You are here

Home » API reference » PHP 8 » Php.php

class Php in PHP 8

Same name in this branch
  1. 8 src/Plugin/Filter/Php.php \Drupal\php\Plugin\Filter\Php
  2. 8 src/Plugin/Condition/Php.php \Drupal\php\Plugin\Condition\Php
  3. 8 src/Plugin/views/argument_default/Php.php \Drupal\php\Plugin\views\argument_default\Php
  4. 8 src/Plugin/views/argument_validator/Php.php \Drupal\php\Plugin\views\argument_validator\Php

Provides PHP code filter. Use with care.

Plugin annotation


@Filter(
  id = "php_code",
  module = "php",
  title = @Translation("PHP evaluator"),
  description = @Translation("Executes a piece of PHP code. The usage of this filter should be restricted to administrators only!"),
  type = Drupal\filter\Plugin\FilterInterface::TYPE_MARKUP_LANGUAGE,
  cache = FALSE
)

Hierarchy

Expanded class hierarchy of Php

File

src/Plugin/Filter/Php.php, line 20

Namespace

Drupal\php\Plugin\Filter
View source 
class Php extends FilterBase {

  /**
   * {@inheritdoc}
   */
  public function process($text, $langcode) {
    $result = new FilterProcessResult(php_eval($text));
    $result
      ->setCacheMaxAge(0);
    return $result;
  }

  /**
   * {@inheritdoc}
   */
  public function tips($long = FALSE) {
    if ($long) {
      $output = '<h4>' . t('Using custom PHP code') . '</h4>';
      $output .= '<p>' . t('Custom PHP code may be embedded in some types of site content, including posts and blocks. While embedding PHP code inside a post or block is a powerful and flexible feature when used by a trusted user with PHP experience, it is a significant and dangerous security risk when used improperly. Even a small mistake when posting PHP code may accidentally compromise your site.') . '</p>';
      $output .= '<p>' . t('If you are unfamiliar with PHP, SQL, or Drupal, avoid using custom PHP code within posts. Experimenting with PHP may corrupt your database, render your site inoperable, or significantly compromise security.') . '</p>';
      $output .= '<p>' . t('Notes:') . '</p>';
      $output .= '<ul><li>' . t('Remember to double-check each line for syntax and logic errors <strong>before</strong> saving.') . '</li>';
      $output .= '<li>' . t('Statements must be correctly terminated with semicolons.') . '</li>';
      $output .= '<li>' . t('Global variables used within your PHP code retain their values after your script executes.') . '</li>';
      $output .= '<li>' . t('<code>register_globals</code> is <strong>turned off</strong>. If you need to use forms, understand and use the functions in <a href=":formapi">the Drupal Form API</a>.', [
        ':formapi' => 'https://api.drupal.org/api/group/form_api/8',
      ]) . '</li>';
      $output .= '<li>' . t('Use a <code>print</code> or <code>return</code> statement in your code to output content.') . '</li>';
      $output .= '<li>' . t('Develop and test your PHP code using a separate test script and sample database before deploying on a production site.') . '</li>';
      $output .= '<li>' . t('Consider including your custom PHP code within a site-specific module or theme rather than embedding it directly into a post or block.') . '</li>';
      $output .= '<li>' . t('Be aware that the ability to embed PHP code within content is provided by the PHP Filter module. If this module is disabled or deleted, then blocks and posts with embedded PHP may display, rather than execute, the PHP code.') . '</li></ul>';
      $output .= '<p>' . t('A basic example: <em>Creating a "Welcome" block that greets visitors with a simple message.</em>') . '</p>';
      $output .= '<ul><li>' . t('<p>Add a custom block to your site, named "Welcome". With its text format set to "PHP code" (or another format supporting PHP input), add the following in the Block body:</p>
  <pre>
  print t(\'Welcome visitor! Thank you for visiting.\');
  </pre>') . '</li>';
      $output .= '<li>' . t('<p>To display the name of a registered user, use this instead:</p>
  <pre>
  $account = \\Drupal::currentUser();
  if ($account->isAuthenticated()) {
    print t(\'Welcome @name! Thank you for visiting.\', [\'@name\' => $account->getDisplayName()]);
  }
  else {
    print t(\'Welcome visitor! Thank you for visiting.\');
  }
  </pre>') . '</li></ul>';
      $output .= '<p>' . t('<a href=":drupal">Drupal.org</a> offers <a href=":php-snippets">some example PHP snippets</a>, or you can create your own with some PHP experience and knowledge of the Drupal system.', [
        ':drupal' => 'https://drupal.org',
        ':php-snippets' => 'https://drupal.org/documentation/customization/php-snippets',
      ]) . '</p>';
      return $output;
    }
    else {
      return t('You may post PHP code. You should include &lt;?php ?&gt; tags.');
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
FilterBase::$provider public property The name of the provider that owns this filter.
FilterBase::$settings public property An associative array containing the configured settings of this filter.
FilterBase::$status public property A Boolean indicating whether this filter is enabled.
FilterBase::$weight public property The weight of this filter compared to others in a filter collection.
FilterBase::calculateDependencies public function Calculates dependencies for the configured plugin. Overrides DependentPluginInterface::calculateDependencies 1
FilterBase::defaultConfiguration public function Gets default configuration for this plugin. Overrides ConfigurableInterface::defaultConfiguration
FilterBase::getConfiguration public function Gets this plugin's configuration. Overrides ConfigurableInterface::getConfiguration
FilterBase::getDescription public function Returns the administrative description for this filter plugin. Overrides FilterInterface::getDescription
FilterBase::getHTMLRestrictions public function Returns HTML allowed by this filter's configuration. Overrides FilterInterface::getHTMLRestrictions 4
FilterBase::getLabel public function Returns the administrative label for this filter plugin. Overrides FilterInterface::getLabel
FilterBase::getType public function Returns the processing type of this filter plugin. Overrides FilterInterface::getType
FilterBase::prepare public function Prepares the text for processing. Overrides FilterInterface::prepare
FilterBase::setConfiguration public function Sets the configuration for this plugin instance. Overrides ConfigurableInterface::setConfiguration 1
FilterBase::settingsForm public function Generates a filter's settings form. Overrides FilterInterface::settingsForm 3
FilterBase::__construct public function Constructs a \Drupal\Component\Plugin\PluginBase object. Overrides PluginBase::__construct 4
FilterInterface::TYPE_HTML_RESTRICTOR constant HTML tag and attribute restricting filters to prevent XSS attacks.
FilterInterface::TYPE_MARKUP_LANGUAGE constant Non-HTML markup language filters that generate HTML.
FilterInterface::TYPE_TRANSFORM_IRREVERSIBLE constant Irreversible transformation filters.
FilterInterface::TYPE_TRANSFORM_REVERSIBLE constant Reversible transformation filters.
MessengerTrait::$messenger protected property The messenger. 29
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
Php::process public function Performs the filter processing. Overrides FilterInterface::process
Php::tips public function Generates a filter's tip. Overrides FilterBase::tips
PluginBase::$configuration protected property Configuration information passed into the plugin. 1
PluginBase::$pluginDefinition protected property The plugin implementation definition. 1
PluginBase::$pluginId protected property The plugin_id.
PluginBase::DERIVATIVE_SEPARATOR constant A string which is used to separate base plugin IDs from the derivative ID.
PluginBase::getBaseId public function Gets the base_plugin_id of the plugin instance. Overrides DerivativeInspectionInterface::getBaseId
PluginBase::getDerivativeId public function Gets the derivative_id of the plugin instance. Overrides DerivativeInspectionInterface::getDerivativeId
PluginBase::getPluginDefinition public function Gets the definition of the plugin implementation. Overrides PluginInspectionInterface::getPluginDefinition 3
PluginBase::getPluginId public function Gets the plugin_id of the plugin instance. Overrides PluginInspectionInterface::getPluginId
PluginBase::isConfigurable public function Determines if the plugin is configurable.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.