[wp-trac] [WordPress Trac] #53298: Checking if wp-config-sample.php file exists before checking if wp-config.php exists

WordPress Trac noreply at wordpress.org
Sat May 29 20:34:44 UTC 2021 

#53298: Checking if wp-config-sample.php file exists before checking if wp-
config.php exists
-------------------------------------------------+-------------------------
 Reporter:  machineitsvcs                        |      Owner:  (none)
     Type:  defect (bug)                         |     Status:  new
 Priority:  normal                               |  Milestone:  Awaiting
                                                 |  Review
Component:  General                              |    Version:  5.7.2
 Severity:  trivial                              |   Keywords:  needs-patch
  Focuses:  administration, privacy, coding-     |
  standards                                      |
-------------------------------------------------+-------------------------
 Currently in WordPress core, wp-admin/setup-config.php checks if wp-
 config-sample.php file exists before checking if wp-config.php exists. If
 the sample file exists, it then checks if the wp-config.php file exists,
 and if so, suggests deletion if necessary. For security, some WordPress
 users may delete the sample file, and restrict open_basedir for directory
 above that of the web root directory. Because of these two cases, the
 current order produces the follow error:

 `PHP message: PHP Warning:  file_exists(): open_basedir restriction in
 effect. File(/var/www/example/wp-config-sample.php) is not within the
 allowed path(s):
 (/var/www/example/web:/var/www/example/private:/var/www/example/tmp:/tmp:...)
 in /var/www/example/web/wp-admin/setup-config.php on line 46`

 If the check for existence of sample file could be moved after checking if
 wp-config.php exists, we could avoid this error and avoid checking if
 sample file exists if wp-config.php does and not checking both if they
 both do.

 i.e. Moving the section commented `Support wp-config-sample.php one level
 up, for the develop repo.` to after the section commented `Check if wp-
 config.php exists above the root directory but is not part of another
 installation.` in `wp-admin/setup-config.php`

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/53298>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list