(Note: User 1 automatically has all permissions including the use of the PHP filter regardless whether permission is granted to any role.) The permission box must be checked for the role that needs to use PHP code in order for the PHP filter to show on input boxes. Scroll down to the Filter section and notice that there is a new item called "Use the PHP code text format" and its checkbox for the Administrator is not checked. Click on this to go to the Permissions page. It's not long and is worth reading, so check it out. Scroll back down to the PHP filter module again and notice that two links have been added. At this point, you should be all set, but hold on for just a second. Scroll down to the PHP filter module and check the Enabled box. This is found at /admin/modules or on the Drupal 7 menu system: Administration > Modules. To do this, make sure you've saved your block and navigate to the Module Administration page. A fresh install of Drupal 7 has this module disabled by default. Here is the critical fix and the point of this article:ĭrupal 7 Core contains a module called "PHP filter". Most likely Drupal 7 will print out the PHP code instead of interpreting it, giving you an unexpected and ugly result. Now, save your block, enable it by placing it on one of your theme's regions, and test it out. You have probably done what is necessary sometime in the past.) (If "PHP code" is an option on the Text Format drop-down, you should be all set and need not read any further. But realize that this is a problem we are going to have to fix. Here is a simple example: HelloĪfter placing your PHP code, you can select PHP code in Text Format drop-down. If this doesn't appear, check with your module PHP filter Module enabled or not. You can mix text, HTML, and PHP code (sometimes called PHP snippets). After filling in the Block description and Block title, go ahead and put your PHP code in the Block body. To begin, create a custom Block by navigating to the Add Block page found at /admin/structure/block/add or on the Drupal 7 menu: Administration > Structure > Blocks > Add Block. It also assumes you know how to create a block and place it on your page, although you should be able to get through this without that knowledge. It assumes that you are logged in with administrative privileges and are not yet advanced enough to be aware of the PHP filter Module ( Like me, when I first ran into this problem). This article is for Drupal 7 developers who have tried to put PHP code in the body of a Custom Block but can't get it to run. PHP code has full access to your site, including payment data submitted to the site, user passwords as they are submitted, and your site’s content.A trusted user with a weak password, unlocked computer or insecure session sniffed allows an attacker to use their account.A typo causes a syntax error making your site inaccessible.It is a good idea to create a separate role distinct from “administrator” for this module (and other potentially dangerous ones) such as “developer.” The risks include: Only grant permission to use the PHP filter for competent PHP coders you trust. The PHP input filter introduces the possibility for malicious users to attack your website with malicious scripts. Enabling the PHP filter module is not a good idea
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |