Allow PHP in WordPress Pages and security issue | WordPress.org

bloggingandwb
(@bloggingandwb)

10 years, 5 months ago

I want to add PHP codes for pages to a big project.

I am going to use http://wordpress.org/plugins/allow-php-in-posts-and-pages/ plugin.

Read 2 comment in this post (http://www.wpbeginner.com/plugins/how-to-allow-php-in-wordpress-posts-and-pages/)

Comment 1 : No, for obvious reasons this would be an invitation to be hacked. Its very simple to create a shortcode instead (with your own plugin) or use something like the “post snippets” plugin instead.

Comment 2: For the love of Christ, don’t execute PHP from the CMS, probably the single worst thing apart from publishing your FTP details as far as security goes.

Is it true?

How I add PHP codes to WordPress pages?

Viewing 1 replies (of 1 total)

catacaustic
(@catacaustic)

10 years, 5 months ago

Very true. I know that plugin is good and does it’s job well, but I would never trust PHP code inside my pages/posts. It’s just to much of a risk for someone to try and hack something in where it’s not meant to be. Shortcodes are difinately the answer to what you’re looking for. They let you add in extra functionality and let you keep control of the code, not your editors.

Viewing 1 replies (of 1 total)

The topic ‘Allow PHP in WordPress Pages and security issue’ is closed to new replies.

In: Hacks
1 reply
2 participants
Last reply from: catacaustic
Last activity: 10 years, 5 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics