Articles in 2015

Drupal's PHP filter enables users to use raw PHP code in text fields. While this is an extremely powerful ability, it quickly leads to serious security issues. Users with the ability to insert PHP code into your site, can practically do anything they want with your site. Also the PHP code is stored in the database and lives outside of your normal workflow. My Insert PHP module tries to fix the limitations of the PHP filter and provides a safer way to include raw PHP in your Drupal site.