Any PHP in a post will either be stripped out or hacked up by the parsers and security modules until it would not execute. Even it were left intact there should be nothing in b2evolution that would do an eval on your post so it still wouldn't do anything.

It's also a big security problem, isn't it?

Yes, very much so because any random person could trick b2 into giving you the login information for the database, some user info including the MD5 of the password, etc.

I know there are times that it would be nice to have use PHP in a post but it is a bad thing on a site that untrusted people may be able to use. For instance the same code that does security testing on the post also does it for the comment system so if you let someone use PHP in a post, you are letting someone use it in a comment.

Is there something in particular that you are trying to do?

smpdawg wrote:

Yes, very much so because any random person could trick b2 into giving you the login information for the database, some user info including the MD5 of the password, etc.

For the time being it's only me ;)

smpdawg wrote:

Is there something in particular that you are trying to do?

It's not that I need PHP, it's just that I am used to writing in XHTML and PHP using all the shortcuts. I have already configured a lot of smilies for often used inline image. Things like that I would usually have in an include file and items as a variable.