[pmwiki-users] Include PHP Script in Page Markup

Clemens Gruber cgruber at uni-osnabrueck.de
Sat Aug 12 10:18:31 CDT 2006


Hallo Patrick,

many thanks for the (:includephp .. :) markup! It works realy fine and 
it is exactly that whar I was looking for -- actually a bit better, you 
can _not only_ include a php skript in one page, also normal PmWiki code.


Patrick R. Michaud wrote:

>scripts know to output their own <html>..<head>..<body> tag sequences,
>so if script.php does this then it won't render correctly within
>the context of another page (unless you use a frame or iframe of
>some sort).
>  
>

This is not a problem in my case, I have adjusted the original php scipt 
to output no <html>..<head>..<body> tags.


>There's also the issue that the output of the script needs to be
>inserted into the output at the point of the (:includephp:) line.
>For a variety of reasons, PmWiki processes *all* of its markup
>before doing any output, so if script.php generates any output
>directly (as most scripts do), then that will end up being sent
>to the browser well before PmWiki's output begins.  What has
>to happen is that the output from script.php has to be captured
>and then inserted into PmWiki's output stream at the appropriate
>place.
>  
>

Ok, I see.

>All that said, the easiest first step might be to try the
>IncludeUrl recipe and see what happens.
>  
>

It's for relativ static output ok. Because you have to set a defined 
height its sometimes problematic. And some people don't like objekt or 
iframes due to differen reasons.

>If you really want to include a php script directly, then perhaps
>something like:
>
>    function IncludePHP($pagename, $script) {
>      ob_start();
>      include($script);
>      $html = ob_get_contents();
>      ob_end_clean();
>      return $html;
>    }
>
>    Markup('includephp', 'directives',
>      '/\\(:includephp (.*?):\\)/e',
>      "Keep(IncludePHP(\$pagename, '$1'))");
>
>All of Balu's security concerns are correct -- as written here it 
>would be easy for a malicious author to do some nasty mischief.
>This is just to give some idea of how to create the markup in the
>first place.
>

One advisement to the security problem. You can enable this Markup only 
for one group or one page.

Best regards
Clemesn





More information about the pmwiki-users mailing list