Hi there,
I'm new to Drupal and I'm a sysadmin, not a webdev. I just received a new server to administer. It's quite a mess (or I'm really bad at it) but I can't locate the database used by the website.
I managed to identify the root directory : say it is /var/www/.
So I explored the file /var/www/index.php :
<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE);
define('DRUPAL_ROOT', getcwd());
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
menu_execute_active_handler();
Then my little finger told me to go for the file /var/www/includes/bootstrap.inc : Wow! Tough one to interpret!
Apparently, it's Drupal 7.15 :
define('VERSION', '7.15');
I noted that section :
function conf_path($require_settings = TRUE, $reset = FALSE) {
$conf = &drupal_static(__FUNCTION__, '');
if ($conf && !$reset) {
return $conf;
}
$confdir = 'sites';
$sites = array();
if (file_exists(DRUPAL_ROOT . '/' . $confdir . '/sites.php')) {
// This will overwrite $sites with the desired mappings.
include(DRUPAL_ROOT . '/' . $confdir . '/sites.php');
}
But there is NO file /var/www/sites/sites.php.
I also read that section :
function drupal_settings_initialize() {
global $base_url, $base_path, $base_root;
// Export the following settings.php variables to the global namespace
global $databases, $cookie_domain, $conf, $installed_profile, $update_free_access, $db_url, $db_prefix, $drupal_hash_salt, $is_https, $base_secure_url, $base_insecure_url;
$conf = array();
if (file_exists(DRUPAL_ROOT . '/' . conf_path() . '/settings.php')) {
include_once DRUPAL_ROOT . '/' . conf_path() . '/settings.php';
}
So apparently, it includes all files like :
/var/www/sites/default/settings.php
/var/www/sites/site1.tld/settings.php
/var/www/sites/site2.tld/settings.php
Each of those files contains settings for a different database.
How do I know which file is the active one?
Thanks for your help.
Santiago
Comments
=-=
comment out the connection string one at a time until you no longer connect to the DB or use your DB tools.
AS an aside, Drupal 7.15 is so old and had such a security hole that I wouldn't continue to utilize the site in question. google drupalgeddon.
Hi,
Hi,
Thanks for the answer and the concern. It's a production website so commenting out until I loose connection is out of question.
I will report your advice to the site owner and recommend upgrading. For the moment, I need to keep it up and running and somehow understand how it works to make the appropriate backup.
If Drupal knows what file to read, there must be a way for us to know what file to read no?
=-=
drupal knows which one to read based on the site being accessed. The 3 settings.php files indicate the site was (at least at one time) set up to be a multisite. The only way to know for sure is to comment out or remove the settings.php file.
The idea that you can't disrupt a production site is a bit silly but ok. Move the site to a dev environment and do it there. My first thought is that you are calling the main domain and therefore the settings.php file is default/settings.php
The security hole in 7.15 is far more dangerous then disabling settings.php. Personally, you'd want this site disabled until such time as you know its not already been hacked and back doors to the hardware left behind.
Understood!
Understood!
So if I visit http://site1.tld, then it uses /var/www/sites/site1.tld/settings.php
and if I visit http://site2.tld, then it uses /var/www/sites/site2.tld/settings.php
Not verified yet. Will try your commenting solution in the middle of the night when no one is visiting the website.