Using Environment variables in Wordpress wp-config

StackOverflow https://stackoverflow.com/questions/9300998

  •  29-04-2021
  •  | 
  •  

Question

I'm using phpfog.com for hosting and github.com for issue tracking, etc. I have two remotes setup, one to phpfog.com, and the other to github.

In the back-end admin of phpfog you can define Environment Variables. I did so there and want to use them in my wp-config file.

Here's the code I used:

/** Hardened Salts for use on github.com, phpfog.com, etc.*/
$AUTH_KEY = getenv('AUTH_KEY'); 
$SECURE_AUTH_KEY = getenv('SECURE_AUTH_KEY');
$LOGGED_IN_KEY = getenv('LOGGED_IN_KEY');
$NONCE_KEY = getenv('NONCE_KEY');
$AUTH_SALT = getenv('AUTH_SALT');
$SECURE_AUTH_SALT = getenv('SECURE_AUTH_SALT');
$LOGGED_IN_SALT = getenv('LOGGED_IN_SALT');
$NONCE_SALT = getenv('NONCE_SALT');
define('AUTH_KEY',$AUTH_KEY);
define('SECURE_AUTH_KEY',$SECURE_AUTH_KEY);
define('LOGGED_IN_KEY',$LOGGED_IN_KEY);
define('NONCE_KEY',$NONCE_KEY);
define('AUTH_SALT',$AUTH_SALT);
define('SECURE_AUTH_SALT',$SECURE_AUTH_SALT);
define('LOGGED_IN_SALT',$LOGGED_IN_SALT);
define('NONCE_SALT',$NONCE_SALT);
/** ------------------------------------=-----*/

There must be a cleaner way of doing this…

UPDATE! Here's the cleaned up code thanks to zerkms

$dbvalues = array('DB_HOST', 'DB_NAME', 'DB_USER', 'DB_PASSWORD');
/** -------------------------------------------------------------*/
foreach ($dbvalues as $dbvalue) {
    define($dbvalue, getenv($dbvalue));
}

$saltykeys = array('AUTH_KEY', 'SECURE_AUTH_KEY', 'LOGGED_IN_KEY', 'NONCE_KEY', 'AUTH_SALT', 'SECURE_AUTH_SALT' , 'LOGGED_IN_SALT', 'NONCE_SALT' );
/** -------------------------------------------------------------*/
foreach ($saltykeys as $saltykey) {
    define($saltykey, getenv($saltykey));
}
Was it helpful?

Solution

You could make it twice shorter passing the function result as a constant value without intermediate variable:

define('AUTH_KEY', getenv('AUTH_KEY'));

Or do that in a loop:

$vars = array('AUTH_KEY', 'SECURE_AUTH_KEY', ...);
foreach ($vars as $var) {
    define($var, getenv($var));
}

OTHER TIPS

I prefer to use this approach below:

<?php

//GET HOSTNAME INFO
$hostname = $_SERVER['SERVER_NAME']; 

//VERIFY WHICH ENVIRONMENT THE APP IS RUNNING
switch ($hostname) {
    case 'development.dev':
        define('WP_ENV', 'development');
        define('WP_DEBUG', true);
        break;
    case 'staging.mywebsite.com':
        define('WP_ENV', 'staging');
        define('WP_DEBUG', true);
        break;
    case 'www.mywebsite.com':
        define('WP_ENV', 'production');
        define('WP_DEBUG', false);
        break;
    default:
        define('WP_ENV', 'production');
        define('WP_DEBUG', false);
}

?>

The best way to use environment variables to control your WP environment is by using DotEnv ( https://github.com/vlucas/phpdotenv )

This approach is laid out in a blog post: https://m.dotdev.co/secure-your-wordpress-config-with-dotenv-d939fcb06e24

The basic approach is to create an .env file in the root of your site with the environment variables.

However there are a few problems with the blog post as DotEnv version 5 no longer uses environment variables by default.

So instead of the code used in the blog post, use this at the top of your wp-config.php file...

$app_env = getenv("APP_ENV");
$file = $app_env == null ? ".env" : ".env.".$app_env;
if(file_exists(__DIR__.'/'.$file))
{
    require_once(__DIR__ . '/vendor/autoload.php');
    (Dotenv\Dotenv::createUnsafeImmutable(__DIR__,$file))->load();
    error_log("Environment loaded from ".$file);
} else {
    error_log("*WARNING* environment file not found: ".$file);
}

The .env file looks like this...

# MySQL settings

DB_NAME=wpbench
DB_USER=wpuser
DB_PASSWORD=password
DB_HOST=localhost
DB_CHARSET=utf8
DB_COLLATE=

Defining the constants in the wp-config.php file looks like this...

/** The name of the database for WordPress */
define( 'DB_NAME', getenv('DB_NAME'));

/** MySQL database username */
define( 'DB_USER', getenv('DB_USER'));

/** MySQL database password */
define( 'DB_PASSWORD', getenv('DB_PASSWORD'));

/** MySQL hostname */
define( 'DB_HOST', getenv('DB_HOST'));

/** Database Charset to use in creating database tables. */
define( 'DB_CHARSET', getenv('DB_CHARSET'));

/** The Database Collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', getenv('DB_COLLATE'));

Use the APP_ENV variable to switch between variable sets. For example create .env.production and .env.staging files. If the .env file does not exist then the values are pulled from the environment which works well for cloud deployment.

From WordPress 5.5.0

WordPress has added a new function for the environment variables with 3 different possible values.

You can use wp_get_environment_type() function to get the current environment.

Usage example:

If(wp_get_environment_type() === 'development') {
 // do something
} else {
 // do something
}

By default, if WP_ENVIRONMENT_TYPE is empty or invalid ( anything except development, staging & production), production is returned.

You can define development or staging environment through the wp-config.php file.

define( 'WP_ENVIRONMENT_TYPE', 'development' );
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top