#6227: More informative warning message about security.salt upon installation
--------------------------+-------------------------------------------------
Reporter: frame25 | Type: Enhancement
Status: new | Priority: Medium
Milestone: 1.2.x.x | Component: General
Version: 1.2 Final | Severity: Normal
Keywords: | Php_version: n/a
Cake_version: |
--------------------------+-------------------------------------------------
I hope you will find my comments here useful as they are from the point of
view of a person brand new to Cake baking. I just installed CakePHP for
the very first time and was eager to get into it, and received this error
message:
{{{
Notice (1024): Please change the value of 'Security.salt' in
app/config/core.php to a salt value specific to your application
[CORE/cake/libs/debugger.php, line 556]
}}}
I know to you it's a no-brainer, but think about this from the point of
view of someone trying his first Cake installation. This is the ''very
first thing'' we see. Now, I am quite smart but don't know the framework
yet, so I think enhancing this language will help people like me who
aren't dummies but are new to this concept as it relates to CakePHP. Most
self-starters like me will be intelligent enough to benefit from a more
instructive error message.
[[BR]]
[[BR]]
"a salt value specific to your application" is vague and implies, among
other interpretations, that each ''type'' of application might need some
particular kind of salt value different from other ''types'' of
applications. I recommend you say something much more clear, like "every
CakePHP application should have a unique salt value."
[[BR]]
[[BR]]
Then, you ought to provide some advice on what this means and how to
create said value. Neither the error message ''or the comments in
app/config/core.php'' suggest the proper salt format! Can it be any
length, or just the 40 used by the default? Can it have special
characters? It's important to specify. For example, "This should be a
random, alphanumeric-only string between 32 and 64 characters long. Random
generators are available online with a simple web search."
[[BR]]
[[BR]]
So it seems some better language is called for in app/config/core.php
(line 151) and in cake/lib/debugger.php (line 556).
[[BR]]
[[BR]]
I think this is important not just because little usability details
matter, but also because it's the very first thing on the very first
screen anybody sees when they install CakePHP. Thank you!
--
Ticket URL: <https://trac.cakephp.org/ticket/6227>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
