If the admin configuration option “allow_article_php_scripting” is on, < txp:php> @< /txp:php>@ is supported in article bodies. By default, PHP scripts are only run when the author of the article is a publisher or editor.

The user premissions required for PHP code in article bodies are defined in lib/admin_config.php, as 'article.php':

'article.php' => '1,2',

To allow different user levels to run PHP code in their articles, edit the levels (the comma-separated numbers) on that line. But be careful: this is a PHP file, so the syntax must be correct.


If you are using Textile, be sure to escape it:

notextile. <txp:php> // your PHP code </txp:php>

or you will end up with nasty errors like:

Parse error: parse error, unexpected ‘&’ in /path/to/your/site/textpattern/publish/taghandlers.php(2688) : eval()‘d code on line 2


By giving someone permission to run PHP code, you effectively give them permission to bypass all of Textpattern’s built-in security. Any user with permission to run PHP code can, intentionally or accidentally, modify or delete anything in your database, crash your site, and so on.