I have been constantly frustrated by the way that the Drupal core team thinks. The latest irritation is the "secure" way of installation that is totally unnecessary and redundant.

When installing Drupal 6.4 you will come to a stage where it will ask you to copy the default.setting.php file to settings.php. Well this is meeant literally because if you do not copy the file and leave default.setting.php in place then your installation will stop at the database tabel creation stage.

First, why the hell is it necessary to have an unused file on the server with a php extension? This is a clear security flaw. Secondly why set the permissions on the copied "setting.php" file and leave the "default.setting.php" there without notification of a change in its permissons? And if the file is to be copied and not renamed and then have permissions set on the copy, why can't the installer do this? Wait a minute could it be because it could cause a futher point of frustration by creating a file that cannot be deleted via FTP? Okay, so I am in FTP and I am in the installer. So it is unnecessary for the installer to change the file permissions, I can do that from FTP. Why split the routine into two seperate processes? Make the user choose one or the other but don't leave them in limbo trying to decide what to do next.

You should be able to change the name of the default.setting.php to "settings.php" and go about your install. But also the "default.settings.php" should not have the *.php extension. It should be , for lack of a better name, "settings.default".

Logical thinking is all it takes sometimes. In my opinion the installation routine needs a lot of work and a lot more documentation.

Happy Publishing!

Join Hiveminds and link to your website or blog.