Is it safe to store php code in the database?

IMO it is safer than editing functions.php, because you get the data from database server.

And this is much easier way because you can easily make different versions and select the best one.

Plugin with direct PHP is IMO bad. In a Finnish conversation with plugins like PHP Execution are risky. The keymaster recommended not to use those.

Use Code Snippet and create shortcodes, which is the most safest way, IMO.

In theory, I don’t think there’s too much difference between using a custom table or post data table for storage – it’s all down to how the particular method is implemented, as the data is stored in the database either way. There are plugins like Custom CSS (which is now part of Jetpack) which uses a custom post type as the backend for storing data in the database.

In the case of PHP Execution, it seems to embed code directly in posts and pages. I’d say that, generally speaking, this probably isn’t the best way of doing things, as it essentially means that all content is treated as if it was a PHP file. This raises the likelihood of accidentally including PHP tags containing problematic code inside a post.

I think it’s very beneficial to have custom code stored in a centralised place – like inside a custom table or a specific post type – where it can be checked and monitored if necessary instead of having it littered through all of the site’s content.

@tapiohuuhaa Thank you for your kind reply.
@bungeshea Thank you for your patient explanation, and that really helps me know how this plugin works.