Includephp Plugin  

Overview

The includephp plugin allows you to embed and execute PHP files within CMSimple_XH content, while maintaining security. Only PHP files located inside a designated /php subdirectory are permitted.

How It Works

  1. Checks that CMSimple_XH is active (prevents direct access).
  2. Receives a filename parameter from the CMS content tag, e.g. {{{includephp('example.php')}}}.
  3. Cleans and validates the input path.
  4. Allows inclusion only from the plugin’s /php folder.
  5. Includes and executes the file, capturing its output via output buffering.

Security Features

  • Restricts file access to the /php directory.
  • Uses realpath() to prevent directory traversal (e.g., ../ attacks).
  • Verifies that the file exists and is inside the safe path.
  • Returns a harmless HTML comment if the file is invalid or missing.

Example Usage

{{{includephp('example.php')}}}

{{{includephp('slideshow.php')}}} — responsive image slideshow

{{{includephp('videoplayer.php')}}} — HTML5 video player

{{{includephp('youtube.php')}}} — YouTube embed helper

{{{includephp('audioplayer.php')}}} — audio player

{{{includephp('photoalbum.php')}}} — photo gallery

{{{includephp('openstreetmap.php')}}} — OpenStreetMap

{{{includephp('gdpr_map.php')}}} — OpenStreetMap compliant with the GDPR


Where example.php resides in:

plugins/includephp/php/example.php

Code Summary

  • Plugin Name    includephp
  • CMS    CMSimple_XH Function    Embeds and executes PHP files safely within content
  • Security    Restricts inclusion to a specific directory using realpath()
  • Output Handling    Captures and returns output via ob_start() / ob_get_clean()
  • Fallback    Returns an HTML comment if the file is disallowed or missing  

Optional Enhancements

  • Allow only files with .php extension.
  • Add error logging or exception handling.
  • Implement caching for frequently used includes.

Make Your Website Dynamic with IncludePHP

Bring your website to life with IncludePHP, a collection of easy-to-use PHP modules for media, maps, and interactive content. From audio and video players to photo galleries and OpenStreetMap integration — everything you need in one complete package.

  •  Add audio and video players with ease
  •  Create beautiful slideshows and photo albums
  •  Integrate interactive maps using OpenStreetMap
  •  Simple setup and full customization options
  •  Includes help files and ready-to-use examples

Make your website dynamic, professional, and engaging with IncludePHP — the smart toolkit for every web developer!

 

Version: 1.0
Author: Jan van der Mars
Purpose: Safely include PHP files inside CMSimple_XH content.

© 2025 — includephp Plugin for CMSimple_XH

Keyword list: CMSimple_XH, CMS plugin, IncludePHP plugin, Includephp plugin, PHP embedding, audio player, maps integration, slideshows, video player

Submenu