runPHP Plugin for WordPress
Update: 2.3.1 - Important security fix, should work on PHP4 again. Thanks for all the quick information regarding the break!
runPHP is a WordPress plug-in that enables users to embed PHP code directly into their posts.
runPHP 2.3.1 is now available! It does work with WordPress 2.2.x; it fixes some important SQL-injection vulnerabilities and should work with PHP4. (Let me know ASAP if it doesn’t!)
What’s New
- Using a global DEFINE instead of a class static member variable so it works with PHP4 again.
- Adjusted code to catch possible SQL-injection vulnerabilties (Thanks to Benjamin Flesch of mybeNi websecurity. )
See the full changelog, or browse our SVN repository.
A forum for discussing issues and experiences with this plugin is available at www.nosq.com/forum. (free, captcha-based registration required) It might be easier to get my attention via the contact form though.
Download
- runPHP 2.3.1 - .zip file of latest version - only for WordPress 2.0 or higher
Sorry, but previous (1.5.x) versions of WordPress are no longer supported.
New Features
- Permission to use runPHP is controlled by Roles and Capabilities
- Configure those permissions in the new runPHP Options page
- Also works in your feeds (RSS, RSS2, Atom, & RDF)
- Better integration with WordPress 2.0 administrative UI
- Internationalization support: English (default), German, and French so far
- Refactored code - friendlier function names, encapsulated in a class
- Now works on PHP4 servers as well! (see caveats, below, though)
User Manual
See the runPHP manual page.
Also, runPHP has been given its own page on this blog. In the future, all updates were be published there, though this entry will remain open for comments.
Sample Code
<?php
$curDate = date('D., F jS Y H:i:s');
echo "\n<p>";
echo 'Right now the server thinks it is ' . $curDate;
echo "\n</p>";
?>
Result:
Right now the server thinks it is Tue., February 17th 2009 22:13:29
(only showing the 10 most recent - View All Comments)
Is there any way to get around the fact that the tags cause the page to fail validation? Possibly something like:
Hi,
I installed your plugin having recently tried ExecPHP, Hana, and indeed a couple of others. As admin and with the visual turned off the page when saved comes back with the code trashed. Using WPMU 1.5.1 which is roughly similar to WP 2.5.1.
Anyone else got this issue?
an update:
I think its poss the problem is either WPMU or another plugin, just tried runPHP on my standalone 2.5.1 WP and its ok.
Any ideas?
great post. was very informative. keep it up
I have bookmarked this site. Thanks Kfz Versicherung
Hello,
An awesome plugin, do give it a try and let you know my feed back.
This plugin is a God-send. thank you.
I only have the one problem…
Warning: fread() [function.fread]: Length parameter must be greater than 0 in /path/to/wordpress//plugins/runPHP/runPHP.php(410) : eval()’d code on line 4
I’m getting that whenever I use php. Any ideas?
Cancel that. My fault. Mistyped something. Awesome plug-in. Thank you!
It generates an error when I tick mark “run php”
error is
Parse error: syntax error, unexpected T_STRING in /home/neeraj/public_html/tutorialwebdesign/wp-content/plugins/runPHP/runPHP.php(410) : eval()’d code on line 1
and
eval() box is not in my wp i m using 2.6.2…
plz suggest How can i rectify this..
thanks
http://www.tutorialwebdesign.com
Great Post! This wordpress plugin is quite good. I am using it.