Contrib.social

Location of settings.php is not provided in access denied mesage in update.php

Open on Drupal.org →
Created on 29 October 2015, about 9 years ago
Updated 20 July 2024, 5 months ago

Problem/Motivation

I had gone to the www.example.com/[drupal install location]/update.php and found that it does describe where the settings.php file is, but it says this file must be changed. There is a lack of clarity with what file you need to change as an administrator because what files need to be changed will depend on your setup. How can the file be changed if its location is not given?

The current text is

In order to run update.php you need to either have "Administer software updates" permission or have set $settings['update_free_access'] in your settings.php.

Steps to reproduce

Go to /update.php without the needed permissions.

Proposed resolution

A) Provide a link on the www.example.com/[drupal install location]/update.php page to both the community documentation page for Step 3: Create settings.php, services.yml and the files directory and Multisite on Drupal 8 so the administrator can use the update script.

B) A simpler message "In order to run update.php you need to have administrative permissions." which avoids any security concerns, See #18 🐛 Location of settings.php is not provided in access denied mesage in update.php Closed: won't fix .

Remaining tasks

Decide on the text

Patch
Review
Commit

User interface changes

API changes

N/A

Data model changes

N/A

Release notes snippet

🐛 Bug report
Status

Closed: won't fix

Version

11.0 🔥

Component
Documentation 

Last updated 1 day ago

No maintainer
Created by

🇨🇦Canada rhm5000

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment 5 months ago
    🇳🇿New Zealand quietone

    @daffie, that is correct. The patch is implementing option B in the issue summary.

    Added the current text to the issue summary

  • Status changed to Closed: won't fix 5 months ago
  • Comment 5 months ago
    🇳🇿New Zealand quietone

    Actually, the more I think about this issue, the more I think it is a won't fix. It was pointed out in #19 that the location of the file can change so we'd have to figure out where it is. There was a suggestion to modify the text to show the permission needed, and that has happened in #2955673: Text 'logged in as admin' in update.php message is ambiguous . And, if the admin knows the permission needed then surely they can take steps to obtain that permission.

    I am going to go ahead and change the status. If you disagree, add ad explanatory comment and set the status to 'active'.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024