X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/0b8a53f298029318648c37e477703e903dfcb82b..11be15bd505d66a91e2c80062190b13e315a04a9:/wp-admin/install.php diff --git a/wp-admin/install.php b/wp-admin/install.php index 0b65f523..71d59a9c 100644 --- a/wp-admin/install.php +++ b/wp-admin/install.php @@ -9,14 +9,14 @@ // Sanity check. if ( false ) { ?> - - + + Error: PHP is not running - -

WordPress

+ +

WordPress

Error: PHP is not running

WordPress requires that your web server is running PHP. Your server does not have PHP installed, or PHP is turned off.

@@ -41,7 +41,7 @@ require_once( dirname( __FILE__ ) . '/includes/upgrade.php' ); /** Load wpdb */ require_once(dirname(dirname(__FILE__)) . '/wp-includes/wp-db.php'); -$step = isset( $_GET['step'] ) ? $_GET['step'] : 0; +$step = isset( $_GET['step'] ) ? (int) $_GET['step'] : 0; /** * Display install header. @@ -53,15 +53,17 @@ $step = isset( $_GET['step'] ) ? $_GET['step'] : 0; function display_header() { header( 'Content-Type: text/html; charset=utf-8' ); ?> - + > <?php _e( 'WordPress › Installation' ); ?> - + - -

WordPress

+ +

@@ -98,7 +100,7 @@ function display_setup_form( $error = null ) { - +

- + + -

+

' . __( 'Already Installed' ) . '

' . __( 'You appear to have already installed WordPress. To reinstall please clear your old database tables first.' ) . '

' . __('Log In') . '

' ); + die( '

' . __( 'Already Installed' ) . '

' . __( 'You appear to have already installed WordPress. To reinstall please clear your old database tables first.' ) . '

' . __( 'Log In' ) . '

' ); } $php_version = phpversion(); @@ -150,15 +153,20 @@ $php_compat = version_compare( $php_version, $required_php_version, '>=' ); $mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' ); if ( !$mysql_compat && !$php_compat ) - $compat = sprintf( __('You cannot install because WordPress %1$s requires PHP version %2$s or higher and MySQL version %3$s or higher. You are running PHP version %4$s and MySQL version %5$s.'), $wp_version, $required_php_version, $required_mysql_version, $php_version, $mysql_version ); + $compat = sprintf( __( 'You cannot install because WordPress %1$s requires PHP version %2$s or higher and MySQL version %3$s or higher. You are running PHP version %4$s and MySQL version %5$s.' ), $wp_version, $required_php_version, $required_mysql_version, $php_version, $mysql_version ); elseif ( !$php_compat ) - $compat = sprintf( __('You cannot install because WordPress %1$s requires PHP version %2$s or higher. You are running version %3$s.'), $wp_version, $required_php_version, $php_version ); + $compat = sprintf( __( 'You cannot install because WordPress %1$s requires PHP version %2$s or higher. You are running version %3$s.' ), $wp_version, $required_php_version, $php_version ); elseif ( !$mysql_compat ) - $compat = sprintf( __('You cannot install because WordPress %1$s requires MySQL version %2$s or higher. You are running version %3$s.'), $wp_version, $required_mysql_version, $mysql_version ); + $compat = sprintf( __( 'You cannot install because WordPress %1$s requires MySQL version %2$s or higher. You are running version %3$s.' ), $wp_version, $required_mysql_version, $mysql_version ); if ( !$mysql_compat || !$php_compat ) { display_header(); - die('

' . __('Insufficient Requirements') . '

' . $compat . '

'); + die( '

' . __( 'Insufficient Requirements' ) . '

' . $compat . '

' ); +} + +if ( ! is_string( $wpdb->base_prefix ) || '' === $wpdb->base_prefix ) { + display_header(); + die( '

' . __( 'Configuration Error' ) . '

' . __( 'Your wp-config.php file has an empty database table prefix, which is not supported.' ) . '

' ); } switch($step) { @@ -166,7 +174,7 @@ switch($step) { case 1: // Step 1, direct link. display_header(); ?> -

+

ReadMe documentation at your leisure. Otherwise, just fill in the information below and you’ll be on your way to using the most extendable and powerful personal publishing platform in the world.' ), '../readme.html' ); ?>

@@ -181,11 +189,11 @@ switch($step) { display_header(); // Fill in the data we gathered - $weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : ''; - $user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin'; - $admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : ''; - $admin_password_check = isset($_POST['admin_password2']) ? $_POST['admin_password2'] : ''; - $admin_email = isset( $_POST['admin_email'] ) ?trim( stripslashes( $_POST['admin_email'] ) ) : ''; + $weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : ''; + $user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : 'admin'; + $admin_password = isset($_POST['admin_password']) ? wp_unslash( $_POST['admin_password'] ) : ''; + $admin_password_check = isset($_POST['admin_password2']) ? wp_unslash( $_POST['admin_password2'] ) : ''; + $admin_email = isset( $_POST['admin_email'] ) ?trim( wp_unslash( $_POST['admin_email'] ) ) : ''; $public = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : 0; // check e-mail address $error = false; @@ -206,7 +214,7 @@ switch($step) { $error = true; } elseif ( ! is_email( $admin_email ) ) { // TODO: poka-yoke - display_setup_form( __( 'that isn’t a valid e-mail address. E-mail addresses look like: username@example.com' ) ); + display_setup_form( __( 'that isn’t a valid e-mail address. E-mail addresses look like: username@example.com' ) ); $error = true; } @@ -220,10 +228,10 @@ switch($step) {

- +
- + @@ -235,7 +243,7 @@ switch($step) {
-

+

- - - - - +