Wordpress - What is your best practice to execute one-time scripts?

I for myself use a combination of:

  • one file dedicated to the one-time script
  • using a transient to stop the script from accidentally running more than once
  • using capability-management or user-control to ensure the script is just run by me.

Structure

I use a file (onetime.php) in my include-folder inc, which is included in the functions.php, and deleted from there after the use.

include( 'inc/onetime.php' );

The file for the script itself

In my onetime.php my function f711_my_onetime_function() is placed. As it could be any function. I assume your script is tested and works correctly.

To achieve the control over the execution of the script, I use both

Capability control

To stop other users from accidentally executioning my script:

if ( current_user_can( 'manage_options' ) ) // check for administrator rights

or

if ( get_current_user_id() == 711 ) // check if it is me - I prefer restricting the execution to me, not to all admins.

a transient

to stop myself from accidentally executing the script more than once.

$transient = 'f711_my_onetime_check';
if ( !get_transient( $transient ) ) // check if the function was not executed.

The file for executing the script in my function f711_my_onetime_function() would look like that:

$transient = 'f711_my_onetime_check';
if ( get_current_user_id() == 711 && !get_transient( $transient ) ) {

    set_transient( $transient, 'locked', 600 ); // lock function for 10 Minutes
    add_action( 'wp_footer', 'f711_my_onetime_function' ); // execute my function on the desired hook.

}

function f711_my_onetime_function() {
    // all my glorious one-time-magic.
}

The reason I set the transient immediately after the check if it exists is that I want the function to be executed after the script has been locked from beeing used twice.

If I need any output from my function, I either print it out as a comment in the footer, or sometimes I even filter the content.

The lockouttime is set to 10 Minutes, but can be adjusted to your needs.

Cleanup

After the successful execution of my script I delete the include from the functions.php, and remove the onetime.php from the server. As I used a timeout for the transient, I do not need to clean the database, but of course you could also delete the transient after you removed the file.


You can also do this:

run onetime.php and rename it after execution.

if ( current_user_can( 'manage_options' ) ) {

    if( ! file_exists( '/path/to/onetime.php' ) )
      return;
    add_action( 'wp_footer', 'ravs_my_onetime_function' ); // execute my function on the desired hook.

}

function ravs_my_onetime_function() {

    // all my glorious one-time-magic.
    include( '/path/to/onetime.php' );

   // after all execution rename your file;
   rename( '/path/to/onetime.php', '/path/to/onetime-backup.php');
}

I created a command line Phing script for this, it's nothing special other than loading an external script to run. The reason I used it via the CLI is because:

  • I don't want it to load by mistake (need to type a command)
  • It's secure since it can be run outside the web root, in other words it can effect WP but WP cannot reach the script in any way.
  • It does not add any code to WP or the DB itself.

require('..path to ../wp-blog-header.php');
//bunch of WP globals
define('WP_USE_THEMES', false);
//custom code

So you can use Phing, or the PHP CLI and sleep at night. The WP-CLI is also a good alternative though I forget if you can use it outside the web root.

Since this is a popular post here is an example of the script: https://github.com/wycks/WordPhing (run.php)