Merge pull request #739 from nextcloud/pr-592

skjnldsv · web-flow · commit 53b090031569 · 2026-04-08T07:24:56.000+02:00
feat(updater.secret): allow users to just copy paste the line
diff --git a/index.php b/index.php
@@ -2024,7 +2024,15 @@ public function isAuthenticated(): bool {
 				<p>To login you need to provide the unhashed value of "updater.secret" in your config file.</p>
 				<p>If you don't know that value, you can access this updater directly via the Nextcloud admin screen or generate
 				your own secret:</p>
-				<code>php -r '$password = trim(shell_exec("openssl rand -base64 48"));if(strlen($password) === 64) {$hash = password_hash($password, PASSWORD_DEFAULT) . "\n"; echo "Insert as \"updater.secret\": ".$hash; echo "The plaintext value is: ".$password."\n";}else{echo "Could not execute OpenSSL.\n";};'</code>
+				<code>php -r '$password = trim(shell_exec("openssl rand -base64 48"));
+				if (strlen($password) === 64) {
+    					$hash = password_hash($password, PASSWORD_DEFAULT);
+    					echo "Insert this line in your config.php:\n\n";
+    					echo "'\''updater.secret'\'' => '\''" . $hash . "'\'',\n\n";
+    					echo "The plaintext value is: " . $password . "\n";
+				} else {
+    					echo "Could not execute OpenSSL.\n";
+				}'</code>
 				<form method="post" name="login">
 					<fieldset>
 						<input type="password" name="updater-secret-input" value=""
diff --git a/index.web.php b/index.web.php
@@ -576,7 +576,15 @@ public function isAuthenticated(): bool {
 				<p>To login you need to provide the unhashed value of "updater.secret" in your config file.</p>
 				<p>If you don't know that value, you can access this updater directly via the Nextcloud admin screen or generate
 				your own secret:</p>
-				<code>php -r '$password = trim(shell_exec("openssl rand -base64 48"));if(strlen($password) === 64) {$hash = password_hash($password, PASSWORD_DEFAULT) . "\n"; echo "Insert as \"updater.secret\": ".$hash; echo "The plaintext value is: ".$password."\n";}else{echo "Could not execute OpenSSL.\n";};'</code>
+				<code>php -r '$password = trim(shell_exec("openssl rand -base64 48"));
+				if (strlen($password) === 64) {
+    					$hash = password_hash($password, PASSWORD_DEFAULT);
+    					echo "Insert this line in your config.php:\n\n";
+    					echo "'\''updater.secret'\'' => '\''" . $hash . "'\'',\n\n";
+    					echo "The plaintext value is: " . $password . "\n";
+				} else {
+    					echo "Could not execute OpenSSL.\n";
+				}'</code>
 				<form method="post" name="login">
 					<fieldset>
 						<input type="password" name="updater-secret-input" value=""
