GSoC 2008 Proposal : WordPress Upgrader
My proposal for Google Summer of Code is a WordPress Updater.
WordPress currently advertises how easy it is to install with its patented* 5 minute install. Upgrade is also supposedly really easy. Just delete all you old WordPress files, upload the new ones, and go to upgrade.php. In reality, this is more complicated than it seems. You have to make sure you delete only the WordPress files, don't overwrite your other files, all the files still have the same permissions that they did before uploading, and making sure all the back up were done correctly. This proposal plans to make it a much simpler and quicker task of upgrading with easy to use and follow pages that goes through all the aspects of upgrading.
Here's the basic concept I thought of:
Backup all WordPress files.
- This is a security risk, but it can be lowered by using some obfuscated file/folder combination, or even better, using encryption. An option could also be added to back up all files in the WordPress directory
Backup the database
- Also a security risk, but can be lowered using same scheme as the file backup. The user would then be prompted to download these files.
Check for plugin/theme incompatibilty
- I'm unsure what this will take. It could be something that will just check to see if it has a max version listed, or it could try running them in a sandbox for the new version, like what WordPress currently does when installing plugins.
Download latest.(zip|tar.gz) from wordpress.org and extract it (Not overwriting any current files)
- It could also support using nightly or beta builds, or checking out the SVN trunk
Confirm update with user plus other pre-update information or options
- It could support something like replacing the site with a 'Site Down' page or something along those lines
Replace all the WordPress files with the new version's.
- It can be optional to replace the plugins and themes included. This can also not replace files that have not changed between versions.
- Most likely just using an iframe
- Upgrade done.
- Delete all the downloaded files, and optionally delete all the backups.
Other possible features:
- Revert back to the previous version
- Automatic upgrading
The probable evolution of it would be a drop in file, followed by a plugin, then if seen as useful, added to the WordPress core. At the first deliverable (Midterm), it will be functional, as in does the upgrading, but will probably not be a plugin and be really refined. At the final deliverable, it'll be a feature-rich plugin with all features listed above.
First problem, it won't work on all configurations. WordPress doesn't either. If you're using a MySQL user without CREATE and DROP privileges, adding plugins probably won't work and neither will upgrade.php. It'll give you errors while without worrying about them, changing the WordPress version, causing you to either revert to a backup or find out all the queries run and running them as a privileged user.
Also, the plugin updater would be affected by the same file permission problems that this would be susceptible to.
This is the most popular idea of from the ideas section. Though I didn't choose this idea due to that, I just believe that the one thing WordPress really needs is a quick and painless way to upgrade.
There currently is a plugin that does this, but it seems a little large and its security practices seem a little iffy.
* Of course, it's not patented, but it makes it sound cooler.