PHP in Templates

Very Important: Enabling PHP in a template will enable anyone with editing rights for that template to become a de-facto Super Admin since they can execute any PHP they want in that template, including PHP that can reveal information about your system, PHP that can delete data from your database, etc. Exercise extreme caution before enabling this option if you permit others to edit your templates. For security reasons, PHP parsing is disabled in the Hosted trial version of ExpressionEngine.

ExpressionEngine allows you to place PHP code within your Templates so that it can be executed, allowing more dynamic capability with your content.

PHP preferences can be set for each Template individually, which means that you can decide which of your Templates, if any, will be able to parse PHP code inside it. You can access the settings for this under the Preferences link for any Template Group in the Templates section.

PHP settings for each Template are honored on a per-Template basis, which means that you can embed a Template that has PHP enabled into another Template which does not have PHP enabled.

Preferences

Allow PHP?

Setting this preference to "Yes" will allow you to have PHP code parsed within your Template.

PHP Parsing Stage

There are two options that determine when PHP gets parsed:

  1. Input: PHP parsed at the "input" stage will be parsed before ExpressionEngine Tags get parsed. This setting allows you to affect the Template before it is interpreted. Input parsing will allow you to do things such as:

    {exp:weblog:entries limit="<?php echo $limit; ?>"}

    or

    <?php
          if ($size == "big")
          {
                echo "{exp:weblog:entries limit='50'}";
          }
          else
          {
                echo "{exp:weblog:entries limit='2'}";
          }
    ?>
  2. Output: PHP parsed at the "output" stage will be the last thing done, which means it will be parsed after the ExpressionEngine tags are interpreted. This will allow you to use PHP to affect the "rendered Template".

Top of Page

User Contributed Notes

Posted by: Mirage on 17 May 2009 5:47pm
Mirage's avatar

Be advised that the template parser will temporarily replace XML declarations in the template source. So if you used a PHP enabled template and had a string literal looking like this

$xmlstr='<?xml version="1.0" encoding="utf-8"?>';

and relied on it working in your script, it will fail. You can cheat the regular expression responsible for that by doing this:

$xmlstr='<?'.'xml version="1.0" encoding="utf-8"?>';

Discussion here: http://expressionengine.com/forums/viewthread/114657/

Posted by: Ingmar Greil on 20 March 2009 2:47am
Ingmar Greil's avatar

Please do take note that some things are parsed even after PHP on “Output”; mainly “Advanced Conditionals”, embedded templates and, perhaps most importantly, Standard and User-Defined Global Variables (including path and stylesheet). The wiki has even more on the subject of Parse Order.

You must have an ExpressionEngine license and have attained a forum rank of "Lab Assistant" (100 posts) to contribute notes to the User Guide