ -> install.php (source)

   1  <?php
   2  /**
   3   * WordPress Installer
   4   *
   5   * @package WordPress
   6   * @subpackage Administration
   7   */
   8  
   9  // Confidence check.
  10  if ( false ) {
  11      ?>
  12  <!DOCTYPE html>
  13  <html>
  14  <head>
  15      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  16      <title>Error: PHP is not running</title>
  17  </head>
  18  <body class="wp-core-ui">
  19      <h1>Error: PHP is not running</h1>
  20      <p>WordPress requires that your web server is running PHP. Your server does not have PHP installed, or PHP is turned off.</p>
  21  </body>
  22  </html>
  23      <?php
  24  }
  25  
  26  /**
  27   * We are installing WordPress.
  28   *
  29   * @since 1.5.1
  30   * @var bool
  31   */
  32  define( 'WP_INSTALLING', true );
  33  
  34  /** Load WordPress Bootstrap */
  35  require_once dirname( __DIR__ ) . '/wp-load.php';
  36  
  37  /** Load WordPress Administration Upgrade API */
  38  require_once  ABSPATH . 'wp-admin/includes/upgrade.php';
  39  
  40  /** Load WordPress Translation Install API */
  41  require_once  ABSPATH . 'wp-admin/includes/translation-install.php';
  42  
  43  /** Load wpdb */
  44  require_once  ABSPATH . WPINC . '/class-wpdb.php';
  45  
  46  nocache_headers();
  47  
  48  $step = isset( $_GET['step'] ) ? (int) $_GET['step'] : 0;
  49  
  50  /**
  51   * Display installation header.
  52   *
  53   * @since 2.5.0
  54   *
  55   * @param string $body_classes
  56   */
  57  function display_header( $body_classes = '' ) {
  58      header( 'Content-Type: text/html; charset=utf-8' );
  59      if ( is_rtl() ) {
  60          $body_classes .= 'rtl';
  61      }
  62      if ( $body_classes ) {
  63          $body_classes = ' ' . $body_classes;
  64      }
  65      ?>
  66  <!DOCTYPE html>
  67  <html <?php language_attributes(); ?>>
  68  <head>
  69      <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  70      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  71      <meta name="robots" content="noindex,nofollow" />
  72      <title><?php _e( 'WordPress &rsaquo; Installation' ); ?></title>
  73      <?php wp_admin_css( 'install', true ); ?>
  74  </head>
  75  <body class="wp-core-ui<?php echo $body_classes; ?>">
  76  <p id="logo"><?php _e( 'WordPress' ); ?></p>
  77  
  78      <?php
  79  } // End display_header().
  80  
  81  /**
  82   * Displays installer setup form.
  83   *
  84   * @since 2.8.0
  85   *
  86   * @global wpdb $wpdb WordPress database abstraction object.
  87   *
  88   * @param string|null $error
  89   */
  90  function display_setup_form( $error = null ) {
  91      global $wpdb;
  92  
  93      $user_table = ( $wpdb->get_var( $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $wpdb->users ) ) ) !== null );
  94  
  95      // Ensure that sites appear in search engines by default.
  96      $blog_public = 1;
  97      if ( isset( $_POST['weblog_title'] ) ) {
  98          $blog_public = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : $blog_public;
  99      }
 100  
 101      $weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
 102      $user_name    = isset( $_POST['user_name'] ) ? trim( wp_unslash( $_POST['user_name'] ) ) : '';
 103      $admin_email  = isset( $_POST['admin_email'] ) ? trim( wp_unslash( $_POST['admin_email'] ) ) : '';
 104  
 105      if ( ! is_null( $error ) ) {
 106          ?>
 107  <h1><?php _ex( 'Welcome', 'Howdy' ); ?></h1>
 108  <p class="message"><?php echo $error; ?></p>
 109  <?php } ?>
 110  <form id="setup" method="post" action="install.php?step=2" novalidate="novalidate">
 111      <table class="form-table" role="presentation">
 112          <tr>
 113              <th scope="row"><label for="weblog_title"><?php _e( 'Site Title' ); ?></label></th>
 114              <td><input name="weblog_title" type="text" id="weblog_title" size="25" value="<?php echo esc_attr( $weblog_title ); ?>" /></td>
 115          </tr>
 116          <tr>
 117              <th scope="row"><label for="user_login"><?php _e( 'Username' ); ?></label></th>
 118              <td>
 119              <?php
 120              if ( $user_table ) {
 121                  _e( 'User(s) already exists.' );
 122                  echo '<input name="user_name" type="hidden" value="admin" />';
 123              } else {
 124                  ?>
 125                  <input name="user_name" type="text" id="user_login" size="25" aria-describedby="user-name-desc" value="<?php echo esc_attr( sanitize_user( $user_name, true ) ); ?>" />
 126                  <p id="user-name-desc"><?php _e( 'Usernames can have only alphanumeric characters, spaces, underscores, hyphens, periods, and the @ symbol.' ); ?></p>
 127                  <?php
 128              }
 129              ?>
 130              </td>
 131          </tr>
 132          <?php if ( ! $user_table ) : ?>
 133          <tr class="form-field form-required user-pass1-wrap">
 134              <th scope="row">
 135                  <label for="pass1">
 136                      <?php _e( 'Password' ); ?>
 137                  </label>
 138              </th>
 139              <td>
 140                  <div class="wp-pwd">
 141                      <?php $initial_password = isset( $_POST['admin_password'] ) ? stripslashes( $_POST['admin_password'] ) : wp_generate_password( 18 ); ?>
 142                      <div class="password-input-wrapper">
 143                          <input type="password" name="admin_password" id="pass1" class="regular-text" autocomplete="new-password" spellcheck="false" data-reveal="1" data-pw="<?php echo esc_attr( $initial_password ); ?>" aria-describedby="pass-strength-result admin-password-desc" />
 144                          <div id="pass-strength-result" aria-live="polite"></div>
 145                      </div>
 146                      <button type="button" class="button wp-hide-pw hide-if-no-js" data-start-masked="<?php echo (int) isset( $_POST['admin_password'] ); ?>" data-toggle="0" aria-label="<?php esc_attr_e( 'Hide password' ); ?>">
 147                          <span class="dashicons dashicons-hidden"></span>
 148                          <span class="text"><?php _e( 'Hide' ); ?></span>
 149                      </button>
 150                  </div>
 151                  <p id="admin-password-desc"><span class="description important hide-if-no-js">
 152                  <strong><?php _e( 'Important:' ); ?></strong>
 153                  <?php /* translators: The non-breaking space prevents 1Password from thinking the text "log in" should trigger a password save prompt. */ ?>
 154                  <?php _e( 'You will need this password to log&nbsp;in. Please store it in a secure location.' ); ?></span></p>
 155              </td>
 156          </tr>
 157          <tr class="form-field form-required user-pass2-wrap hide-if-js">
 158              <th scope="row">
 159                  <label for="pass2"><?php _e( 'Repeat Password' ); ?>
 160                      <span class="description"><?php _e( '(required)' ); ?></span>
 161                  </label>
 162              </th>
 163              <td>
 164                  <input type="password" name="admin_password2" id="pass2" autocomplete="new-password" spellcheck="false" />
 165              </td>
 166          </tr>
 167          <tr class="pw-weak">
 168              <th scope="row"><?php _e( 'Confirm Password' ); ?></th>
 169              <td>
 170                  <label>
 171                      <input type="checkbox" name="pw_weak" class="pw-checkbox" />
 172                      <?php _e( 'Confirm use of weak password' ); ?>
 173                  </label>
 174              </td>
 175          </tr>
 176          <?php endif; ?>
 177          <tr>
 178              <th scope="row"><label for="admin_email"><?php _e( 'Your Email' ); ?></label></th>
 179              <td><input name="admin_email" type="email" id="admin_email" size="25" aria-describedby="admin-email-desc" value="<?php echo esc_attr( $admin_email ); ?>" />
 180              <p id="admin-email-desc"><?php _e( 'Double-check your email address before continuing.' ); ?></p></td>
 181          </tr>
 182          <?php $blog_privacy_selector_title = has_action( 'blog_privacy_selector' ) ? __( 'Site visibility' ) : __( 'Search engine visibility' ); ?>
 183          <tr>
 184              <th scope="row"><?php echo $blog_privacy_selector_title; ?></th>
 185              <td>
 186                  <fieldset>
 187                      <legend class="screen-reader-text"><span><?php echo $blog_privacy_selector_title; ?></span></legend>
 188                      <?php
 189                      if ( has_action( 'blog_privacy_selector' ) ) {
 190                          ?>
 191                          <input id="blog-public" type="radio" name="blog_public" value="1" <?php checked( 1, $blog_public ); ?> />
 192                          <label for="blog-public"><?php _e( 'Allow search engines to index this site' ); ?></label><br />
 193                          <input id="blog-norobots" type="radio" name="blog_public"  aria-describedby="public-desc" value="0" <?php checked( 0, $blog_public ); ?> />
 194                          <label for="blog-norobots"><?php _e( 'Discourage search engines from indexing this site' ); ?></label>
 195                          <p id="public-desc" class="description"><?php _e( 'Note: Discouraging search engines does not block access to your site &mdash; it is up to search engines to honor your request.' ); ?></p>
 196                          <?php
 197                          /** This action is documented in wp-admin/options-reading.php */
 198                          do_action( 'blog_privacy_selector' );
 199                      } else {
 200                          ?>
 201                          <label for="blog_public"><input name="blog_public" type="checkbox" id="blog_public" aria-describedby="privacy-desc" value="0" <?php checked( 0, $blog_public ); ?> />
 202                          <?php _e( 'Discourage search engines from indexing this site' ); ?></label>
 203                          <p id="privacy-desc" class="description"><?php _e( 'It is up to search engines to honor this request.' ); ?></p>
 204                      <?php } ?>
 205                  </fieldset>
 206              </td>
 207          </tr>
 208      </table>
 209      <p class="step"><?php submit_button( __( 'Install WordPress' ), 'large', 'Submit', false, array( 'id' => 'submit' ) ); ?></p>
 210      <input type="hidden" name="language" value="<?php echo isset( $_REQUEST['language'] ) ? esc_attr( $_REQUEST['language'] ) : ''; ?>" />
 211  </form>
 212      <?php
 213  } // End display_setup_form().
 214  
 215  // Let's check to make sure WP isn't already installed.
 216  if ( is_blog_installed() ) {
 217      display_header();
 218      die(
 219          '<h1>' . __( 'Already Installed' ) . '</h1>' .
 220          '<p>' . __( 'You appear to have already installed WordPress. To reinstall please clear your old database tables first.' ) . '</p>' .
 221          '<p class="step"><a href="' . esc_url( wp_login_url() ) . '">' . __( 'Log In' ) . '</a></p>' .
 222          '</body></html>'
 223      );
 224  }
 225  
 226  /**
 227   * @global string   $wp_version              The WordPress version string.
 228   * @global string   $required_php_version    The minimum required PHP version string.
 229   * @global string[] $required_php_extensions The names of required PHP extensions.
 230   * @global string   $required_mysql_version  The minimum required MySQL version string.
 231   * @global wpdb     $wpdb                    WordPress database abstraction object.
 232   */
 233  global $wp_version, $required_php_version, $required_php_extensions, $required_mysql_version, $wpdb;
 234  
 235  $php_version   = PHP_VERSION;
 236  $mysql_version = $wpdb->db_version();
 237  $php_compat    = version_compare( $php_version, $required_php_version, '>=' );
 238  $mysql_compat  = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
 239  
 240  $version_url = sprintf(
 241      /* translators: %s: WordPress version. */
 242      esc_url( __( 'https://wordpress.org/documentation/wordpress-version/version-%s/' ) ),
 243      sanitize_title( $wp_version )
 244  );
 245  
 246  $php_update_message = '</p><p>' . sprintf(
 247      /* translators: %s: URL to Update PHP page. */
 248      __( '<a href="%s">Learn more about updating PHP</a>.' ),
 249      esc_url( wp_get_update_php_url() )
 250  );
 251  
 252  $annotation = wp_get_update_php_annotation();
 253  
 254  if ( $annotation ) {
 255      $php_update_message .= '</p><p><em>' . $annotation . '</em>';
 256  }
 257  
 258  if ( ! $mysql_compat && ! $php_compat ) {
 259      $compat = sprintf(
 260          /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: Minimum required PHP version number, 4: Minimum required MySQL version number, 5: Current PHP version number, 6: Current MySQL version number. */
 261          __( 'You cannot install because <a href="%1$s">WordPress %2$s</a> requires PHP version %3$s or higher and MySQL version %4$s or higher. You are running PHP version %5$s and MySQL version %6$s.' ),
 262          $version_url,
 263          $wp_version,
 264          $required_php_version,
 265          $required_mysql_version,
 266          $php_version,
 267          $mysql_version
 268      ) . $php_update_message;
 269  } elseif ( ! $php_compat ) {
 270      $compat = sprintf(
 271          /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: Minimum required PHP version number, 4: Current PHP version number. */
 272          __( 'You cannot install because <a href="%1$s">WordPress %2$s</a> requires PHP version %3$s or higher. You are running version %4$s.' ),
 273          $version_url,
 274          $wp_version,
 275          $required_php_version,
 276          $php_version
 277      ) . $php_update_message;
 278  } elseif ( ! $mysql_compat ) {
 279      $compat = sprintf(
 280          /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: Minimum required MySQL version number, 4: Current MySQL version number. */
 281          __( 'You cannot install because <a href="%1$s">WordPress %2$s</a> requires MySQL version %3$s or higher. You are running version %4$s.' ),
 282          $version_url,
 283          $wp_version,
 284          $required_mysql_version,
 285          $mysql_version
 286      );
 287  }
 288  
 289  if ( ! $mysql_compat || ! $php_compat ) {
 290      display_header();
 291      die( '<h1>' . __( 'Requirements Not Met' ) . '</h1><p>' . $compat . '</p></body></html>' );
 292  }
 293  
 294  if ( isset( $required_php_extensions ) && is_array( $required_php_extensions ) ) {
 295      $missing_extensions = array();
 296  
 297      foreach ( $required_php_extensions as $extension ) {
 298          if ( extension_loaded( $extension ) ) {
 299              continue;
 300          }
 301  
 302          $missing_extensions[] = sprintf(
 303              /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: The PHP extension name needed. */
 304              __( 'You cannot install because <a href="%1$s">WordPress %2$s</a> requires the %3$s PHP extension.' ),
 305              $version_url,
 306              $wp_version,
 307              $extension
 308          );
 309      }
 310  
 311      if ( count( $missing_extensions ) > 0 ) {
 312          display_header();
 313          die( '<h1>' . __( 'Requirements Not Met' ) . '</h1><p>' . implode( '</p><p>', $missing_extensions ) . '</p></body></html>' );
 314      }
 315  }
 316  
 317  if ( ! is_string( $wpdb->base_prefix ) || '' === $wpdb->base_prefix ) {
 318      display_header();
 319      die(
 320          '<h1>' . __( 'Configuration Error' ) . '</h1>' .
 321          '<p>' . sprintf(
 322              /* translators: %s: wp-config.php */
 323              __( 'Your %s file has an empty database table prefix, which is not supported.' ),
 324              '<code>wp-config.php</code>'
 325          ) . '</p></body></html>'
 326      );
 327  }
 328  
 329  // Set error message if DO_NOT_UPGRADE_GLOBAL_TABLES isn't set as it will break install.
 330  if ( defined( 'DO_NOT_UPGRADE_GLOBAL_TABLES' ) ) {
 331      display_header();
 332      die(
 333          '<h1>' . __( 'Configuration Error' ) . '</h1>' .
 334          '<p>' . sprintf(
 335              /* translators: %s: DO_NOT_UPGRADE_GLOBAL_TABLES */
 336              __( 'The constant %s cannot be defined when installing WordPress.' ),
 337              '<code>DO_NOT_UPGRADE_GLOBAL_TABLES</code>'
 338          ) . '</p></body></html>'
 339      );
 340  }
 341  
 342  /**
 343   * @global string    $wp_local_package Locale code of the package.
 344   * @global WP_Locale $wp_locale        WordPress date and time locale object.
 345   */
 346  $language = '';
 347  if ( ! empty( $_REQUEST['language'] ) ) {
 348      $language = sanitize_locale_name( $_REQUEST['language'] );
 349  } elseif ( isset( $GLOBALS['wp_local_package'] ) ) {
 350      $language = $GLOBALS['wp_local_package'];
 351  }
 352  
 353  $scripts_to_print = array( 'jquery' );
 354  
 355  switch ( $step ) {
 356      case 0: // Step 0.
 357          if ( wp_can_install_language_pack() && empty( $language ) ) {
 358              $languages = wp_get_available_translations();
 359              if ( $languages ) {
 360                  $scripts_to_print[] = 'language-chooser';
 361                  display_header( 'language-chooser' );
 362                  echo '<form id="setup" method="post" action="?step=1">';
 363                  wp_install_language_form( $languages );
 364                  echo '</form>';
 365                  break;
 366              }
 367          }
 368  
 369          // Deliberately fall through if we can't reach the translations API.
 370  
 371      case 1: // Step 1, direct link or from language chooser.
 372          if ( ! empty( $language ) ) {
 373              $loaded_language = wp_download_language_pack( $language );
 374              if ( $loaded_language ) {
 375                  load_default_textdomain( $loaded_language );
 376                  $GLOBALS['wp_locale'] = new WP_Locale();
 377              }
 378          }
 379  
 380          $scripts_to_print[] = 'user-profile';
 381  
 382          display_header();
 383          ?>
 384  <h1><?php _ex( 'Welcome', 'Howdy' ); ?></h1>
 385  <p><?php _e( 'Welcome to the famous five-minute WordPress installation process! Just fill in the information below and you&#8217;ll be on your way to using the most extendable and powerful personal publishing platform in the world.' ); ?></p>
 386  
 387  <h2><?php _e( 'Information needed' ); ?></h2>
 388  <p><?php _e( 'Please provide the following information. Do not worry, you can always change these settings later.' ); ?></p>
 389  
 390          <?php
 391          display_setup_form();
 392          break;
 393      case 2:
 394          if ( ! empty( $language ) && load_default_textdomain( $language ) ) {
 395              $loaded_language      = $language;
 396              $GLOBALS['wp_locale'] = new WP_Locale();
 397          } else {
 398              $loaded_language = 'en_US';
 399          }
 400  
 401          if ( ! empty( $wpdb->error ) ) {
 402              wp_die( $wpdb->error->get_error_message() );
 403          }
 404  
 405          $scripts_to_print[] = 'user-profile';
 406  
 407          display_header();
 408          // Fill in the data we gathered.
 409          $weblog_title         = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
 410          $user_name            = isset( $_POST['user_name'] ) ? trim( wp_unslash( $_POST['user_name'] ) ) : '';
 411          $admin_password       = isset( $_POST['admin_password'] ) ? wp_unslash( $_POST['admin_password'] ) : '';
 412          $admin_password_check = isset( $_POST['admin_password2'] ) ? wp_unslash( $_POST['admin_password2'] ) : '';
 413          $admin_email          = isset( $_POST['admin_email'] ) ? trim( wp_unslash( $_POST['admin_email'] ) ) : '';
 414          $public               = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : 1;
 415  
 416          // Check email address.
 417          $error = false;
 418          if ( empty( $user_name ) ) {
 419              // TODO: Poka-yoke.
 420              display_setup_form( __( 'Please provide a valid username.' ) );
 421              $error = true;
 422          } elseif ( sanitize_user( $user_name, true ) !== $user_name ) {
 423              display_setup_form( __( 'The username you provided has invalid characters.' ) );
 424              $error = true;
 425          } elseif ( $admin_password !== $admin_password_check ) {
 426              // TODO: Poka-yoke.
 427              display_setup_form( __( 'Your passwords do not match. Please try again.' ) );
 428              $error = true;
 429          } elseif ( empty( $admin_email ) ) {
 430              // TODO: Poka-yoke.
 431              display_setup_form( __( 'You must provide an email address.' ) );
 432              $error = true;
 433          } elseif ( ! is_email( $admin_email ) ) {
 434              // TODO: Poka-yoke.
 435              display_setup_form( __( 'Sorry, that is not a valid email address. Email addresses look like <code>username@example.com</code>.' ) );
 436              $error = true;
 437          }
 438  
 439          if ( false === $error ) {
 440              $wpdb->show_errors();
 441              $result = wp_install( $weblog_title, $user_name, $admin_email, $public, '', wp_slash( $admin_password ), $loaded_language );
 442              ?>
 443  
 444  <h1><?php _e( 'Success!' ); ?></h1>
 445  
 446  <p><?php _e( 'WordPress has been installed. Thank you, and enjoy!' ); ?></p>
 447  
 448  <table class="form-table install-success">
 449      <tr>
 450          <th><?php _e( 'Username' ); ?></th>
 451          <td><?php echo esc_html( sanitize_user( $user_name, true ) ); ?></td>
 452      </tr>
 453      <tr>
 454          <th><?php _e( 'Password' ); ?></th>
 455          <td>
 456              <?php if ( ! empty( $result['password'] ) && empty( $admin_password_check ) ) : ?>
 457                  <code><?php echo esc_html( $result['password'] ); ?></code><br />
 458              <?php endif; ?>
 459              <p><?php echo $result['password_message']; ?></p>
 460          </td>
 461      </tr>
 462  </table>
 463  
 464  <p class="step"><a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log In' ); ?></a></p>
 465  
 466              <?php
 467          }
 468          break;
 469  }
 470  
 471  if ( ! wp_is_mobile() ) {
 472      ?>
 473  <script type="text/javascript">var t = document.getElementById('weblog_title'); if (t){ t.focus(); }</script>
 474      <?php
 475  }
 476  
 477  wp_print_scripts( $scripts_to_print );
 478  ?>
 479  <script type="text/javascript">
 480  jQuery( function( $ ) {
 481      $( '.hide-if-no-js' ).removeClass( 'hide-if-no-js' );
 482  } );
 483  </script>
 484  </body>
 485  </html>


Generated : Fri Oct 10 08:20:03 2025 Cross-referenced by PHPXref