🤯 50% Off! 700+ courses, assessments, and books

How to Develop a PHP File Include Plugin for WordPress

    Craig Buckler

    WordPress can save developers weeks of effort. It’s difficult to justify writing your own CMS when it offers so many features. That said, there are times when you want to inject your own PHP code; perhaps a custom form or a report generated by another system.

    To insert your code on every WordPress page or post, you can simply add a PHP include() function to page.php or single.php accordingly, e.g.


    Assuming mycode.php resides in your theme folder (wp-content/themes/theme-name), it will be included and executed at that point.

    But what if you need to include a file on a specific post/page or within the middle of a content block? We need a WordPress plugin…

    Creating the Plugin

    Create a new file named php-include.php in your plugins folder (wp-content/plugins) and add a header so it can be identified by WordPress:

    Plugin Name: PHP File Includer
    Plugin URI: https://www.sitepoint.com/
    Description: Include PHP files using a shortcode
    Version: 1.0
    Author: Craig Buckler
    Author URI: http://optimalworks.net/
    License: Use this how you like!

    This is followed by our primary function, PHP_Include(). It expects an array of parameters although we’re just using one — file. If it’s not passed, file set to ‘default’:

    // include PHP file
    function PHP_Include($params = array()) {
    	    'file' => 'default'
    	), $params));
    	include(get_theme_root() . '/' . get_template() . "/$file.php");
    	return ob_get_clean();

    The function assumes you’re requesting a file which resides in the theme folder. The last three lines include the file and return its executed contents using PHP’s output buffering functions.

    warning: With great power…

    …comes great responsibility. This plugin may be small but it allows anyone to execute arbitrary code. That’s not be a problem if you’re the sole editor of your own blog, but you should be wary of other users.

    Optionally, you could modify the include statement’s location or only permit files with a specific name pattern, e.g. “/include/mycode-$file.php”. This should safeguard against users including any PHP file.

    Finally, we’ll register our function as a shortcode handler:

    // register shortcode
    add_shortcode('phpinclude', 'PHP_Include');

    Save the file and activate the plugin in your WordPress control panel.

    Including a PHP File

    The following shortcode can now be added to any page or post:

    [phpinclude file='mycode']

    Assuming mycode.php exists in your theme’s folder, it will be inserted at that point in the content.

    I hope you find it useful.