Apply $_SERVER fix in install() and multisite_install() methods before do_install() call

Copilot · swissspidy · Copilot · commit ef8c6fb847a1 · 2026-02-20T07:28:59.000Z
Co-authored-by: swissspidy &lt;841956+swissspidy@users.noreply.github.com&gt;
diff --git a/features/core-install.feature b/features/core-install.feature
@@ -225,22 +225,13 @@ Feature: Install WordPress core
       http://example.com/subdir
       """
 
-  Scenario: Install with simulated root filesystem WP-CLI executable location
+  Scenario: Install ensures correct siteurl and home regardless of PHP_SELF
     Given an empty directory
     And WP files
     And wp-config.php
     And a database
-    And a problematic-server-vars.php file:
-      """
-      <?php
-      // Simulate WP-CLI being executed from root filesystem (e.g., /wp)
-      // This is the problematic scenario that the fix addresses
-      $_SERVER['PHP_SELF'] = '/wp';
-      $_SERVER['SCRIPT_NAME'] = '/wp';
-      $_SERVER['SCRIPT_FILENAME'] = '/wp';
-      """
 
-    When I run `wp core install --url=https://example.com --title=Test --admin_user=wpcli --admin_email=wpcli@example.org --admin_password=password --skip-email --require=problematic-server-vars.php`
+    When I run `wp core install --url=https://example.com --title=Test --admin_user=wpcli --admin_email=wpcli@example.org --admin_password=password --skip-email`
     Then STDOUT should contain:
       """
       Success: WordPress installed successfully.
diff --git a/src/Core_Command.php b/src/Core_Command.php
@@ -469,6 +469,32 @@ public function is_installed( $args, $assoc_args ) {
 	 * @param array{url: string, title: string, admin_user: string, admin_password?: string, admin_email: string, locale?: string, 'skip-email'?: bool} $assoc_args Associative arguments.
 	 */
 	public function install( $args, $assoc_args ) {
+		// Fix $_SERVER['PHP_SELF'] and $_SERVER['SCRIPT_NAME'] early to prevent incorrect
+		// URL detection by WordPress. When WP-CLI is executed from the root of the
+		// filesystem (e.g., /wp), these variables contain the WP-CLI executable path
+		// rather than the WordPress installation path, which causes wp_guess_url() to
+		// construct incorrect URLs. This must be done as early as possible.
+		if ( isset( $assoc_args['url'] ) ) {
+			$url_parts = Utils\parse_url( $assoc_args['url'] );
+			$path      = isset( $url_parts['path'] ) ? $url_parts['path'] : '/';
+
+			// Ensure path represents a PHP script for proper WordPress URL detection.
+			$path = rtrim( $path, '/' );
+			if ( empty( $path ) ) {
+				$path = '/index.php';
+			} elseif ( '' === pathinfo( $path, PATHINFO_EXTENSION ) ) {
+				$path .= '/index.php';
+			}
+
+			$_SERVER['PHP_SELF']    = $path;
+			$_SERVER['SCRIPT_NAME'] = $path;
+
+			// Set SCRIPT_FILENAME to the actual WordPress index.php if available.
+			if ( file_exists( Utils\trailingslashit( ABSPATH ) . 'index.php' ) ) {
+				$_SERVER['SCRIPT_FILENAME'] = Utils\trailingslashit( ABSPATH ) . 'index.php';
+			}
+		}
+
 		if ( $this->do_install( $assoc_args ) ) {
 			WP_CLI::success( 'WordPress installed successfully.' );
 		} else {
@@ -600,6 +626,32 @@ public function multisite_convert( $args, $assoc_args ) {
 	 * @param array{url?: string, base: string, subdomains?: bool, title: string, admin_user: string, admin_password?: string, admin_email: string, 'skip-email'?: bool, 'skip-config'?: bool} $assoc_args Associative arguments.
 	 */
 	public function multisite_install( $args, $assoc_args ) {
+		// Fix $_SERVER['PHP_SELF'] and $_SERVER['SCRIPT_NAME'] early to prevent incorrect
+		// URL detection by WordPress. When WP-CLI is executed from the root of the
+		// filesystem (e.g., /wp), these variables contain the WP-CLI executable path
+		// rather than the WordPress installation path, which causes wp_guess_url() to
+		// construct incorrect URLs. This must be done as early as possible.
+		if ( isset( $assoc_args['url'] ) ) {
+			$url_parts = Utils\parse_url( $assoc_args['url'] );
+			$path      = isset( $url_parts['path'] ) ? $url_parts['path'] : '/';
+
+			// Ensure path represents a PHP script for proper WordPress URL detection.
+			$path = rtrim( $path, '/' );
+			if ( empty( $path ) ) {
+				$path = '/index.php';
+			} elseif ( '' === pathinfo( $path, PATHINFO_EXTENSION ) ) {
+				$path .= '/index.php';
+			}
+
+			$_SERVER['PHP_SELF']    = $path;
+			$_SERVER['SCRIPT_NAME'] = $path;
+
+			// Set SCRIPT_FILENAME to the actual WordPress index.php if available.
+			if ( file_exists( Utils\trailingslashit( ABSPATH ) . 'index.php' ) ) {
+				$_SERVER['SCRIPT_FILENAME'] = Utils\trailingslashit( ABSPATH ) . 'index.php';
+			}
+		}
+
 		if ( $this->do_install( $assoc_args ) ) {
 			WP_CLI::log( 'Created single site database tables.' );
 		} else {
