[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

title

Body

[close]

/wp-admin/ -> setup-config.php (source)

   1  <?php
   2  /**
   3   * Retrieves and creates the wp-config.php file.
   4   *
   5   * The permissions for the base directory must allow for writing files in order
   6   * for the wp-config.php to be created using this page.
   7   *
   8   * @package WordPress
   9   * @subpackage Administration
  10   */
  11  
  12  /**
  13   * We are installing.
  14   */
  15  define( 'WP_INSTALLING', true );
  16  
  17  /**
  18   * We are blissfully unaware of anything.
  19   */
  20  define( 'WP_SETUP_CONFIG', true );
  21  
  22  /**
  23   * Disable error reporting
  24   *
  25   * Set this to error_reporting( -1 ) for debugging
  26   */
  27  error_reporting( 0 );
  28  
  29  if ( ! defined( 'ABSPATH' ) ) {
  30      define( 'ABSPATH', dirname( dirname( __FILE__ ) ) . '/' );
  31  }
  32  
  33  require ( ABSPATH . 'wp-settings.php' );
  34  
  35  /** Load WordPress Administration Upgrade API */
  36  require_once ( ABSPATH . 'wp-admin/includes/upgrade.php' );
  37  
  38  /** Load WordPress Translation Installation API */
  39  require_once ( ABSPATH . 'wp-admin/includes/translation-install.php' );
  40  
  41  nocache_headers();
  42  
  43  // Support wp-config-sample.php one level up, for the develop repo.
  44  if ( file_exists( ABSPATH . 'wp-config-sample.php' ) ) {
  45      $config_file = file( ABSPATH . 'wp-config-sample.php' );
  46  } elseif ( file_exists( dirname( ABSPATH ) . '/wp-config-sample.php' ) ) {
  47      $config_file = file( dirname( ABSPATH ) . '/wp-config-sample.php' );
  48  } else {
  49      wp_die(
  50          sprintf(
  51              /* translators: %s: wp-config-sample.php */
  52              __( 'Sorry, I need a %s file to work from. Please re-upload this file to your WordPress installation.' ),
  53              '<code>wp-config-sample.php</code>'
  54          )
  55      );
  56  }
  57  
  58  // Check if wp-config.php has been created
  59  if ( file_exists( ABSPATH . 'wp-config.php' ) ) {
  60      wp_die(
  61          '<p>' . sprintf(
  62              /* translators: 1: wp-config.php, 2: install.php */
  63              __( 'The file %1$s already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href="%2$s">installing now</a>.' ),
  64              '<code>wp-config.php</code>',
  65              'install.php'
  66          ) . '</p>'
  67      );
  68  }
  69  
  70  // Check if wp-config.php exists above the root directory but is not part of another installation
  71  if ( @file_exists( ABSPATH . '../wp-config.php' ) && ! @file_exists( ABSPATH . '../wp-settings.php' ) ) {
  72      wp_die(
  73          '<p>' . sprintf(
  74              /* translators: 1: wp-config.php, 2: install.php */
  75              __( 'The file %1$s already exists one level above your WordPress installation. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href="%2$s">installing now</a>.' ),
  76              '<code>wp-config.php</code>',
  77              'install.php'
  78          ) . '</p>'
  79      );
  80  }
  81  
  82  $step = isset( $_GET['step'] ) ? (int) $_GET['step'] : -1;
  83  
  84  /**
  85   * Display setup wp-config.php file header.
  86   *
  87   * @ignore
  88   * @since 2.3.0
  89   *
  90   * @global string    $wp_local_package
  91   * @global WP_Locale $wp_locale        WordPress date and time locale object.
  92   *
  93   * @param string|array $body_classes
  94   */
  95  function setup_config_display_header( $body_classes = array() ) {
  96      $body_classes   = (array) $body_classes;
  97      $body_classes[] = 'wp-core-ui';
  98      $dir_attr       = '';
  99      if ( is_rtl() ) {
 100          $body_classes[] = 'rtl';
 101          $dir_attr       = ' dir="rtl"';
 102      }
 103  
 104      header( 'Content-Type: text/html; charset=utf-8' );
 105      ?>
 106  <!DOCTYPE html>
 107  <html xmlns="http://www.w3.org/1999/xhtml"<?php echo $dir_attr; ?>>
 108  <head>
 109      <meta name="viewport" content="width=device-width" />
 110      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 111      <meta name="robots" content="noindex,nofollow" />
 112      <title><?php _e( 'WordPress &rsaquo; Setup Configuration File' ); ?></title>
 113      <?php wp_admin_css( 'install', true ); ?>
 114  </head>
 115  <body class="<?php echo implode( ' ', $body_classes ); ?>">
 116  <p id="logo"><a href="<?php echo esc_url( __( 'https://wordpress.org/' ) ); ?>"><?php _e( 'WordPress' ); ?></a></p>
 117      <?php
 118  } // end function setup_config_display_header();
 119  
 120  $language = '';
 121  if ( ! empty( $_REQUEST['language'] ) ) {
 122      $language = preg_replace( '/[^a-zA-Z0-9_]/', '', $_REQUEST['language'] );
 123  } elseif ( isset( $GLOBALS['wp_local_package'] ) ) {
 124      $language = $GLOBALS['wp_local_package'];
 125  }
 126  
 127  switch ( $step ) {
 128      case -1:
 129          if ( wp_can_install_language_pack() && empty( $language ) ) {
 130              $languages = wp_get_available_translations();
 131              if ( $languages ) {
 132                  setup_config_display_header( 'language-chooser' );
 133                  echo '<h1 class="screen-reader-text">Select a default language</h1>';
 134                  echo '<form id="setup" method="post" action="?step=0">';
 135                  wp_install_language_form( $languages );
 136                  echo '</form>';
 137                  break;
 138              }
 139          }
 140  
 141          // Deliberately fall through if we can't reach the translations API.
 142  
 143      case 0:
 144          if ( ! empty( $language ) ) {
 145              $loaded_language = wp_download_language_pack( $language );
 146              if ( $loaded_language ) {
 147                  load_default_textdomain( $loaded_language );
 148                  $GLOBALS['wp_locale'] = new WP_Locale();
 149              }
 150          }
 151  
 152          setup_config_display_header();
 153          $step_1 = 'setup-config.php?step=1';
 154          if ( isset( $_REQUEST['noapi'] ) ) {
 155              $step_1 .= '&amp;noapi';
 156          }
 157          if ( ! empty( $loaded_language ) ) {
 158              $step_1 .= '&amp;language=' . $loaded_language;
 159          }
 160          ?>
 161  <h1 class="screen-reader-text"><?php _e( 'Before getting started' ); ?></h1>
 162  <p><?php _e( 'Welcome to WordPress. Before getting started, we need some information on the database. You will need to know the following items before proceeding.' ); ?></p>
 163  <ol>
 164      <li><?php _e( 'Database name' ); ?></li>
 165      <li><?php _e( 'Database username' ); ?></li>
 166      <li><?php _e( 'Database password' ); ?></li>
 167      <li><?php _e( 'Database host' ); ?></li>
 168      <li><?php _e( 'Table prefix (if you want to run more than one WordPress in a single database)' ); ?></li>
 169  </ol>
 170  <p>
 171          <?php
 172          printf(
 173              /* translators: %s: wp-config.php */
 174              __( 'We&#8217;re going to use this information to create a %s file.' ),
 175              '<code>wp-config.php</code>'
 176          );
 177          ?>
 178      <strong>
 179          <?php
 180          printf(
 181              /* translators: 1: wp-config-sample.php, 2: wp-config.php */
 182              __( 'If for any reason this automatic file creation doesn&#8217;t work, don&#8217;t worry. All this does is fill in the database information to a configuration file. You may also simply open %1$s in a text editor, fill in your information, and save it as %2$s.' ),
 183              '<code>wp-config-sample.php</code>',
 184              '<code>wp-config.php</code>'
 185          );
 186          ?>
 187      </strong>
 188          <?php
 189          printf(
 190              /* translators: %s: Documentation URL. */
 191              __( 'Need more help? <a href="%s">We got it</a>.' ),
 192              __( 'https://wordpress.org/support/article/editing-wp-config-php/' )
 193          );
 194          ?>
 195  </p>
 196  <p><?php _e( 'In all likelihood, these items were supplied to you by your Web Host. If you don&#8217;t have this information, then you will need to contact them before you can continue. If you&#8217;re all ready&hellip;' ); ?></p>
 197  
 198  <p class="step"><a href="<?php echo $step_1; ?>" class="button button-large"><?php _e( 'Let&#8217;s go!' ); ?></a></p>
 199          <?php
 200          break;
 201  
 202      case 1:
 203          load_default_textdomain( $language );
 204          $GLOBALS['wp_locale'] = new WP_Locale();
 205  
 206          setup_config_display_header();
 207  
 208          $autofocus = wp_is_mobile() ? '' : ' autofocus';
 209          ?>
 210  <h1 class="screen-reader-text"><?php _e( 'Set up your database connection' ); ?></h1>
 211  <form method="post" action="setup-config.php?step=2">
 212      <p><?php _e( 'Below you should enter your database connection details. If you&#8217;re not sure about these, contact your host.' ); ?></p>
 213      <table class="form-table" role="presentation">
 214          <tr>
 215              <th scope="row"><label for="dbname"><?php _e( 'Database Name' ); ?></label></th>
 216              <td><input name="dbname" id="dbname" type="text" aria-describedby="dbname-desc" size="25" value="wordpress"<?php echo $autofocus; ?>/></td>
 217              <td id="dbname-desc"><?php _e( 'The name of the database you want to use with WordPress.' ); ?></td>
 218          </tr>
 219          <tr>
 220              <th scope="row"><label for="uname"><?php _e( 'Username' ); ?></label></th>
 221              <td><input name="uname" id="uname" type="text" aria-describedby="uname-desc" size="25" value="<?php echo htmlspecialchars( _x( 'username', 'example username' ), ENT_QUOTES ); ?>" /></td>
 222              <td id="uname-desc"><?php _e( 'Your database username.' ); ?></td>
 223          </tr>
 224          <tr>
 225              <th scope="row"><label for="pwd"><?php _e( 'Password' ); ?></label></th>
 226              <td><input name="pwd" id="pwd" type="text" aria-describedby="pwd-desc" size="25" value="<?php echo htmlspecialchars( _x( 'password', 'example password' ), ENT_QUOTES ); ?>" autocomplete="off" /></td>
 227              <td id="pwd-desc"><?php _e( 'Your database password.' ); ?></td>
 228          </tr>
 229          <tr>
 230              <th scope="row"><label for="dbhost"><?php _e( 'Database Host' ); ?></label></th>
 231              <td><input name="dbhost" id="dbhost" type="text" aria-describedby="dbhost-desc" size="25" value="localhost" /></td>
 232              <td id="dbhost-desc">
 233              <?php
 234                  /* translators: %s: localhost */
 235                  printf( __( 'You should be able to get this info from your web host, if %s doesn&#8217;t work.' ), '<code>localhost</code>' );
 236              ?>
 237              </td>
 238          </tr>
 239          <tr>
 240              <th scope="row"><label for="prefix"><?php _e( 'Table Prefix' ); ?></label></th>
 241              <td><input name="prefix" id="prefix" type="text" aria-describedby="prefix-desc" value="wp_" size="25" /></td>
 242              <td id="prefix-desc"><?php _e( 'If you want to run multiple WordPress installations in a single database, change this.' ); ?></td>
 243          </tr>
 244      </table>
 245          <?php
 246          if ( isset( $_GET['noapi'] ) ) {
 247              ?>
 248  <input name="noapi" type="hidden" value="1" /><?php } ?>
 249      <input type="hidden" name="language" value="<?php echo esc_attr( $language ); ?>" />
 250      <p class="step"><input name="submit" type="submit" value="<?php echo htmlspecialchars( __( 'Submit' ), ENT_QUOTES ); ?>" class="button button-large" /></p>
 251  </form>
 252          <?php
 253          break;
 254  
 255      case 2:
 256          load_default_textdomain( $language );
 257          $GLOBALS['wp_locale'] = new WP_Locale();
 258  
 259          $dbname = trim( wp_unslash( $_POST['dbname'] ) );
 260          $uname  = trim( wp_unslash( $_POST['uname'] ) );
 261          $pwd    = trim( wp_unslash( $_POST['pwd'] ) );
 262          $dbhost = trim( wp_unslash( $_POST['dbhost'] ) );
 263          $prefix = trim( wp_unslash( $_POST['prefix'] ) );
 264  
 265          $step_1  = 'setup-config.php?step=1';
 266          $install = 'install.php';
 267          if ( isset( $_REQUEST['noapi'] ) ) {
 268              $step_1 .= '&amp;noapi';
 269          }
 270  
 271          if ( ! empty( $language ) ) {
 272              $step_1  .= '&amp;language=' . $language;
 273              $install .= '?language=' . $language;
 274          } else {
 275              $install .= '?language=en_US';
 276          }
 277  
 278          $tryagain_link = '</p><p class="step"><a href="' . $step_1 . '" onclick="javascript:history.go(-1);return false;" class="button button-large">' . __( 'Try Again' ) . '</a>';
 279  
 280          if ( empty( $prefix ) ) {
 281              wp_die( __( '<strong>ERROR</strong>: "Table Prefix" must not be empty.' ) . $tryagain_link );
 282          }
 283  
 284          // Validate $prefix: it can only contain letters, numbers and underscores.
 285          if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) {
 286              wp_die( __( '<strong>ERROR</strong>: "Table Prefix" can only contain numbers, letters, and underscores.' ) . $tryagain_link );
 287          }
 288  
 289          // Test the db connection.
 290          /**#@+
 291           *
 292           * @ignore
 293           */
 294          define( 'DB_NAME', $dbname );
 295          define( 'DB_USER', $uname );
 296          define( 'DB_PASSWORD', $pwd );
 297          define( 'DB_HOST', $dbhost );
 298          /**#@-*/
 299  
 300          // Re-construct $wpdb with these new values.
 301          unset( $wpdb );
 302          require_wp_db();
 303  
 304          /*
 305          * The wpdb constructor bails when WP_SETUP_CONFIG is set, so we must
 306          * fire this manually. We'll fail here if the values are no good.
 307          */
 308          $wpdb->db_connect();
 309  
 310          if ( ! empty( $wpdb->error ) ) {
 311              wp_die( $wpdb->error->get_error_message() . $tryagain_link );
 312          }
 313  
 314          $errors = $wpdb->hide_errors();
 315          $wpdb->query( "SELECT $prefix" );
 316          $wpdb->show_errors( $errors );
 317          if ( ! $wpdb->last_error ) {
 318              // MySQL was able to parse the prefix as a value, which we don't want. Bail.
 319              wp_die( __( '<strong>ERROR</strong>: "Table Prefix" is invalid.' ) );
 320          }
 321  
 322          // Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password().
 323          try {
 324              $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|';
 325              $max   = strlen( $chars ) - 1;
 326              for ( $i = 0; $i < 8; $i++ ) {
 327                  $key = '';
 328                  for ( $j = 0; $j < 64; $j++ ) {
 329                      $key .= substr( $chars, random_int( 0, $max ), 1 );
 330                  }
 331                  $secret_keys[] = $key;
 332              }
 333          } catch ( Exception $ex ) {
 334              $no_api = isset( $_POST['noapi'] );
 335  
 336              if ( ! $no_api ) {
 337                  $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
 338              }
 339  
 340              if ( $no_api || is_wp_error( $secret_keys ) ) {
 341                  $secret_keys = array();
 342                  for ( $i = 0; $i < 8; $i++ ) {
 343                      $secret_keys[] = wp_generate_password( 64, true, true );
 344                  }
 345              } else {
 346                  $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
 347                  foreach ( $secret_keys as $k => $v ) {
 348                      $secret_keys[ $k ] = substr( $v, 28, 64 );
 349                  }
 350              }
 351          }
 352  
 353          $key = 0;
 354          foreach ( $config_file as $line_num => $line ) {
 355              if ( '$table_prefix =' == substr( $line, 0, 15 ) ) {
 356                  $config_file[ $line_num ] = '$table_prefix = \'' . addcslashes( $prefix, "\\'" ) . "';\r\n";
 357                  continue;
 358              }
 359  
 360              if ( ! preg_match( '/^define\(\s*\'([A-Z_]+)\',([ ]+)/', $line, $match ) ) {
 361                  continue;
 362              }
 363  
 364              $constant = $match[1];
 365              $padding  = $match[2];
 366  
 367              switch ( $constant ) {
 368                  case 'DB_NAME':
 369                  case 'DB_USER':
 370                  case 'DB_PASSWORD':
 371                  case 'DB_HOST':
 372                      $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes( constant( $constant ), "\\'" ) . "' );\r\n";
 373                      break;
 374                  case 'DB_CHARSET':
 375                      if ( 'utf8mb4' === $wpdb->charset || ( ! $wpdb->charset && $wpdb->has_cap( 'utf8mb4' ) ) ) {
 376                          $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'utf8mb4' );\r\n";
 377                      }
 378                      break;
 379                  case 'AUTH_KEY':
 380                  case 'SECURE_AUTH_KEY':
 381                  case 'LOGGED_IN_KEY':
 382                  case 'NONCE_KEY':
 383                  case 'AUTH_SALT':
 384                  case 'SECURE_AUTH_SALT':
 385                  case 'LOGGED_IN_SALT':
 386                  case 'NONCE_SALT':
 387                      $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . $secret_keys[ $key++ ] . "' );\r\n";
 388                      break;
 389              }
 390          }
 391          unset( $line );
 392  
 393          if ( ! is_writable( ABSPATH ) ) :
 394              setup_config_display_header();
 395              ?>
 396      <p>
 397              <?php
 398              /* translators: %s: wp-config.php */
 399              printf( __( 'Sorry, but I can&#8217;t write the %s file.' ), '<code>wp-config.php</code>' );
 400              ?>
 401  </p>
 402  <p>
 403              <?php
 404              /* translators: %s: wp-config.php */
 405              printf( __( 'You can create the %s file manually and paste the following text into it.' ), '<code>wp-config.php</code>' );
 406  
 407              $config_text = '';
 408  
 409              foreach ( $config_file as $line ) {
 410                  $config_text .= htmlentities( $line, ENT_COMPAT, 'UTF-8' );
 411              }
 412              ?>
 413  </p>
 414  <textarea id="wp-config" cols="98" rows="15" class="code" readonly="readonly"><?php echo $config_text; ?></textarea>
 415  <p><?php _e( 'After you&#8217;ve done that, click &#8220;Run the installation&#8221;.' ); ?></p>
 416  <p class="step"><a href="<?php echo $install; ?>" class="button button-large"><?php _e( 'Run the installation' ); ?></a></p>
 417  <script>
 418  (function(){
 419  if ( ! /iPad|iPod|iPhone/.test( navigator.userAgent ) ) {
 420      var el = document.getElementById('wp-config');
 421      el.focus();
 422      el.select();
 423  }
 424  })();
 425  </script>
 426              <?php
 427      else :
 428          /*
 429           * If this file doesn't exist, then we are using the wp-config-sample.php
 430           * file one level up, which is for the develop repo.
 431           */
 432          if ( file_exists( ABSPATH . 'wp-config-sample.php' ) ) {
 433              $path_to_wp_config = ABSPATH . 'wp-config.php';
 434          } else {
 435              $path_to_wp_config = dirname( ABSPATH ) . '/wp-config.php';
 436          }
 437  
 438          $handle = fopen( $path_to_wp_config, 'w' );
 439          foreach ( $config_file as $line ) {
 440              fwrite( $handle, $line );
 441          }
 442          fclose( $handle );
 443          chmod( $path_to_wp_config, 0666 );
 444          setup_config_display_header();
 445          ?>
 446  <h1 class="screen-reader-text"><?php _e( 'Successful database connection' ); ?></h1>
 447  <p><?php _e( 'All right, sparky! You&#8217;ve made it through this part of the installation. WordPress can now communicate with your database. If you are ready, time now to&hellip;' ); ?></p>
 448  
 449  <p class="step"><a href="<?php echo $install; ?>" class="button button-large"><?php _e( 'Run the installation' ); ?></a></p>
 450          <?php
 451      endif;
 452          break;
 453  }
 454  ?>
 455  <?php wp_print_scripts( 'language-chooser' ); ?>
 456  </body>
 457  </html>


Generated: Fri Oct 25 08:20:01 2019 Cross-referenced by PHPXref 0.7