Wordpress - What is your best practice to execute one-time scripts?
I for myself use a combination of:
- one file dedicated to the one-time script
- using a transient to stop the script from accidentally running more than once
- using capability-management or user-control to ensure the script is just run by me.
Structure
I use a file (onetime.php
) in my include-folder inc
, which is included in the functions.php
, and deleted from there after the use.
include( 'inc/onetime.php' );
The file for the script itself
In my onetime.php
my function f711_my_onetime_function()
is placed. As it could be any function. I assume your script is tested and works correctly.
To achieve the control over the execution of the script, I use both
Capability control
To stop other users from accidentally executioning my script:
if ( current_user_can( 'manage_options' ) ) // check for administrator rights
or
if ( get_current_user_id() == 711 ) // check if it is me - I prefer restricting the execution to me, not to all admins.
a transient
to stop myself from accidentally executing the script more than once.
$transient = 'f711_my_onetime_check';
if ( !get_transient( $transient ) ) // check if the function was not executed.
The file for executing the script in my function f711_my_onetime_function()
would look like that:
$transient = 'f711_my_onetime_check';
if ( get_current_user_id() == 711 && !get_transient( $transient ) ) {
set_transient( $transient, 'locked', 600 ); // lock function for 10 Minutes
add_action( 'wp_footer', 'f711_my_onetime_function' ); // execute my function on the desired hook.
}
function f711_my_onetime_function() {
// all my glorious one-time-magic.
}
The reason I set the transient immediately after the check if it exists is that I want the function to be executed after the script has been locked from beeing used twice.
If I need any output from my function, I either print it out as a comment in the footer, or sometimes I even filter the content.
The lockouttime is set to 10 Minutes, but can be adjusted to your needs.
Cleanup
After the successful execution of my script I delete the include
from the functions.php
, and remove the onetime.php
from the server. As I used a timeout for the transient, I do not need to clean the database, but of course you could also delete the transient after you removed the file.
You can also do this:
run onetime.php
and rename it after execution.
if ( current_user_can( 'manage_options' ) ) {
if( ! file_exists( '/path/to/onetime.php' ) )
return;
add_action( 'wp_footer', 'ravs_my_onetime_function' ); // execute my function on the desired hook.
}
function ravs_my_onetime_function() {
// all my glorious one-time-magic.
include( '/path/to/onetime.php' );
// after all execution rename your file;
rename( '/path/to/onetime.php', '/path/to/onetime-backup.php');
}
I created a command line Phing script for this, it's nothing special other than loading an external script to run. The reason I used it via the CLI is because:
- I don't want it to load by mistake (need to type a command)
- It's secure since it can be run outside the web root, in other words it can effect WP but WP cannot reach the script in any way.
- It does not add any code to WP or the DB itself.
require('..path to ../wp-blog-header.php');
//bunch of WP globals
define('WP_USE_THEMES', false);
//custom code
So you can use Phing, or the PHP CLI and sleep at night. The WP-CLI is also a good alternative though I forget if you can use it outside the web root.
Since this is a popular post here is an example of the script: https://github.com/wycks/WordPhing (run.php)