Integrate Automatic Upgrade

Let's go for it.

To do:

• Move files into wp-admin, wp-admin/includes, wp-admin/js, etc. as appropriate
• Change prefix from wpau_ to wp_au or wp_
• Adopt the WP coding style, underscores instead of CamelCase in function and method names, for example
• Use latest 2.4 API such as activate_plugin() and deactivate_plugins()
• Make generally useful wpau methods into top-level functions. Activate and deactivate all come to mind
• Call wp_upgrade directly from automatic upgrade rather than sending user to upgrade.php
• Use the jquery bundled with WP

Replying to ryan:

Let's go for it.

Making this plugin core seems like a mistake to me.

• It goes against WordPress's philosophy of having a light, extensible core. The current plugin's files would increase WP core code size about 13% to solve something that isn't a problem for a majority of users. Those who need this feature should use the plugin.
• It has the potential to introduce lots of security headaches. I'm no security expert, but it seems to me that posting unencrypted ftp info, making lots of files world-writable, downloading and installing remote files, and saving zipped databases on the server are some ways to ask for trouble.
• It will encourage people who shouldn't be upgrading to upgrade. Those with admin rights but little technical knowledge (who are the main beneficiaries of something like this) could end up making a big mess of things when essential plugins are incompatible with the latest WP version.

Security will definitely require some care and caution. One of the main reasons for doing this is so that blogs are updated when security releases come out. Such a good intention would be worth little if we introduce lots of new security bugs.

The extra code doesn't overly worry me since it is not loaded in the critical path. This won't affect front page loads or even current admin pages. That said, we should keep it as light as possible.

I'd like to couple this with code that checks the active theme and plugins for known incompatibilities. That'll help prevent messes. The fact that the plugin backs up files and tables helps recover from messes. This seems like a big help when it comes to offering support for upgraders.

This is something that's been in consideration for awhile. I think developing a tightly integrated automatic upgrade is a worthwhile pursuit.

While I agree that including something of this ilk in the core is a good idea for the large majority of the user-base that want an easy upgrade path I think that this is a large feature with major security implications and should wait for 2.5 seeing as we are now in the last 30 days before release.

We need to ensure that we have an automatic upgrade capability that is:

• easy to use
• secure
• easy to disable - for the paranoid people
• easy to maintain

Fundamentally, I think the reason this should be core is that WordPresss? being use as, and has the responsibilities of, a platform. Therefore it's useful to look at the evolution of a few of the other most successful platforms out there, I would consider the top 4 to be Windows, Mac OS X, Flash, and Firefox. Each has a built-in update mechanism that is essential to the security of its users and gives it, to varying degrees of success, extremely good upgrade rates. (I think Firefox is our closest analogue.)

We are all familiar with the high-profile WP blogs running old versions of the software, and what happens to them. If a blog is hacked or compromised people don't care if it's a 2-year-old version of WP, it reflects badly on us and permanently damages our reputation in their eyes. IMO it's the biggest threat to WP today.

My biggest regret is that this issue has festered for so long, I think partially because I switched to SVN-managing all my blogs a long time ago and forgot what a pain it was to upgrade/install, even as streamlined as we've made the process.

Like anything, I expect this to be a feature iterated on and improved in future version of WP after the one it ships in, for example it might be cool to have it utilize native SVN commands if available, and a file MD5 check UI and diff viewer.

We've hooked a huge number of people on the power of WordPress because it's so easy to get started with, let's keep it working for them and not shooting them in the foot.

To survey what else is available, there is also this plugin:

http://www.zirona.com/software/wordpress-instant-upgrade/

Are there any other open-source PHP apps that are doing this? It might be helpful to see what they've done.

Having looked at a few of the plugins I disagree with the security problems they can cause. I also think that Subversion should be supported and recommended. That doesn't mean that the user should manually do it.

I'll be working on this since my curiosity has peaked again on this topic. I would also like to not have to log into shell every time to update my checkout of WordPress.

Given my past attention span with this topic, it is unlikely I'll be offering a complete solution. However, whatever I submit will most likely NOT support PHP 4.2 and will be only PHP 4.3 and higher. I'll most likely be wrapping my other ticket for HTTP requests into my patch and will have dependency on that ticket.

I'm not sure my patch won't suck, but I'm sure going to try.

Replying to filosofo:

Are there any other open-source PHP apps that are doing this? It might be helpful to see what they've done.

See Gallery 2. Well, it has automatic Plugin download install/update built in to the Administration.

However, the upgrader is difficult, since it would have to exist outside the main WordPress execution path.

Oops, didn't mean to change the milestone.

Replying to filosofo:

Are there any other open-source PHP apps that are doing this? It might be helpful to see what they've done.

Magento just announced one-click upgrades.

Okay, I think doing this in stages would be a good idea.

The first stage, since it will be many times easier, would be for supporting Subversion checkouts of the WordPress repository. I would absolutely love to just press a button and have everything update instead of having to log into shell and manually "svn up" that way.

While I was hoping to build an installer, I think that can wait until later. I'm uncertain, but I'll check into a plugin repository listings that goes along with the svn upgrader that allows for checking out plugins (if possible).

Will post patch sometime (in case I'm unable to post patch, I would very much like solution to support "svn up").

see #5586 for plugin and theme update discussion

Ideally we'd have different backends that can be used. DD32's plugin updater has some nicely organized filesystem backends.

http://wordpress-soc-2007.googlecode.com/svn/trunk/dd32.crazyman/trunk/includes/

svn support is well and good, but most people are going to be using ftp. If you have svn and a shell you can just write a one-liner that calls svn up over ssh and be done. :-)

I'm moving towards pluggable functions, since this would allow for my svn system (I would want to use the WordPress Plugin Respository to checkout and update the plugins). So basically, it could probably forward.

#4779 has working, unit tested code that fully supports many file system methods and is extensible. So I haven't received any feedback on that ticket on what improvements need to be made. It functionality into the core would allow for downloading a zip file.

However there are only a few methods to unzip on PHP systems.

1. If *nix, using the system function (if not disabled) to unzip the file.
2. Two zip extensions are available to test for. The Zip extension does quite a good job and is very easy. I would recommend using that.
3. Some PHP class that combines all three above methods.

The reason I would advocate SVN is that even through, many users won't use it, building an installer for SVN can come later and be a plugin or the user can checkout the repository by shell and manage WordPress administration from there. Many testers also use Subversion, so haven't a one click upgrader that no one else can find and run would be useful.

It is also to be complete. The only other method besides FTP/HTTP and Subversion is PEAR. I also think Subversion upgrader would be both the easiest and more secure version (the upgrader can automatically add .htaccess rules to prevent looking into the .svn folders for the user).

Even a subversion updater would need FTP or direct fs access to manipulate non-svn files such as the backups saved by the Automatic Upgrade plugin or the htaccess files you mention. DD32's filesystem backends look promising for that.

Don't forget the users of localized versions.

The auto-update mechanism should also update localized installations, possibly using the wp-i18n repository, or alternatively using a custom repository to be defined manually by the localization group.

Potentially, the auto-update mechanism should only notify of new versions if the localized version has already been updated as well.

sorry, closed accidentally

The idea of an automatic upgrade option in WordPress looks very promising!

Currently, I make my WordPress upgrades using a 'mixed' system of my own - I make a backup of all my current WordPress files using SSH (the 'cp -rf' command, simply copy all files in a folder *outside* of the web-accessible part of the site), also a backup of the database using the excellent wp-db-backup plugin, then I download the latest WordPress version (wget, tar), delete '/wp-content/' in it (so I don't over-write by mistake any custom theme of mine or any plugins), after that I simply delete all current WP files and folders, *except* /wp-content/, wp-config.php, .htaccess, then I copy the new files and folders to my current WP install dir, open upgrade.php in my browser, all done:)

Doesn't take more than a couple of minutes, and I also have complete control and understanding of what's happening at the moment of the upgrade.

In case something goes wrong, I can restore my previous WP install in just a second, using my backups: copy of the WP files & folders and MySQL database snapshot, made right before the upgrade...

Would be great, if the Automatic Upgrade option, which is planned for WP 2.6+, will work in a similar, transparent and user-friendly way... or at least, for the power user it'll work this way... :-)

Cheers!

PS Sorry, accidentally delete 'version', restoring back to 2.5...

Replying to ryan:

To survey what else is available, there is also this plugin: http://www.zirona.com/software/wordpress-instant-upgrade/

Just FYI, Instant Upgrade is available in a new version, now also with FTP support and many other features. (A first alpha with FTP support had already been released in May 2007, but this beta is really mature. I think it will be released "final" soon.)

Please also consider this plugin, when you think about inclusion of an automatic upgrading solution into the WP core.

Regardless of which one will be taken; I also (like filisofo) have concerns about taking such a complex piece of software into the WP core. I've written about this topic a while ago (Note that the security-related statements in that entry refer to the old IU version). However, if the core developers want to include one, I wouldn't mind seeing mine being taken. ;)

The current upgrade system is not up to my personal standards, which means it does not work on my system and is throwing errors. It appears that it wants to traverse all directories leading up to the public one. I take issue with that since I do not have permissions to the directories above mine. Not quite true, but in most cases I don't.

Replying to darkdragon:

The current upgrade system is not up to my personal standards, which means it does not work on my system and is throwing errors. It appears that it wants to traverse all directories leading up to the public one. I take issue with that since I do not have permissions to the directories above mine. Not quite true, but in most cases I don't.

You mean the stuff for #5586? If so, yes, that needs to be fixed.

I had problems with my host after installing. The plugin never worked correctly, and I finally deleted it. I have a folder called "wpau-backup" in my root index. Can I delete it without causing serius problems? Does anyone know?

Replying to frbobscorner:

I had problems with my host after installing.

Which plugin? Anyway, this isn't the place for plugin support.