Extension:Secured PHP

From MediaWiki.org

Jump to: navigation, search

       

Manual on MediaWiki Extensions
List of MediaWiki Extensions
Crystal Clear action run.png
Secured PHP

Release status: beta
Implementation  Tag
Description Gives allowed users the ability to add PHP code to pages.
Author(s)  ShaiaquaTalk
License No license specified
Download see below

check usage (experimental)

This extension allows users with the scripting right to add PHP code to pages, with the {{#php: }} function.

Contents

[edit] Usage

Example:

In Article:

{{#php: hi|1=hi &2=.$wgUser->getName()}}

PHP:hi:

global $wgUser; echo '{{{1}}}'{{{2|}}};

[edit] Download instructions

Please cut and paste the code found below and place it in $IP/extensions/Secured_PHP/Secured_PHP.php and $IP/extensions/Secured_PHP/Secured_PHP.i18n.php. Note: $IP stands for the root directory of your MediaWiki installation, the same directory that holds LocalSettings.php.

[edit] Installation

To install this extension, add the following to LocalSettings.php:

require_once("$IP/extensions/Secured_PHP/Secured_PHP.php");

A patch to this code that allows for defaults in parameter syntax is available on the Talk Page

[edit] Code

[edit] Secured_PHP.php:

<?php
# create namespace
define("NS_PHP",120);
define("NS_PHP_TALK",121);
$wgExtraNamespaces[NS_PHP] = "PHP";
$wgExtraNamespaces[NS_PHP_TALK] = "PHP_talk";
# protect namespace
$wgNamespaceProtection[NS_PHP] = Array("scripting");
$wgNamespacesWithSubpages[NS_PHP] = true;
$wgGroupPermissions['*']['scripting'] = false;
$wgGroupPermissions['scripting']['scripting'] = true;
$wgAvailableRights[] = 'scripting';
$wgExtensionMessagesFiles['Secured_PHP'] =  dirname(__FILE__) . '/' . 'Secured_PHP.i18n.php';
$wgExtensionFunctions[] = "wfSecuredPHPExtension";
$wgHooks['LanguageGetMagic'][]       = 'efPhp_Magic';
$wgExtensionCredits['parserhook'][] = array(
  'name' => 'Secured PHP',
  'author' => 'Shaiaqua',
  'url'            => 'http://www.mediawiki.org/wiki/Extension:Secured_PHP',
  'description' => 'Lets you run PHP code in an authorized and secure way',
);
function wfSecuredPHPExtension() {
    global $wgParser;
    $wgParser->setFunctionHook( "php", "renderSecuredPHP" );
    wfLoadExtensionMessages('Secured_PHP');
}
function efPhp_Magic( &$magicWords, $langCode ) {
    $magicWords['php'] = array( 0, 'php' );
    return true;
}
function renderSecuredPHP( &$parser, $param1 = '', $param2 = '' ) {
    $title    = Title::makeTitleSafe( NS_PHP, $param1 );
    if(!$title)return false;
    $revision = Revision::newFromTitle( $title );
    if(!$revision)return false;
    $wikitext = $revision->getText();
    if($param2){
        $params = explode('&',$param2);
        foreach($params as $param)
        {
            $param = explode('=',$param);
            $wikitext = str_replace('{{{'.$param[0].'|}}}',$param[1],$wikitext);
            $wikitext = str_replace('{{{'.$param[0].'}}}',$param[1],$wikitext);
        }
    }
    $wikitext = preg_replace('/{{{[^}]+\|}}}/','',$wikitext);
    ob_start();
    $callback = eval( $wikitext );
    $output = ob_get_contents();
    ob_end_clean();
    return array($output, 'noparse' => true, 'isHTML' => true);
}

[edit] Secured_PHP.i18n.php:

<?php
$messages = array();
$messages['en'] = array(
        'group-scripting'            => 'Scripters',
        'group-scripting-member'     => 'Scripter',
        'grouppage-scripting'        => '{{ns:project}}:Scripting',
        'right-scripting'            => 'Run PHP code',
);

[edit] See also

Retrieved from "http://www.mediawiki.org/wiki/Extension:Secured_PHP"