Tell me more ×
Drupal Answers is a question and answer site for Drupal developers and administrators. It's 100% free, no registration required.
up vote 0 down vote favorite

At each time I write PHP code in blocks and views, I always think about this question : "What are the downsides of using 'custom' PHP code in blocks, nodes, views-args, etc?".

Is it a great idea to make users able to send php files instead of writting it. It would be a first step to manage the code after with name conventions to find the code easily and to be also able to read easily the code?

Or it's just a stupid idea that will generate a security mess ??

share|improve this question
3  
What feature would this support? This seems so wrong to me that I almost get upset! Cant say if I find eval or uploaded code worse than the other, but both are really really wrong. Dont do it. At all. Ever. – Letharion Feb 22 at 8:29
Just to clarify that this doesn't have anything with jramby or this question in particular to do. I get a bit upset every time I see this type of question, and habitually down-vote any answers that suggest using the PHP-filter. – Letharion Feb 22 at 8:46
I understand, but is there any solution that doesn't suggest using PHP-filter ?... Because in any case this is a real need in most of drupal install... tell me if I'm wrong... and don't be upset too much ;) – jramby Feb 22 at 8:50
5  
Well, jramby, that's why I asked what feature this functionality would support. Why do you need this? I even run my servers with eval() disabled in PHP. I can think of no reason to use it, but there could be reasons I'm not thinking off. My suggestions is that you rather ask "How do I implement feature X without php-filter". – Letharion Feb 22 at 9:35
1  
Part of me is actually surprised/irritated that php.module is still in D8 core. I could swear there was talk of removing it. – Chapabu Feb 22 at 9:53
show 4 more comments

1 Answer

up vote 1 down vote accepted

I think the solution is to put PHP codes in hooks... And anyone could say that it's insane to create a module just for one or two lines of codes... But most of time, drupal users has to do somthing like this several times in drupal. So why not combine all these hooks in one module that we might call whatever we want. So then just well-comment the code for good reading.

The little snag is : is there hook for each actions where we can add php code ?

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.