[wp-trac] [WordPress Trac] #15486: Auto-generated wp-config.php doesn't have escaping for the MySQL password
WordPress Trac
wp-trac at lists.automattic.com
Fri Nov 19 14:18:51 UTC 2010
#15486: Auto-generated wp-config.php doesn't have escaping for the MySQL password
-----------------------------+----------------------------------------------
Reporter: SaltwaterC | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version: 3.0.1
Severity: normal | Keywords:
-----------------------------+----------------------------------------------
During the WordPress installation, if the target filesystem doesn't have
write permissions, the installer kindly asks:
"Sorry, but I can't write the wp-config.php file.
You can create the wp-config.php manually and paste the following text
into it."
However, if the MySQL password contains chars like ' then the
automatically generated line looks like this:
define('DB_PASSWORD', 'random-input'more-random-junk');
which makes the PHP engine to cough an error (specifically, the obvious:
PHP Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING) an
potentially annoy the person who installs WordPress.
Something tells me that if the wp-config.php goes straight to disk, this
issue might be there as well. I am not intimate with the WordPress
installer, but somebody who is may take a look to see if my hunch is
right.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/15486>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list