PHP is a very useful and flexible computer language – proof of this is that WordPress itself is written in PHP.
In fact, it’s so useful that sometimes we just want a ‘little extra’ bit of code right in the middle of a WordPress blog post – but you can’t by default.
Enter runPHP, a plug-in that allows you to embed PHP and posts, and give your posts a little more dynamic power:
For quite some time, I’ve recommended using phpExec in your posts. However, I now feel runPHP is the better choice, for several reasons:
- phpExec has not been maintained for some time, and I don’t expect it will be updated anytime soon. In contrast, runPHP is still being actively maintained.
- runPHP executes on a ‘per post’ basis. For each post you have a check box that you have to check first to enable PHP execution for that post. This prevents you from any accidental PHP code entries – you know exactly where you’re running your PHP code.
- runPHP limits PHP entry/execution to specified user levels. So while anyone with writing access can enter PHP code in a post or page, only certain ones can use the checkbox to make it ‘active’. For example you can have ONLY Administrators enable PHP, or Editors and Administrators. This avoids a very real security issue of letting everybody and anybody enter PHP to be executed on your posts.
A brief aside here about security: the many, many ways that PHP can be used to abuse a website and wreck havoc would fill many volumes (I know – I’ve read them). PHP provides a tremendous amount of power to your website, but you should always take care to know who is allowed to edit the PHP code and only allow trustworthy people to have that kind of power.
Using the plug-in is very simple:
- Grab it from the website, unzip and upload it to the /wp?content/plugins/ directory of your blog.
- Login and activate it.
- You next have to disable WordPress nesting rules – in the Settings;Writing tab uncheck the formatting option “WordPress should correct invalidly nested XHTML automatically”.
- Login and activate it.
- To add to those who can enter (and run) code besides the default Admin level, visit the Settings;runPHP tab and check the groups allowed, then save.
- When you enter (or edit) PHP code in a post or page, you CANNOT use the visual editor – to turn it off, go to the Users tab, and edit your setting, unchecking (and saving) the entry “Use the visual editor when writing”.
- For each page or post, activate PHP with the checkbox in the right side column ‘run PHP code?’.
- And then enter PHP code where you wish in the article body.
Actually entering the PHP is very simple – just enter like anywhere else, taking care to include the leading <?php and closing ?> tags:
<?php echo ‘Hi There Dave!'; ?>
Which will output the text.
runPHP solves very real issue with putting a bit of ‘glue’ PHP on a page without security concerns and worries. It’s a useful plug-in, and I recommend getting familiar with it if you ever think you’ll need to put a little bit of extra coding on your pages.