Index: install.php =================================================================== RCS file: /cvs/drupal/drupal/install.php,v retrieving revision 1.30 diff -u -p -r1.30 install.php --- install.php 17 Dec 2006 06:51:47 -0000 1.30 +++ install.php 21 Dec 2006 06:11:41 -0000 @@ -17,6 +17,10 @@ require_once './includes/install.inc'; function install_main() { global $profile, $install_locale; require_once './includes/bootstrap.inc'; + $settings_file = './'. conf_path() .'/settings.php'; + // If the settings file exists but is unreadable, try to change the + // permissions so that it is readable (i.e. the web server is the owner). + drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE); drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION); require_once './modules/system/system.install'; @@ -83,7 +87,6 @@ function install_main() { drupal_install_profile($profile, $modules); // Warn about settings.php permissions risk - $settings_file = './'. conf_path() .'/settings.php'; if (!drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE)) { drupal_set_message(st('All necessary changes to %file have been made, so you should now remove write permissions to this file. Failure to remove write permissions to this file is a security risk.', array('%file' => $settings_file)), 'error'); } @@ -107,7 +110,8 @@ function install_verify_settings() { global $db_prefix, $db_type, $db_url; // Verify existing settings (if any). - if ($_SERVER['REQUEST_METHOD'] == 'GET' && $db_url != 'mysql://username:password@localhost/databasename') { + // If settings.php does not exist or is unreadable db_url won't be set. + if ($_SERVER['REQUEST_METHOD'] == 'GET' && isset($db_url) && $db_url != 'mysql://username:password@localhost/databasename') { // We need this because we want to run form_get_errors. include_once './includes/form.inc'; Index: includes/bootstrap.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v retrieving revision 1.142 diff -u -p -r1.142 bootstrap.inc --- includes/bootstrap.inc 12 Dec 2006 06:27:17 -0000 1.142 +++ includes/bootstrap.inc 21 Dec 2006 06:11:41 -0000 @@ -235,7 +235,7 @@ function drupal_unset_globals() { function conf_init() { global $db_url, $db_prefix, $base_url, $base_path, $base_root, $conf, $installed_profile; $conf = array(); - include_once './'. conf_path() .'/settings.php'; + @include_once './'. conf_path() . '/settings.php'; if (isset($base_url)) { // Parse fixed base URL from settings.php. Index: includes/install.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/install.inc,v retrieving revision 1.30 diff -u -p -r1.30 install.inc --- includes/install.inc 8 Dec 2006 11:54:04 -0000 1.30 +++ includes/install.inc 21 Dec 2006 06:11:41 -0000 @@ -391,20 +391,21 @@ function drupal_verify_install_file($fil // Verify file permissions. if (isset($mask)) { - $masks = array(FILE_EXIST, FILE_READABLE, FILE_WRITABLE, FILE_EXECUTABLE, FILE_NOT_READABLE, FILE_NOT_WRITABLE, FILE_NOT_EXECUTABLE); + // File must exist for any of the other checks to make sense. + if ($mask & FILE_EXIST) { + if (!file_exists($file)) { + if ($type == 'dir') { + drupal_install_mkdir($file, $mask); + } + if (!file_exists($file)) { + return FALSE; + } + } + } + $masks = array(FILE_READABLE, FILE_WRITABLE, FILE_EXECUTABLE, FILE_NOT_READABLE, FILE_NOT_WRITABLE, FILE_NOT_EXECUTABLE); foreach ($masks as $current_mask) { if ($mask & $current_mask) { switch ($current_mask) { - case FILE_EXIST: - if (!file_exists($file)) { - if ($type == 'dir') { - drupal_install_mkdir($file, $mask); - } - if (!file_exists($file)) { - $return = FALSE; - } - } - break; case FILE_READABLE: if (!is_readable($file) && !drupal_install_fix_file($file, $mask)) { $return = FALSE;