Whenever a new wordpress version is released, and we upgrade wordpress, there is one file we never upgrade: wp-config.php which has the MySQL database details. Have you ever looked up how this file has changed over the year? Have you ever upgraded wp-config.php?
wp-config.php is a very important file that defines the WordPress configuration settings required to access your MySQL database. The new wordpress download always provides a wp-config-sample.php so that you do not overwrite the precious wp-config.php file by mistake and end up with MySQL database errors. New wordpress users need to fill in the MySQL database details and rename the file to make wordpress work. Though I keep my core wordpress and its plugins updated, I thought what if wp-config.php had undergone a change over these years and had a security hole accessible to hackers.
My wp-config.php File
I realized I have never edited my wp-config.php since I moved from Blogger to WordPress. Here is what my code looks like since WordPress 1.5 a year and a half back (PHP Comments removed)
<?php
define('WP_CACHE', true);
define('DB_NAME', 'putyourdbnamehere');
define('DB_USER', 'usernamehere');
define('DB_PASSWORD', 'yourpasswordhere');
define('DB_HOST', 'localhost');
$table_prefix = 'wp_';
define ('WPLANG', '');
$server = DB_HOST;
$loginsql = DB_USER;
$passsql = DB_PASSWORD;
$base = DB_NAME;
define('ABSPATH', dirname(__FILE__).'/');
require_once(ABSPATH.'wp-settings.php');
?>Latest wp-config.php
Here is what the code in the latest wordpress version 2.3.1 looks like
<?php
define('DB_NAME', 'putyourdbnamehere');
define('DB_USER', 'usernamehere');
define('DB_PASSWORD', 'yourpasswordhere');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
$table_prefix = 'wp_';
define ('WPLANG', '');
define('ABSPATH', dirname(__FILE__).'/');
require_once(ABSPATH.'wp-settings.php');
?>Changes in wp-config.php
As you notice, 2 new tags have been addeddefine('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
And the following have been removed$server = DB_HOST;
$loginsql = DB_USER;
$passsql = DB_PASSWORD;
$base = DB_NAME;
WP-Cache Manager added this as per comments (but I do not use WP-cache). I do not why it is still persisting.define('WP_CACHE', true);
Should you upgrade wp-config.php?
Since WordPress Version 2.2, DB_CHARSET was made available to allow designation of the database character set (e.g. tis620 for TIS620 Thai) to be used when defining the MySQL database tables. DB_COLLATE was made available to allow designation of the database collation (i.e. the sort order of the character set).
I checked up more official information about editing wp-config.php, and was lucky I did not upgrade my wp-config.php
“Warning for those performing upgrades: If DB_CHARSET and DB_COLLATE do not exist in your wp-config.php file, DO NOT add either definition to your wp-config.php file unless you read and understand Converting Database Character Sets. Adding DB_CHARSET and DB_COLLATE to the wp-config.php file, for an existing blog, can cause problems � as Ryan Boren says, “your queries will go boom!”
After that advice, it seems best to not upgrade my wp-config and let it stay as it is. At least it is working well right now, and not much has changed anyway.
Related articles you might like ...
没有评论:
发表评论