Customizing the WordPress Install Process with install.php

I came across a super interesting post at WPBits about [automating the wordpress installation][1] process.  Some of the parts about where some of the functions are located in WP that allow you to change certain things on the installation are outdated since the post is from 2007, but the concept remains perfectly intact.  If you find yourself installing a lot of WordPress blogs and are tired of always having to delete the “This is your First Post” post, changing the permalinks etc. then you can take advantage of this little trick.

Trolling the Source Code Like a Boss

If you are cruising through source (because there is plenty of stuff that isn’t well documented yet in the Codex) you will see

/wp-admin/includes/upgrade.php.  Now this is interesting because it means that when WordPress installs (or upgrades) it will look for a file called install.php in your /wp-content folder… or whatever you are using instead of the default /wp-content folder.  This file doesn’t exist by default but it gives you a chance to run some functions of your own during the installation process (since  /wp-admin/includes/upgrade.php is required by /wp-admin/install.php)

My First Custom Install.php

I followed WPBit’s example and decided to show off my new power over WordPress by putting the following into my custom /wp-content/install.php file:

is obviously isn’t helpful, but it is a good proof of concept and let’s you know that you have all the power.  Of course…

With great power comes great responsibility. – Uncle Ben

Functions We Can Hijack for Our Own Purposes

As WPBits explains in more detail, some of the ideal to tweak would be:

  • wp_install()
  • wp_install_defaults()
  • wp_new_blog_notification()
  • wp_upgrade()

All of these functions are now (currently version 3.3.1) in /wp-admin/includes/upgrade.php and they are pluggable, meaning they come with an if(function_exists()) wrapper that lets you define your own versions to override their behavior. Since wp_install_defaults() is the culprit for creating those useless “first post” posts and pages, we’re going to target it.  I copied the entire function to my own file: /wp-content/install.php and then hacked out all the parts that inserted the first post, first page, and changed the default category from Uncategorized to General.  I even cut down the number of widgets that are activated by default. I also wanted to change some options, like permalinks, time zone, size of the post editor, banning emoticons, etc.  So I added a bunch of update_option() commands.  Just because I thought it’d be super clever, I updated the ping list, moderate and blacklist comment terms from text files by using file_get_contents().

Automagically Creating Myself as an Admin

I usually install WP for someone else, I decided that I wanted to create my client’s account on install and automatically create my own admin account.  I might reverse this process as I don’t like how the install’s welcome email doesn’t include a link to the login screen.  I know that you just tack on wp-login.php but a newbie client might not.  At the same time, the way I have it means I never have to change my credentials in the file… which I prefer for now.

Anyway, I initially overrode the default wp_install() file to do this, by repeating the process of copying the function from /wp-admin/includes/upgrade.php to my own install.php, but it turns out that I can just create a new user from the function I already have.  In that case, I decided to only override one core function. Here’s the code I used.  Remember to use it at your own risk.  This is really targeted at people who know what they are doing with WordPress and are installing it on a regular basis.  

Take note to change the username and email address for the account you are creating for yourself… currently they are left as USERNAME and YOU@YOUREMAIL.COM.  Right now it generates a random password, but that could easily be changed to always assign yourself the same password.

Edited: Sept 9, 2014 from WordPress 4.0

I don’t keep this file live on the server, but I suppose you could if you dropped an .htaccess file into the /wp-content folder and banned access to your custom install.php file

That about sums it all up.  Let me know what cool jedi tricks you are doing with your custom install.php file!

Downloads

Download the whole thing from my Customizing the WordPress install gist.

How to Find any Facebook ID

Sometimes when using WordPress plugins you sometimes need to provide a facebook ID number. If the facebook URL you are looking at is using a username instead of an ID number it isn’t inherently obvious how to find that profile’s ID number.  You can go into a photo album and it might appear as part of the URL.  OR, this much simpler way takes advantage of Facebook’s open graph API, and the best part is you don’t have to have any clue what open graph means. Simply go to this URL, substituting in the username in question where it says “yourusername” (facepalm) https://graph.facebook.com/yourusername for example: https://graph.facebook.com/nytimes will take you to a page with some XML data (don’t be scared) that looks like the following… {
<strong>"id": "5281959998",</strong>
"name": "The New York Times",
"picture": "http://profile.ak.fbcdn.net/hprofile-ak-snc4/50415_5281959998_9042_s.jpg",
"link": "http://www.facebook.com/nytimes",
"likes": 1978149,
"category": "Media/news/publishing",
"website": "www.nytimes.com www.twitter.com/nytimes www.youtube.com/nytimes www.foursquare.com/nytimes",
"username": "nytimes",
"founded": "1851",
"mission": "Welcome to The New York Times\u2019s page on Facebook \u2013 a hub for breaking news, features and content you may have missed. We invite you to \"like\" our page and connect with fellow fans.\n\nWe aim to create a space on Facebook.com/NYTimes where readers can exchange intelligent and informed commentary that enhances the quality of our news and information. We value thoughtful comments representing a range of views that make their point politely. A few things we won't tolerate on our Facebook wall: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes) and commercial promotion. While most comments will remain posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. \n\nThank you for joining The New York Times community on Facebook. ",
"location": {
"street": "620 8th Avenue",
"city": "New York",
"state": "NY",
"country": "United States",
"zip": "10018",
"latitude": 40.756166337625,
"longitude": -73.990140571728
},
"checkins": 2756,
"talking_about_count": 64029
}
and boom.. you’ve got the ID number and a few other interesting bits of info.