[development] install should optionally create the database

Laura Scott laura at pingv.com
Thu Oct 12 20:30:25 UTC 2006

My two bits....

I've installed various website systems (BBS, blogs, CMSs) over the  
years, and while a lot of them have been easier than installing  
Drupal, none that I recall had an on-screen database creation  
feature. If we're talking making Drupal friendlier to the average  
n00b user with limited dev exp, my own feeling is that having the  
user first create a db using CPanel (which is VERY easy) or other web  
administration interface (even Webmin isn't rocket science) does not  
seem to be too much to ask. The downside of a major site compromise  
due to an install by an ignorant user seems to be just too great a risk.

An alternative approach might be to offer the on-screen db creation  
feature only if there's a secure web connection detected OR (2) the  
user comments out or edits the easy-to-find line in the installer  
code (thus demonstrating some knowledge and responsibility for doing  
it), which might be useful for local installs where such in-the-clear  
password concerns are not an issue.

What would be even better, in addition, would be the ability to  
designate the db user to actually USE the database, and prompt for  
sql superuser username/pw only for the purposes of db creation (and  
thus setting up the site using a db user with more secure,  
appropriate permissions from then on out). (I.e., the db user used to  
create the database is not saved in settings.php.)


More information about the development mailing list