Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Currently on the "Drupal installation complete" page, the message about changing settings.php permissions is in red (see attached screenshot) which makes the user think something went wrong with the installation. The attached patch makes that message a warning rather than an error.
While I understand the importance of setting the proper permissions on settings.php, the user will be reminded about it (with an error this time) the first time they visit /admin anyway.
Comments
Comment #1
karschsp CreditAttribution: karschsp commentedComment #2
coltraneThe text "All necessary changes to [directory] and [settings.php] have been made" means the user did something right and while it is important they change the file permissions the red implies something was incorrect. I think it's possible a user won't visit /admin for awhile though and that it does make sense they change the permissions of the settings.php file while they are still in "installation time".
What about having two messages, or would that be too much? One message informs the user of the installation success and the other is an error message informing them that the configuration file is not protected?
Comment #3
karschsp CreditAttribution: karschsp commentedI'm just concerned that the initial user experience is "OMG! Something is horribly wrong. BIG RED TEXT! (oh and by the way you successfully installed Drupal)" (to paraphrase webchick :) I think we should at least delay that reaction until they hit /admin to configure blocks/modules/themes/etc.
Comment #4
Bojhan CreditAttribution: Bojhan commentedThe text should be rewritten, to be action focused. Not - past, action, recommendation (as it is now).
I don't feel strongly about going to yellow, indeed not a very friendly error - but it does set the stage for Drupal in the future. Because then yellow would imply critical as well as red?
Comment #5
coltraneI can understand that some users might be thrown off by a message in red, but the color does convey the importance of the task.
Attached patched adds a regular, status message for "All necessary changes to %dir and %file have been made" and an error message for "In order to avoid security risks you should now remove write permissions to %file...". Please see screenshot.
Comment #6
Bojhan CreditAttribution: Bojhan commentedWhat about this? I can't apply the patch here, to see how it looks.
Comment #7
coltrane"Remove write permissions to %file. In order to avoid security risks.", doesn't seem right as two sentences. How about, "Remove write permissions to %file in order to avoid security risks." ?
Comment #8
karschsp CreditAttribution: karschsp commentedHere's a patch that incorporates coltrane's suggestion in #7.
Comment #9
ultimateboy CreditAttribution: ultimateboy commentedWe are really dealing with two changes here. The first is taking the "All necessary changes to %dir and %file have been made" message and making it a normal status message. This, I am fully in agreement with. It's a positive action and should not be an "error".
The second aspect is whether or not the "Remove write permissions to %file in order to avoid security risks. If you are unsure how to do so, please consult the online handbook." should be an error or a warning. While I completely agree with coltrane in that red conveys the importance of the task, I do not really like the fact that you cannot install drupal without receiving an error, but given the importance of this message, I still feel a big red error message is correct.
With all that said, I think this is good to go.
Comment #10
coltraneI'm a bit torn now, the statement "you cannot install drupal without receiving an error" is valid and sound. It's the nature of what the message is, it's not an error in this case. Semantically a warning is more correct. Should red be used to elevate the severity of the task? Red is consistent with the status report page if the configuration file is not protected though.
Comment #11
karschsp CreditAttribution: karschsp commentedI think on installation, a warning is ok. By the time they get to the status report page we can assume that the user has a site up and running and an error (red) is appropriate. What do you think?
Comment #12
Bojhan CreditAttribution: Bojhan commentedSo we all agree. Lets commit this.
Comment #13
David_Rothstein CreditAttribution: David_Rothstein commentedSo, the way Drupal 7 behaves today is actually different than the way it behaved a week ago, and different than Drupal 6. Previously, it only showed this message after the progress bar was finished installing (i.e., it showed it on the site configuration form). It did not show it at all on the "Drupal installation complete" page.
Currently in Drupal 7, it is repeating the message on both pages. The change is my fault - it was a side effect of the patch committed at #524728: Refactor install.php to allow Drupal to be installed from the command line. I had intended to eventually file it as part of a batch of followups after that giant issue is completely finished, but you people are fast :)
Anyway, I'm setting this back to "needs review" for two reasons:
Let's stop for a second and think: Which are the ideal screen(s) for these messages to be showing on, assuming we had complete freedom to put them anywhere?
Comment #14
karschsp CreditAttribution: karschsp commented@David_Rothstein, Thanks for the clarification. Personally, I think if installation is successful, no messages, warnings or errors should be displayed at the end of installation. Just a happy "You installed Drupal! You rock!" (or whatever the current page title is.)
I think the message "All necessary changes to ./sites/default and ./sites/default/settings.php have been made," is unnecessary. I mean, why don't we say "We added a boatload of tables and records to your database" as well? ;)
If there's an installation-related error, I'm all for displaying errors, but by placing this notice at the end of installation, it implies that something went wrong when in fact it did not. I think the settings.php warning/error belongs in the status report and therefore /admin.
Sorry if I'm sounding like a broken record.
Comment #15
Bojhan CreditAttribution: Bojhan commentedkarschp in favor of getting this stuff committed. Lets comeup with screeenshots and patches. I think we are on the right track, it just needs to happen.
Comment #16
karschsp CreditAttribution: karschsp commentedAttached is a patch that removed the warning/error from the Configure screen as well as the Successful install screen. The first time the user visits /admin, they will see the error.
Comment #17
David_Rothstein CreditAttribution: David_Rothstein commentedOK, I spent some time thinking about this.
First, I think the patch in #16 is definitely an improvement and would support it going in: Getting rid of the green "here are the technical details of why your site is working OK" message is great :) Getting rid of the security warning is more controversial, but not that bad; as mentioned, we're still warning them about it later, and honestly, there are more likely ways for a Drupal site to be hacked into, and we don't warn people about those at all.
However, does this really solve the usability problem, or just defer it? They're still going to have their "OMG, I just installed Drupal and now I have a big red message!" moment; it will just happen a bit later (first time they visit the admin screen).
So here is an idea for how we might be able to get rid of that experience altogether:
Obviously, this page would not show at all for the people who don't need to see it; if Drupal can fix things things automatically, it would act the same as in @karschsp's patch above (i.e., show nothing).
Any thoughts on that idea? Pros or cons that I'm missing?
Comment #18
Bojhan CreditAttribution: Bojhan commented@David long write up. Conclusion is separate page for this error?
I think we should leave the error as a message, where it is now. The succes messages should be removed. But the error message, should not be pushed to the actual site. I want people to work with a completely green Drupal, starting off - its an important feeling to touch.
I would concur more, to an error message that is well written. I think that will solve this issue more, then a separate page or moving it to the actual site.
Comment #19
karschsp CreditAttribution: karschsp commentedWhat if, instead of setting an error message, we just put it as part of the body text of the "Drupal installation complete" page? So it would say:
"Congratulations, Drupal has been successfully installed.
Please be sure to remove write permissions from ./sites/default and ./sites/default/settings.php before continuing on to your new site.
For more information on configuring Drupal, please refer to the help section."
Thoughts?
Comment #20
Bojhan CreditAttribution: Bojhan commentedIts an error, lets not discount it - its important to change.
Comment #21
karschsp CreditAttribution: karschsp commentedHere's a patch that removes the error from the config page and instead places a warning on the installation complete page. I still think that a warning is more appropriate, as Drupal will still run fine with an unprotected settings.php, and as david_rothstein pointed out, there are much worse security issues that could be brought up (as in: you can set your password as "password" and not receive any warning or error).
Thanks!
steve
Comment #22
ultimateboy CreditAttribution: ultimateboy commentedDavid_Rothstein, interesting post. I think I agree. Making it a separate page is an intriguing idea. I like that it because it no longer shows as a "big red error", but it maintains its importance. It really is a task for the person installing. I am envisioning two submit buttons "continue" (which would check to verify that write perms have been disabled, and present the user with an error if not) and a "skip" button (wordage can be debated) which would simply bypass the message and send them into their install. The error message would then be visible within the admin area as a reminder.
I dont really like #21 because there's something about seeing an error and warning free screen that says "drupal installation complete".
I really do like the idea of having it on a separate page, nice thinking David_Rothstein.
Comment #24
David_Rothstein CreditAttribution: David_Rothstein commentedI moved away from this issue for a while because people were working on #418302: Copy default.settings.php to settings.php during install IFF webserver owns files (FTP on shared hosting), which looked like it was going to necessarily involve making some of the same broader UI changes I discussed above and in the process make this all moot :) Instead, though, the patch that got committed to Drupal 7 there was a more limited one, and the rest moved to #913796: Use authorize.inc to securely copy settings.php during the installer for Drupal 8.
So, we still have something to fix here. It's too late in the cycle to be adding pages to the installer at this point, so we'll have to go with one of the more limited fixes discussed above. Here is a patch that hopefully combines the best of all the above suggestions:
Comment #25
karschsp CreditAttribution: karschsp commentedMinor grammatical nitpick: shouldn't the warning be "Remove write permissions from" rather than "Remove write permissions to"?
I should be able to provide a patch with this change unless someone beats me to it.
Otherwise, it looks good.
Comment #26
Bojhan CreditAttribution: Bojhan commentedYes, I like that its more actionable - I wouldn't recommend adding much more on the "why" as it might be hard to capture in a few words.
Comment #27
karschsp CreditAttribution: karschsp commentedOK, here is the patch I promised in #25. It's basically David_Rothstein's patch from #24 with "to" changed to "from".
Comment #28
David_Rothstein CreditAttribution: David_Rothstein commentedThat looks good. I think either "to" or "from" is grammatically OK (and "to" was already in the existing wording). But I agree "from" is easier to understand, and as long as we are changing this string, we might as well change that too. In that case, we should change the similar usage in INSTALL.txt also (attached patch).
Hopefully this one is ready to go :)
Comment #29
David_Rothstein CreditAttribution: David_Rothstein commentedRerolled because #938470: Shouldn't a successful install call drupal_set_message() with $type = 'warning' instead of 'error'? was just committed a few minutes ago :)
Comment #30
karschsp CreditAttribution: karschsp commentedGood catch on the INSTALL.txt changes. Marking RTBC.
Comment #31
David_Rothstein CreditAttribution: David_Rothstein commentedThe current version of this patch changes strings. Tagging accordingly.
Comment #32
Dries CreditAttribution: Dries commentedCan we extend the comments to explain 'why' we want this behavior? Thanks!
Comment #33
Dries CreditAttribution: Dries commentedComment #34
David_Rothstein CreditAttribution: David_Rothstein commentedOK, I tried to give some context why the behavior is particularly bad in this case.
(Though really, this is just a general problem you hit anytime you try to set a message in a form builder function. Who would ever want the same message to display on two pages in a row?)
Comment #35
karschsp CreditAttribution: karschsp commentedLooks good. RTBC.
Comment #36
tom_o_t CreditAttribution: tom_o_t commented#34: install-error-messages-534556-34.patch queued for re-testing.
Comment #38
David_Rothstein CreditAttribution: David_Rothstein commentedThe change to install.core.inc needed a pretty simple reroll. The change to INSTALL.txt was also out-of-date, but no longer necessary since that file has been totally rewritten in the meantime.
Comment #39
EvanDonovan CreditAttribution: EvanDonovan commentedSince this is just a re-roll of an RTBC patch, marking as RTBC. I looked at it, and the code was identical, afaik.
Comment #40
webchickHm. I'm not comfortable committing anything to install.core.inc this close to RC.
So let's get a re-roll without the "make it friendlier" part. That's polish anyway, and we're past that point now.
Comment #41
EvanDonovan CreditAttribution: EvanDonovan commentedLooks like that should be easy enough to do.
Comment #42
karschsp CreditAttribution: karschsp commentedHere's an updated patch that uses the original wording.
Comment #44
David_Rothstein CreditAttribution: David_Rothstein commented#42: install-error-messages-534556-42.patch queued for re-testing.
Comment #45
David_Rothstein CreditAttribution: David_Rothstein commented(Those test failures look somewhat unlikely.)
Comment #46
David_Rothstein CreditAttribution: David_Rothstein commentedTrivial change, and the patch still works as intended, so I'm setting this back to RTBC.
Comment #47
webchickCommitted to HEAD. Thanks!