diff --git a/includes/install.core.inc b/includes/install.core.inc index 2bd39a60dbb0b678176232ad081fbf4ce38f6f36..06d84bf8ae8567c3cc9385575c30ce12065c323e 100644 --- a/includes/install.core.inc +++ b/includes/install.core.inc @@ -970,11 +970,18 @@ function install_settings_form_submit($form, &$form_state) { ); // This duplicates drupal_get_token() because that function relies on a // global hash salt which hasn't been set yet. - $settings['drupal_config_directory'] = array( + $settings['drupal_config_directory_name'] = array( 'value' => 'config_' . drupal_hmac_base64($value, session_id() . drupal_get_private_key() . $settings['drupal_hash_salt']['value']), 'required' => TRUE, ); drupal_rewrite_settings($settings); + // Actually create the config directory named above. + if (!file_prepare_directory(conf_path() . '/files/' . $settings['drupal_config_directory_name'], FILE_CREATE_DIRECTORY)) { + // How best to handle errors here? + + // Will also want to create a default .htaccess for this dir to block + // reading of json, xml, yaml, ini, others? + }; // Indicate that the settings file has been verified, and check the database // for the last completed task, now that we have a valid connection. This // last step is important since we want to trigger an error if the new diff --git a/sites/default/default.settings.php b/sites/default/default.settings.php index 3ab5e7d65bb918444af2142db843c37be3feeed4..d5f8843b103bc61afdebba186682fd992200c321 100644 --- a/sites/default/default.settings.php +++ b/sites/default/default.settings.php @@ -215,16 +215,17 @@ * Location of the site configuration files. * * By default, Drupal configuration files are stored in a randomly named - * directory under the default public files path etc. + * directory under the default public files path. On install the + * named directory is created in the default files directory. For enhanced + * security, you may set this variable to a location outside your docroot. * - * For enhanced security, you may set this variable to a location - * outside your docroot. + * @todo flesh this out, provide more details, etc. * * Example: - * $drupal_config_directory = '/some/directory/outside/webroot'; + * $drupal_config_directory_name = '/some/directory/outside/webroot'; * */ -$drupal_config_directory = ''; +$drupal_config_directory_name = ''; /** * Base URL (optional).