runPHP Plugin for WordPress

**Update:** 2.3.1 – Important security fix, should work on PHP4 again. Thanks for all the quick information regarding the break!

runPHP is a [WordPress]( plug-in that enables users to embed PHP code directly into their posts.

runPHP 2.3.1 is now available! It *does* work with WordPress 2.2.x; it fixes some important SQL-injection vulnerabilities and should work with PHP4. (Let me know ASAP if it doesn’t!)

### What’s New

* Using a global DEFINE instead of a class static member variable so it works with PHP4 again.
* Adjusted code to catch possible SQL-injection vulnerabilties (Thanks to Benjamin Flesch of [mybeNi websecurity]( )

See the [full changelog](/blog/runphp/runphp-changelog/), or browse our [SVN repository](

A forum for discussing issues and experiences with this plugin is available at []( (free, captcha-based registration required) It might be easier to get my attention via the [contact form](/blog/about/) though.

### Download
* [runPHP 2.3.1](/download/ – .zip file of latest version – only for WordPress 2.0 or higher

Sorry, but previous (1.5.x) versions of WordPress are no longer supported.

### New Features
* Permission to use runPHP is controlled by Roles and Capabilities
* Configure those permissions in the new runPHP Options page
* Also works in your feeds (RSS, RSS2, Atom, & RDF)
* Better integration with WordPress 2.0 administrative UI
* Internationalization support: English (default), German, and French so far
* Refactored code – friendlier function names, encapsulated in a class
* Now works on PHP4 servers as well! (see caveats, below, though)

## User Manual

See the [runPHP manual](/blog/runphp/runphp-manual/) page.

Also, runPHP has been given its [own page](/blog/runphp/) on this blog. In the future, all updates were be published there, though this entry will remain open for comments.

### Sample Code

   $curDate = date('D., F jS Y H:i:s');

   echo "\n<p>";
   echo 'Right now the server thinks it is ' . $curDate;
   echo "\n</p>";


echo ‘Right now the server thinks it is ‘ . $curDate;
echo “\n


### Similar plug-ins

* [EzStatic3]( allows you to embed other HTML or PHP pages into your WordPress posts – this a little different than what runPHP does
* [PhpExec]( does pretty much the same thing runPHP is doing, and some people report better luck getting it to work for them.

287 thoughts on “runPHP Plugin for WordPress

  1. I get the same “Call to undefined function: wp_create_nonce()” as AP on a WordPress 2.0.2 blog. Not sure that your statement that runPHP 2.3.1 is for WordPress 2.0 or higher is correct. Could it be that WordPress 2.1 is required ?

    Thank you for this great product.


  2. I’m using runPHP to include a PayPal button on my project. I inserted in the page, and included a paypalbutton.php file in the themes folder. It didn’t work and gave me error messages. I tried the plugins folder, and the root level. I even tried the wp-includes folder. I’m not that versed in PHP so I’m only guessing.

    Your documentation doesn’t state where the reference file should go. Where would I place it?

    Also, in creating a php file with the PayPal code, am I correct in starting a file with

    Any advice would help this “know enough to get around/not enough to do it all” user?


  3. Pingback: Run PHP in Wordpress Posts » SiteLogic Web Development

  4. is it possible to extend the function of theplugin so that it overrides the choice of editor and forces thenon richtext editor when opening up a post or page with RunPHP option on?

    that would save all the hassle of accidentally saving or having to go switch editor.

    just a suggetion that sprung to mind this morning.


  5. I just installed on 2.3.2 and it’s not working. Or rather, it works, but when I go to edit, the php code has disappeared.

    What’s up?


  6. Pingback: Enhanced Links_Wordpress plugin

  7. Hi!
    I have tried to use this plug in but when I visit my page then I get a “Page cannot be displayed” error.
    All I want to do is include another php file, namely, a gallery. Thats it.
    Any suggestions?
    Please try and email a response as I might forget this webpage :S

  8. Got the same problem than Holluwood gossip on version 2.3.2.

    Parse error: parse error, unexpected $ in /homepages/30/d28191523/htdocs/laurent_WP_blog/wp-content/plugins/runPHP/runPHP.php(410) : eval()’d code on line 1

    Parse error: parse error, unexpected ‘;’ in /homepages/30/d28191523/htdocs/laurent_WP_blog/wp-content/plugins/runPHP/runPHP.php(410) : eval()’d code on line 1

    Parse error: parse error, unexpected T_ENDIF in /homepages/30/d28191523/htdocs/laurent_WP_blog/wp-content/plugins/runPHP/runPHP.php(410) : eval()’d code on line 1

    Hope you know the solution…

  9. Pingback: What kind of Plugins WPGeek Uses?

  10. I am trying to create a simple form in php and place on a page. I have the page posting back to itself. However, none of the post data gets back to the form. I realize you said it operates as a function. Unfortunately I am fairly new to this. Is there a way to get the post data to the php code?

    You also mentioned EzStatic3. Is that a better approach or can I define something so taht runPHP can get to the post data?

  11. I get this error message trying to put a php call into a wordpress Page (not a post)

    Warning: include(randomquote.php) [function.include]: failed to open stream: No such file or directory in /home/homeequi/public_html/finance/wp-content/plugins/runPHP/runPHP.php(410) : eval()’d code on line 2

    The randommq php script file is working. Seethe out put page at:

    I get the random quote to appear (without the plugin) above the page contents and below it (first line and last line of the same page contents) using the same call in the page.php file of the template file:-

    however when using it in the page text , it gives this error massage. Have I called in the random file script file correctly?

  12. Ok well the php code wont show on you web site so here is a trial version of it

    “===<====? include(‘randomquote.php’);?===>====”

    the same without the====

  13. OK apologogies I have answered my own question .
    the call should have been

    (minus the ==== things)

  14. Thank you again for this great plugin. I am happily using runPHP, but I am now facing an unexpected problem.

    The problem is that the main feed returned :
    PHP Fatal error: Maximum execution time of 30 seconds exceeded in /…/wp-includes/formatting.php on line 685

    I had to reduce the number of posts in the syndication feed to 3 to get rid of this error message.

    On top of that, when looking at the content of the feed, I see that some parts of my PHP script included in the posts are not correctly executed, while no problem like this appears when viewing the post itself. It seems that my PHP script is not able to open some data file when called by the feed.

    Any thoughts ?

  15. Hello.

    Has anybody encountered the problem in which the layout of the sidebar goes beyond the margin?

    In my site, I had been using three column sidebar, but with this, something got into it such that the layout goes beyond that. And when I turned to only two column, everything was fine.

  16. I cannot get the plug-in to work. I am receiving the following error:
    Fatal error: Call to undefined function: current_user_can() in …/html/blog/wp-content/plugins/runPHP/runPHP.php on line 330

  17. This works also on PHP5 running WP 2.5.1

    PhpExec stopped working which made me look into other possibilities like this one. This is even a better solution, thanks a lot !!!!

  18. Thanks so much for this terrific plugin. I’m still in the process of getting my site set up, but being able to execute php code from within the WordPress framework is fantastic. Thanks again!

  19. Hi,
    I installed your plugin having recently tried ExecPHP, Hana, and indeed a couple of others. As admin and with the visual turned off the page when saved comes back with the code trashed. Using WPMU 1.5.1 which is roughly similar to WP 2.5.1.

    Anyone else got this issue?

  20. an update:
    I think its poss the problem is either WPMU or another plugin, just tried runPHP on my standalone 2.5.1 WP and its ok.
    Any ideas?

  21. This plugin is a God-send. thank you.

    I only have the one problem…

    Warning: fread() [function.fread]: Length parameter must be greater than 0 in /path/to/wordpress//plugins/runPHP/runPHP.php(410) : eval()’d code on line 4

    I’m getting that whenever I use php. Any ideas?

  22. It generates an error when I tick mark “run php”

    error is
    Parse error: syntax error, unexpected T_STRING in /home/neeraj/public_html/tutorialwebdesign/wp-content/plugins/runPHP/runPHP.php(410) : eval()’d code on line 1

    eval() box is not in my wp i m using 2.6.2…
    plz suggest How can i rectify this..


Comments are closed.