WordPress.org

Ready to get started?Download WordPress

Forums

Allow PHP in WordPress Pages and security issue (2 posts)

  1. bloggingandwb
    Member
    Posted 9 months ago #

    I want to add PHP codes for pages to a big project.

    I am going to use http://wordpress.org/plugins/allow-php-in-posts-and-pages/ plugin.

    Read 2 comment in this post (http://www.wpbeginner.com/plugins/how-to-allow-php-in-wordpress-posts-and-pages/)

    Comment 1 : No, for obvious reasons this would be an invitation to be hacked. Its very simple to create a shortcode instead (with your own plugin) or use something like the “post snippets” plugin instead.

    Comment 2: For the love of Christ, don’t execute PHP from the CMS, probably the single worst thing apart from publishing your FTP details as far as security goes.

    Is it true?

    How I add PHP codes to WordPress pages?

  2. catacaustic
    Member
    Posted 9 months ago #

    Very true. I know that plugin is good and does it's job well, but I would never trust PHP code inside my pages/posts. It's just to much of a risk for someone to try and hack something in where it's not meant to be. Shortcodes are difinately the answer to what you're looking for. They let you add in extra functionality and let you keep control of the code, not your editors.

Reply

You must log in to post.

About this Topic

Tags