Restrict PHP plugin provides way to restrict certain users or group of users (roles) from inserting and editing PHP code in page parts.
The check is done in page part content before saving the page part data. If one of these tags is detected in page-part and the editing user hasn't got permission to edit php code, the page-parts' changes won't be saved.
When Restrict PHP plugin is enabled a new permission edit_parts_php and a new role Php Editor is added. Users having administrator role can always edit and create PHP code.
It checks for existence of the following PHP opening tags:
<?php- standard PHP opening tag<?- short opening tag<%- ASP-style opening tag<script language="php">- alternative opening tag checked (including with variants)
By default the plugin also assigns the edit_parts_php permission to developer role (if it exists).
A side effect of Restrict PHP plugin is ability to make page-parts containing php code read only for unauthorised users. You just put any php code into part contents and users without edit_parts_php permission won't be able to alter that page part.
Unauthorised users can't delete page parts containing PHP code.
Please note that this plugin is not guaranteed to be 100% effective in preventing PHP code editing. If you manage to hack it let me know.
0.0.6
- Compatibility with part_revisions plugin - Restrict PHP is always run first
0.0.4
- bugfixes
0.0.2
- prevent unauthorised users from removing page parts containing PHP code
- allow xml opening tags to be edited