Do not display user specified password during install. Fixes #12479. See #10396 for feedback

git-svn-id: http://svn.automattic.com/wordpress/trunk@13592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
dd32 2010-03-05 12:25:30 +00:00
parent ffa4103e99
commit e2ef640d36
4 changed files with 21 additions and 10 deletions

View File

@ -1 +1 @@
html{background:#f9f9f9;}body{background:#fff;color:#333;font-family:"Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;margin:2em auto;width:700px;padding:1em 2em;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:11px;border:1px solid #dfdfdf;}a{color:#2583ad;text-decoration:none;}a:hover{color:#d54e21;}h1{border-bottom:1px solid #dadada;clear:both;color:#666;font:24px Georgia,"Times New Roman",Times,serif;margin:5px 0 0 -4px;padding:0;padding-bottom:7px;}h2{font-size:16px;}p,li,dd,dt{padding-bottom:2px;font-size:12px;line-height:18px;}code{font-size:13px;}ul,ol,dl{padding:5px 5px 5px 22px;}a img{border:0;}abbr{border:0;font-variant:normal;}#logo{margin:6px 0 14px 0;border-bottom:none;text-align:center;}.step{margin:20px 0 15px;}.step,th{text-align:left;padding:0;}.submit input,.button,.button-secondary{font-family:"Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;text-decoration:none;font-size:14px!important;line-height:16px;padding:6px 12px;cursor:pointer;border:1px solid #bbb;color:#464646;-moz-border-radius:15px;-khtml-border-radius:15px;-webkit-border-radius:15px;border-radius:15px;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;-khtml-box-sizing:content-box;box-sizing:content-box;}.button:hover,.button-secondary:hover,.submit input:hover{color:#000;border-color:#666;}.button,.submit input,.button-secondary{background:#f2f2f2 url(../images/white-grad.png) repeat-x scroll left top;}.button:active,.submit input:active,.button-secondary:active{background:#eee url(../images/white-grad-active.png) repeat-x scroll left top;}.form-table{border-collapse:collapse;margin-top:1em;width:100%;}.form-table td{margin-bottom:9px;padding:10px;border-bottom:8px solid #fff;font-size:12px;}.form-table th{font-size:13px;text-align:left;padding:16px 10px 10px 10px;border-bottom:8px solid #fff;width:110px;vertical-align:top;}.form-table tr{background:#f3f3f3;}.form-table code{line-height:18px;font-size:18px;}.form-table p{margin:4px 0 0 0;font-size:11px;}.form-table input{line-height:20px;font-size:15px;padding:2px;}#error-page{margin-top:50px;}#error-page p{font-size:12px;line-height:18px;margin:25px 0 20px;}#error-page code{font-family:Consolas,Monaco,Courier,monospace;}#pass-strength-result{background-color:#eee;border-color:#ddd!important;border-style:solid;border-width:1px;float:left;margin:12px 5px 5px 1px;padding:5px;text-align:center;width:200px;}#pass-strength-result.bad{background-color:#ffb78c;border-color:#ff853c!important;}#pass-strength-result.good{background-color:#ffec8b;border-color:#fc0!important;}#pass-strength-result.short{background-color:#ffa0a0;border-color:#f04040!important;}#pass-strength-result.strong{background-color:#c3ff88;border-color:#8dff1c!important;} html{background:#f9f9f9;}body{background:#fff;color:#333;font-family:"Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;margin:2em auto;width:700px;padding:1em 2em;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:11px;border:1px solid #dfdfdf;}a{color:#2583ad;text-decoration:none;}a:hover{color:#d54e21;}h1{border-bottom:1px solid #dadada;clear:both;color:#666;font:24px Georgia,"Times New Roman",Times,serif;margin:5px 0 0 -4px;padding:0;padding-bottom:7px;}h2{font-size:16px;}p,li,dd,dt{padding-bottom:2px;font-size:12px;line-height:18px;}code{font-size:13px;}ul,ol,dl{padding:5px 5px 5px 22px;}a img{border:0;}abbr{border:0;font-variant:normal;}#logo{margin:6px 0 14px 0;border-bottom:none;text-align:center;}.step{margin:20px 0 15px;}.step,th{text-align:left;padding:0;}.submit input,.button,.button-secondary{font-family:"Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;text-decoration:none;font-size:14px!important;line-height:16px;padding:6px 12px;cursor:pointer;border:1px solid #bbb;color:#464646;-moz-border-radius:15px;-khtml-border-radius:15px;-webkit-border-radius:15px;border-radius:15px;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;-khtml-box-sizing:content-box;box-sizing:content-box;}.button:hover,.button-secondary:hover,.submit input:hover{color:#000;border-color:#666;}.button,.submit input,.button-secondary{background:#f2f2f2 url(../images/white-grad.png) repeat-x scroll left top;}.button:active,.submit input:active,.button-secondary:active{background:#eee url(../images/white-grad-active.png) repeat-x scroll left top;}.form-table{border-collapse:collapse;margin-top:1em;width:100%;}.form-table td{margin-bottom:9px;padding:10px;border-bottom:8px solid #fff;font-size:12px;}.form-table th{font-size:13px;text-align:left;padding:16px 10px 10px 10px;border-bottom:8px solid #fff;width:130px;vertical-align:top;}.form-table tr{background:#f3f3f3;}.form-table code{line-height:18px;font-size:18px;}.form-table p{margin:4px 0 0 0;font-size:11px;}.form-table input{line-height:20px;font-size:15px;padding:2px;}#error-page{margin-top:50px;}#error-page p{font-size:12px;line-height:18px;margin:25px 0 20px;}#error-page code{font-family:Consolas,Monaco,Courier,monospace;}#pass-strength-result{background-color:#eee;border-color:#ddd!important;border-style:solid;border-width:1px;float:left;margin:12px 5px 5px 1px;padding:5px;text-align:center;width:200px;}#pass-strength-result.bad{background-color:#ffb78c;border-color:#ff853c!important;}#pass-strength-result.good{background-color:#ffec8b;border-color:#fc0!important;}#pass-strength-result.short{background-color:#ffa0a0;border-color:#f04040!important;}#pass-strength-result.strong{background-color:#c3ff88;border-color:#8dff1c!important;}

View File

@ -111,7 +111,7 @@ abbr {
text-align: left; text-align: left;
padding: 16px 10px 10px 10px; padding: 16px 10px 10px 10px;
border-bottom: 8px solid #fff; border-bottom: 8px solid #fff;
width: 110px; width: 130px;
vertical-align: top; vertical-align: top;
} }

View File

@ -62,16 +62,19 @@ function wp_install( $blog_title, $user_name, $user_email, $public, $deprecated
// being shared among blogs. Just set the role in that case. // being shared among blogs. Just set the role in that case.
$user_id = username_exists($user_name); $user_id = username_exists($user_name);
$user_password = trim($user_password); $user_password = trim($user_password);
$email_password = false;
if ( !$user_id && empty($user_password) ) { if ( !$user_id && empty($user_password) ) {
$user_password = wp_generate_password(); $user_password = wp_generate_password();
$message = __('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you.'); $message = __('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you.');
$user_id = wp_create_user($user_name, $user_password, $user_email); $user_id = wp_create_user($user_name, $user_password, $user_email);
update_user_option($user_id, 'default_password_nag', true); update_user_option($user_id, 'default_password_nag', true);
$email_password = true;
} else if ( !$user_id ) { } else if ( !$user_id ) {
$message = __('<strong><em>Note that password</em></strong> carefully!'); // Password has been provided
$message = __('<em>Your chosen password.</em>');
$user_id = wp_create_user($user_name, $user_password, $user_email); $user_id = wp_create_user($user_name, $user_password, $user_email);
} else { } else {
$message = __('User already exists. Password inherited.'); $message = __('User already exists. Password inherited.');
} }
$user = new WP_User($user_id); $user = new WP_User($user_id);
@ -81,7 +84,7 @@ function wp_install( $blog_title, $user_name, $user_email, $public, $deprecated
$wp_rewrite->flush_rules(); $wp_rewrite->flush_rules();
wp_new_blog_notification($blog_title, $guessurl, $user_id, $user_password); wp_new_blog_notification($blog_title, $guessurl, $user_id, ($email_password ? $user_password : __('The password you chose during the install.') ) );
wp_cache_flush(); wp_cache_flush();

View File

@ -100,11 +100,14 @@ function display_setup_form( $error = null ) {
</tr> </tr>
<?php if ( ! $user_table ) : ?> <?php if ( ! $user_table ) : ?>
<tr> <tr>
<th scope="row"><label for="admin_password"><?php _e('Password'); ?></label></th> <th scope="row">
<p><label for="admin_password"><?php _e('Password'); ?></label></p>
<p><label for="admin_password2"><?php _e('Re-enter Password'); ?></label></p></th>
<td> <td>
<input name="admin_password" type="password" id="pass1" size="25" value="<?php echo esc_attr( $admin_password ); ?>" /> <p><input name="admin_password" type="password" id="pass1" size="25" value="" /></p>
<br /><?php _e('A password will be automatically generated for you if you leave this field blank.'); ?> <p><input name="admin_password2" type="password" id="pass2" size="25" value="" /></p>
<br /><div id="pass-strength-result"><?php _e('Strength indicator'); ?></div> <p><?php _e('A password will be automatically generated for you if you leave this field blank.'); ?></p>
<div id="pass-strength-result"><?php _e('Strength indicator'); ?></div>
<p class="description indicator-hint"><?php _e('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ &amp; ).'); ?></p> <p class="description indicator-hint"><?php _e('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ &amp; ).'); ?></p>
</td> </td>
</tr> </tr>
@ -169,6 +172,7 @@ switch($step) {
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : ''; $weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin'; $user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin';
$admin_password = isset($_POST['admin_password']) ? trim( stripslashes( $_POST['admin_password'] ) ) : ''; $admin_password = isset($_POST['admin_password']) ? trim( stripslashes( $_POST['admin_password'] ) ) : '';
$admin_password_check = isset($_POST['admin_password2']) ? trim( stripslashes( $_POST['admin_password2'] ) ) : '';
$admin_email = isset( $_POST['admin_email'] ) ?trim( stripslashes( $_POST['admin_email'] ) ) : ''; $admin_email = isset( $_POST['admin_email'] ) ?trim( stripslashes( $_POST['admin_email'] ) ) : '';
$public = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : 0; $public = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : 0;
// check e-mail address // check e-mail address
@ -177,6 +181,10 @@ switch($step) {
// TODO: poka-yoke // TODO: poka-yoke
display_setup_form( __('you must provide a valid user name.') ); display_setup_form( __('you must provide a valid user name.') );
$error = true; $error = true;
} elseif ( $admin_password != $admin_password_check ) {
// TODO: poka-yoke
display_setup_form( __( 'your passwords do not match. Please try again' ) );
$error = true;
} else if ( empty( $admin_email ) ) { } else if ( empty( $admin_email ) ) {
// TODO: poka-yoke // TODO: poka-yoke
display_setup_form( __( 'you must provide an e-mail address.' ) ); display_setup_form( __( 'you must provide an e-mail address.' ) );
@ -205,7 +213,7 @@ switch($step) {
<tr> <tr>
<th><?php _e( 'Password' ); ?></th> <th><?php _e( 'Password' ); ?></th>
<td><?php <td><?php
if ( ! empty( $password ) ) if ( ! empty( $password ) && empty($admin_password_check) )
echo '<code>'. esc_html($password) .'</code><br />'; echo '<code>'. esc_html($password) .'</code><br />';
echo "<p>$password_message</p>"; ?> echo "<p>$password_message</p>"; ?>
</td> </td>