Extension:PHPTemplates

This extension allows you to embed white-listed PHP code in pages. Why the misnomer "PHPTemplates"? Because ultimately for reviewing code similar to Extension:FlaggedRevs, it would be nice to limit PHPTemplates's scope to templates starting with <?php. However, it is much easier at this time to plug into the MediaWiki parser via the general tag hook.

Usage [edit]

<phpcode>$a=$b+$c;echo($a);</phpcode>

That's all at this moment (yes, it will output "0"). The PHP grammar is rather complex, and trimming it down takes time.

Download instructions [edit]

Please copy and paste the code found at GitHub and place it under $IP/extensions/PHPTemplates/. Note: $IP stands for the root directory of your MediaWiki installation, the same directory that holds LocalSettings.php.

Installation [edit]

To install this extension, add the following to LocalSettings.php:

require_once("$IP/extensions/PHPTemplates/PHPTemplates.php");

Limiting your users' freedom [edit]

You can enhance PHPTemplates to somewhat cap the resources used. Duly note that enhancing in this context means amending the grammar and generating a new parser.

Validation [edit]

While parsing the source, you can count the number of statements and their levels of nesting and require that certain limits are not exceeded.

Runtime [edit]

Instead of just validating the source, you can amend it on the fly and transform for example:

while (true);

to:

while (wfAbortIfResourcesLimitExceeded () && (true));

There will probably be some bombs that cannot be guarded against this way, but it should cover most common mistakes.

Extension:PHPTemplates

Contents

What can this extension do? [edit]

Usage [edit]

Download instructions [edit]

Installation [edit]

Limiting your users' freedom [edit]

Validation [edit]

Runtime [edit]

See also [edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Support

MediaWiki.org

Development

Print/export

Toolbox