plugins - Code Snippets security when selecting "only run on front end"

admin管理员组

文章数量:1125018

As I understand the functions.php only runs on the server and its source code is not provided to the browser on the client's side. Additionally, Code Snippets plug-in, assuming previous security vulnerabilities were patched, is supposed to add the code to functions.php.

What I am confused about is the option "only run on the front end/only run in administration area" when creating a snippet. The only way I can make sense of it is that when choosing such an option this is implemented by something similar to wrapping the code with a conditional statement with the is_admin() function. This means that the code still runs on the server but is run on the condition that the event that "triggered" (using this word loosely) the code to run should be initiated in an administration page/a normal page. Is my understanding correct?

The reason that I am asking is for security reasons, mainly if the code written in the snippets with "only run on front end" is accessible and potentially modifiable by the client.

本文标签： pluginsCode Snippets security when selecting quotonly run on front endquot