<font face="tahoma,sans-serif">Hello All,</font><div><font face="tahoma,sans-serif"><br></font></div><div><font face="tahoma,sans-serif">First thanks for all answers/suggestions and questions/concerns.</font></div><div><span class="Apple-style-span" style="font-family: tahoma, sans-serif; ">Let me answer them all one-by-one. :-)</span></div>
<div><font face="tahoma,sans-serif"><br></font></div><div><font face="tahoma,sans-serif"><br></font></div><div><font face="tahoma,sans-serif"><b>@Philip Walton:</b></font></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<font face="tahoma,sans-serif"><span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; ">Out of curiosity, why are you wanting them to be able to execute PHP? I would think that someone savvy enough to hand code PHP into a textarea would be savvy enough to add it to the functions.php.</span></font></blockquote>
<div><br></div><div>I agree.</div><div>In fact that why on <a href="http://rtpanel.com">rtpanel.com</a> our extensive documentation will contain articles on how to create child themes with style.css & function.php.</div>
<div><br></div><div>We still need a way to do some frequent task like as outlined in following example:</div><div><ol><li>we have hook in theme to control what gets displayed beside logo in header</li><li>we assume people will display ads or some banners which will change from time to time so having a textarea in backend will save time for such frequent edits</li>
<li>I understand this can be done via plugin, but I am just trying to keep plugin dependency to lowest</li></ol></div><div>This may not be a good reason but I am more concerned with givin options which has its downside as well (like broken theme due to improper PHP code)</div>
<div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; ">Or perhaps, if you're worried about upgrades overwriting such modifications, you could make your own custom-functions.php file that isn't controlled by svn. (Actually, that still may get deleted in an upgrade, someone else would have to confirm.)</span></blockquote>
<div><font face="tahoma,sans-serif">"Upgrades" was one of biggest concern.</font></div><div><font face="tahoma,sans-serif">Regarding "custom-functions.php" - any good way to handle it in multisite environment? Apart from one parent, multiple child-themes.</font></div>
<div><font class="Apple-style-span" face="tahoma, sans-serif"><br></font></div><div><font class="Apple-style-span" face="tahoma, sans-serif">Idea was in multisite environment, using eval() "different" action handlers will be executed for one common theme on different site.</font></div>
<div><font class="Apple-style-span" face="tahoma, sans-serif">Not sure if this is acceptable use-case but this was functionality we wanted across our own blog-network and hence the efforts were taken in this direction.</font></div>
<div><font class="Apple-style-span" face="tahoma, sans-serif"><br></font></div><div><font class="Apple-style-span" face="tahoma, sans-serif">==</font></div><div><font face="tahoma,sans-serif"><br></font></div><div><font face="tahoma,sans-serif"><b>@Justin Tadlock</b></font></div>
<div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<font face="tahoma,sans-serif"><span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; ">Why not just make a plugin for this to extend the theme?</span></font></blockquote>
<div>We are already done with developing a plugin. But I felt my use case (above mentioned) is legitimate one.</div><div>So wanted to have a conversation here to get different opinions from community member here. </div><div>
I don't expect eval() to be allowed but wanted to see what are alternatives if some critical need arise. </div><div>Please note that I do not consider my use case a "critical" case. ;-)</div><div><br></div>
<div>
==</div><div><br></div><div><b>@Otto</b></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<b><meta charset="utf-8"><span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; font-weight: normal; ">add_action( $action_hook, create_function( '' , '?>'. $php_code ) );</span></b></blockquote>
<div>Seems WOW. I will definitely play with this. :-)</div><div><b><br></b></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; ">There's entirely too much potential for users to put<br></span><span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; ">in bad PHP code, break their site, then not understand why.</span></blockquote>
<div>Yep. Also as codes in test-area would go inside database, downloading fresh copy of theme would not have helped.</div><div>Keeping that in mind, we choose plugin way rather than giving users way to "reset" hooks.</div>
<div><br></div><div>==</div><div><br></div><div><b>@Edward Caissie</b></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<meta charset="utf-8"><span class="Apple-style-span" style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; ">This definitely sounds like plugin territory; there is no reason the Theme author could not write into their documentation a recommended plugin to enhance the Theme's functionality (provided the plugin is not "required" for the Theme to work correctly).<br>
</span></blockquote><div>We are already created theme & plugin.</div><div>Soon plugin will go live on extend so that we will have its slug.</div><div>Next, we will give a one-click option to theme users if then want to install a plugin to edit hooks inside theme. This option will have link to alternative documentation page where recommendation and tutorial on how to create child themes will be given.</div>
<div><br></div><div><br></div><div>==</div><div><br></div><div>So far, I believe, exploring eval() like alternative is not good idea. </div><div>Though I will try create_function as suggested by Otto and see how it works. </div>
<div><br></div><div>Thanks all for your time... :-)</div><div> </div><div>-Rahul</div><font face="tahoma,sans-serif"><div style="border-collapse: collapse; font-family: arial, sans-serif; font-size: 13px; "></div></font><span style="font-family:tahoma, sans-serif">--<br>
Rahul Bansal | Founder & CEO | rtCamp Solutions Pvt. Ltd.<br>Skype: rahul286 | Twitter: @rahul286 | Web: <a href="http://rtcamp.com/" target="_blank">http://rtcamp.com/</a><br></span><br>
<br><br><div class="gmail_quote">On Thu, Apr 28, 2011 at 11:48 PM, Edward Caissie <span dir="ltr"><<a href="mailto:edward.caissie@gmail.com">edward.caissie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
This definitely sounds like plugin territory; there is no reason the Theme author could not write into their documentation a recommended plugin to enhance the Theme's functionality (provided the plugin is not "required" for the Theme to work correctly).<br>
<br><br>Cais.<div><div></div><div class="h5"><br><br><div class="gmail_quote">On Thu, Apr 28, 2011 at 1:56 PM, Otto <span dir="ltr"><<a href="mailto:otto@ottodestruct.com" target="_blank">otto@ottodestruct.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I'd seriously recommend against allowing users to input PHP code into<br>
a theme's form field for execution... allowing them to paste in custom<br>
HTML should be more than enough.<br>
<br>
But... if I was going to do something like this, I'd use<br>
create_function instead of eval.<br>
<br>
add_action( $action_hook, create_function( '' , '?>'. $php_code ) );<br>
<br>
That said, I would be highly reluctant to do or allow this sort of<br>
thing in a theme. There's entirely too much potential for users to put<br>
in bad PHP code, break their site, then not understand why. The PHP<br>
Code Widget I created years ago when widgets were new is probably my<br>
most popular plugin, and I still get emails with people telling me<br>
it's broken when it's really just their own bad copy-pasted code.<br>
<br>
This sort of thing is better off put into a plugin, so that it can be<br>
disabled at will.<br>
<font color="#888888"><br>
-Otto<br>
</font><div><div></div><div><br>
<br>
<br>
On Thu, Apr 28, 2011 at 6:58 AM, Rahul Bansal <<a href="mailto:rahul.bansal@rtcamp.com" target="_blank">rahul.bansal@rtcamp.com</a>> wrote:<br>
> Hi All,<br>
> In next theme, we are preparing for open-source release, we want to provide<br>
> a "hooks-editor" interface.<br>
> Like many pro themes, we have added a lot of custom action & filter hooks in<br>
> our theme code base.<br>
> In admin area, we plan to provide list of hooks, each coupled with a<br>
> textarea, which can be used to post php-html codes in them (like<br>
> action-handlers)<br>
> Now, to "execute" action handlers in textarea, we need to use eval()<br>
> function in PHP which is prohibited here.<br>
> So what are my alternatives here?<br>
> Just a note - we do not want to provide custom.css and/or<br>
> custom-functions.php files (like thesis provides) as they are hard to<br>
> maintain in multisite environment.<br>
> Also child-theme support is not yet present on repo so creating child themes<br>
> with style.css & function.php (to declare action handlers) is not feasible<br>
> either at this stage.<br>
> Please suggest something.<br>
> Thanks,<br>
> -Rahul<br>
> --<br>
> Rahul Bansal | Founder & CEO | rtCamp Solutions Pvt. Ltd.<br>
> Skype: rahul286 | Twitter: @rahul286 | Web: <a href="http://rtcamp.com/" target="_blank">http://rtcamp.com/</a><br>
><br>
><br>
</div></div><div><div></div><div>> _______________________________________________<br>
> theme-reviewers mailing list<br>
> <a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
><br>
><br>
_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
</div></div></blockquote></div><br>
</div></div><br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br></div>