Wordpress PHP Exec Plugin
This plugin lets you execute dynamic PHP code in posts. It masks PHP code before balanceTags, and unmask them afterwards, so it should be safe to use PHP code that has literal HTML tags in it, for example: code which print out HTML.
Requirement
WordPress 1.5. Version 1.2 is not supported. You will also need PHP version 4.3.0 or later.
Do NOT use this plugin if you can’t trust people who make posts in your WordPress installation, it is a HUGE security hole. User level is now supported! By default the plugin only operates on level 9 user.
Installation
- Download the plugin: phpexec.txt
- Rename the plugin to phpexec.php and put it into your
wp-content/pluginsdirectory - Activate the plugin from WordPress administration menu
Usage
In posts, enclose any PHP code you want to execute with <phpcode> … </phpcode>. Only real PHP code allowed, no <?php … ?> blocks allowed. The block will then be replaced by the output of PHP code. In <phpcode> blocks, you will need to start any PHP command with <?php and end it with ?> as usual.
From the Wordpress admin menu, you can change minimum user level that is allowed to use the plugin. It is available from Options - PHPExec menu.
Example
<phpcode>
<?php
echo "Current date and time: ";
echo date("l dS of F Y h:i:s A");
?>
</phpcode>Demonstration
Output of the above code:
Current date and time: Monday 12th of May 2008 05:59:59 AM
Credits
This plugin is inspired by RunPHP, another plugin which accomplishes the same thing but did not work for me. Thanks to iang for tricks to make embedded PHP code feels more like a real PHP code. Some code are borrowed from WordPress source code. Thanks to Beau Collins for the user level code.
Changelog
1.0:
- First public release
1.1:
- Non backward compatible change: now you need to enclose PHP code with <?php … ?> as you would do in real PHP script.
1.2:
- Added filters to handle excerpts.
1.3:
- Fixed a small error in evaled code, thanks to AJ for spotting this.
1.4:
- Added user level security feature.
1.6:
- Try to avoid using common variable names (thanks to David H. Brown)
1.7:
- Removing debugging comments should fix the problem with automatic tag insertion done by Wordpress.
kalo diapply komen bisa jadi gila
#1: gak lah, nanti komentator bisa obrak abrik data kita
Mendingan gak dipasang ah…
..
Bener-bener lagi demam Plug-in nih..
Kalo mau bisa ada <?php … ?> di dalam <phpcode> itu, data yang bakal di
exec()musti ditambahin “<?” dulu di depannya..tinggal ngubah
eval($php);
menjadi
eval(”<?”.$php);
aja..
#4: betul juga, cuma harusnya
eval("?>" . $php . ">?php ');. nanti gua update supaya kodenya bisa lebih rapih.eh iya, kebalik ya?
tapi kok itu
&gt?phphehee..sebenernya gak usah dibuka lagi juga gak apa2.. cukup tutup dulu di depannya aja.
aduh.. lupa titik koma.. maksudnya
>?phpWordPress Plugin: PHP Exec
This plugin lets you execute dynamic PHP code in posts. It masks PHP code before balanceTags, and unmask them afterwards, so it should be safe to use PHP code that has literal HTML tags in it, for example: code which print out HTML….
#7: emang repot banget ngequoting manual
[…] PHP code inside the WP! Yes! It works, and you can find the plugin here. This time and datestring has the following code: Current date […]
[…] t the above plugin on some pages, you probably need to execute some PHP-code. This plugin, PHPexec, solves this. Just download the file, upload it, and embedd PHP-code as […]
There is a bug in the code. I write this for the english users of the plugin, so they may correct this.
Line 55:
eval("?>". $php . "<php ");Should be:
eval("?>". $php . "<?php ");Otherwise the server may not properly parse the content.
#12: thanks for spotting the bug, it’s fixed in the latest release.
[…] eile etwas Neues berichten. Olf hat mich auf ein aktuelleres Plugin hingewiesen, dass sich PHP Exec nennt. Beide Plugins ermglichen es, PHP Skriptcode in Posts und Pages […]
[…] Exec plugin. Plugin to the wall Well, recently, I installed the PHP Exec plugin, so I could actually run php code inside my posts… Proof […]
Will this work in WordPress Pages as well?
#16: Yes, it should work in pages as well.
[…] e. There may of been an easier way to do it but this is what I did. I first installed the PHP Exec Plugin so I could run PHP code in my Pages. Then I installed Smart Arc […]
[…] dilindungi juga karya turunan (derivasi) tetap dilindungi. Misal Priyadi yang membuat kode plugin php exec di WordPress harus mengikuti aturan redistribusi yang berlaku p […]
[…] ke to use PHP within a WordPress post too, check out Navid Azimi’s WP-exec plugin or Priyadi’s exec plugin. This entry was posted […]
Hi, thanks very much for developing this plugin. I’m trying to get it to work in my archives here. As you can see there is an error: “Call to undefined function: ob_get_clean()”. Is there anything I could have done wrong? The code I used in the post was (with all of the brackets “”):
I followed the instructions and did not change the plugin. Thanks in advance for your help!#21: Hi, from PHP homepage it looks like the function is only supported by PHP 4.3.0 or later version and you are currently using PHHP 4.1.2. You might want to upgrade your PHP to the latest version.
Ok okay. Thanks ver much for finding that out for me. I’ll keep harassing my host about it (they want to charge a lot of money and I’m afraid to do it on my own).
Thanks
I added yet another of your plugins to my site
I suggest arranging a button added to the toolbar.
d30e330597c25852e8bcfffe0
5489e6b48efeb4d881583f5c330c981a 2c6b4dd0d06531452a14.
[…] Text mit dem RunPHP-Plugin. Ergänzung 24. März: oder dem […]
Is it possible to add a quicktag button for this function? If so, how and can I do that easly myself? Thanks.
This plugin is a great idea.
Suggestion for version 2: Make it so that only users above a certain user level can post php code. Perhaps it could check the user level of the author of the post or page, and if above a certain level (defined by the admin) it parses the php code. If the author is below the defined user level, then it does not parse the code and instead displays it as regular text. This would address the security concerns and allow people to use your plugin even if they don’t want to allow all users to post php code.
[…] s is an all new stuff. I’m probably starting clean! Links: Wordpress IImage Browser PhpExec This entry was posted on Wednesd […]
To solve the security issue could you build in a hook that make it so when a user without the correct user_level (admin, or configurible through an options page) posts, if they attempt to add:
it will just be stripped from the post.
That way you can control who can run php code through posts.
[…] s back to their own sites. I have been deluged with thousands of spams referrals myself. PHP Exec : Execute PHP Code inside a post. Now I can incorporate my own pre-ma […]
[…] ar 2, this one is for my use only. Smart Archives, this one powers the archives section. PHP Exec, this is a great plugin, it allows the use of PHP code in posts and pa […]
[…] r PHP Exec” hreflang=”ca”>
Connector PHP Exec
10/04/05 WordPress PHP Exec Plugin. Aquest connector de Wor […]
[…] rackback URI for this post. my ‘plugins to check’ list http://priyadi.net/archives/2005/03/02/wordpress-php-exec-plugin/ No responses to ‘my ‘plugins t […]
[…] 217;t use it for comments, though. Can’t live without this, plain HTML sucks (10/10) PHPExec. Probably my most practical plugin. Not as useful as plugins made by ot […]
[…] ouple of things. First, I had to download another Wordpress plug-in. This time I used PHP Exec which would allow me, with special tags, create dynamic PHP within pos […]
Embedding PHP in WordPress Pages
I needed to embed some PHP code into [my Pathfinding page](/pathfinding/) earlier today and was having some difficulty until I came across the (PHP Exec for WordPress)[http://priyadi.net/archives/2005/03/02/wordpress-php-exec-plugin/]. This plugin all…
[…]
TestSquozen posted in Geekery on April 22nd, 2005
I just installed the PHP Exec plugin which allows me to inject PHP code into a blog post. This allo […]
[…] your site. If you blog on your own (Your blog doesn’t have multiple authors), this PHP Exec Plugin will allow you to attach images to posts using the function in […]
[…] I was going after. Ideas? Update: There’s a plugin called WordPress PHP Exec found here that works wonders!!!! Thanks to Kafkaesqui for pointing me in the right d […]
[…] pdate .htaccess file to properly handle permalinks for the new page. Install and activate Wordpress PHP Exec plugin Export BlogLines profile via PHP Exec plugin, like s […]
[…] your site. If you blog on your own (Your blog doesn’t have multiple authors), this PHP Exec Plugin will allow you to attach images to posts using the function in […]
Fantastic plugin. Works perfectly. Now we can write almost anything in WordPress without resort to static web pages. Thanks.
[…] Lists. And finally, our special thanks to Priyadi Iman Nurcahyo for his WordPress plugin, PHP Exec, which made integration of database results into this blog a piece of […]
[…] てそこに表示させたい時は、PHPコードをページで有効にするRunPHPやPHP EXECのようなスクリプトが必要です。面倒な […]
[…] 出我所使用的外掛。 是為誌。 本篇文章將不定期更新。 發文 PHP Exec 在文章裡內嵌可動態執行的 PHP 程式碼。 Easy Pos […]
[…] 果有这方面的插件就再简单不过了)”。感谢桑葚告知我这个插件:Wordpress PHP Exec Plugin。本文主要谈谈这个插件以及flickr_show_pho […]
[…] of May 2005 01:03:14 PM If the date and time show above, then it is working. It being the phpcode plugin. Posted by Paula O in Real Life
[…]
[…] ing the list manager plugin a week or so ago, I realized yesterday that I had to install a php execute plugin in order to run php code on a page. The embed list code that […]
This plug in works great, save for one problem I’m having (admittedly not a problem with the plugin itself).
I’m trying to embed a download link within a post, whereby the link is based on the post’s title. The code works fine in the template loop, but doesn’t retrieve the post_name from within the post itself. Here’s the code:
post_name;?>.zip”>Download “”
Any help would be appreciated.
Oops sorry, forgot to code it:
<a>post_name;? >.zip">Download ""</a>Grrr.. one more time
(a href="http://www.website.com/downloads/(?php echo $post->post_name;?).zip")Download "(?php the_title(); ?)"(/a)#52: try globalling $post:
global $post.I did
?php echo global $post->post_name;?and got this error:
“Parse error: parse error, unexpected T_GLOBAL in /wp-content/plugins/phpexec.php(61) : eval()’d code on line 1″
#54: do it like this:
<?php global $post; ?>that returned nothing either
#56: yes, that alone should return nothing. the point is, if you want to use variable inside phpexec, you need to ‘global’ it before using it. in your case, you want to use the variable $post->post_name from outside phpexec. but by default it is not available within phpexec block, you will need to ‘global’ it first before you can use it.
Never worked for me, just produced
“PHP –>”
That all sounds more complicated, I’m not very well versed in php, I didn’t think pulling the post_name should be so hard! Thanks anyway.
[…] ltimas imgenes subidas y poder meterlas directamente en un post con un par de clicks. - PHP Exec: Permite insertar cdigo PHP en los posts. - TechnoTag […]
[…] und between the two lines: $output .= “n”; echo $output; PHP Exec This plugin lets you execute dynamic PHP code in posts. It masks […]
[…] und between the two lines: $output .= “n”; echo $output; PHP Exec This plugin lets you execute dynamic PHP code in posts. It masks […]
[…] und between the two lines: $output .= “n”; echo $output; PHP Exec This plugin lets you execute dynamic PHP code in posts. It masks […]
Worked Great! Thanks so much.
how do I do an include? So far it isn’t working…..
#65: how is it not working? could you provide more information? sample codes or error messages would be appreciated.