← All pluginsTest a location.
Inspect a URL.
Everything snippets,
Click around.
What you get
Clean public API.
Free for HTML, JS, CSS.
Stop paying for snippet injection.
Live · v2.0.0 · Free + Pro
OCodeInsert
Inject custom HTML, JavaScript, CSS, and PHP snippets anywhere on your site: head, before content, after content, footer, and 7 other locations. A lean alternative to WPCode. Snippets are scoped by page, prioritised, revisioned, linted by OIntel, and protected by Safe Mode with auto-recovery.
0Injection locations
4Snippet types
0Custom tables
0Revisions per snippet
// Feature preview
Test a location.
See what fires.
This is a UI simulation of OCodeInsert's built-in URL inspector, showing you exactly what snippets would fire for any page on your site. When installed, it reads your live snippets table and evaluates the conditions in real time.
Inspect a URL.
Read the matches.
Simulated demo. Runs automatically as you scroll. The real plugin reads live data from your snippet tables.
Demo simulation
Matches found·awaiting URL
Snippet count·awaiting URL
Conditions passed·awaiting URL
Total bytes injected·awaiting URL
// What it does
Everything snippets,
nothing extra.
One plugin. No external services. No tracking pixels phoning home. Your snippets, your server, your rules.
// 28 features · 3 custom tables · PHP execution gated by Pro
✓HTML snippet type
✓JavaScript snippet type (auto wrap)
✓CSS snippet type (auto wrap)
✓PHP snippet type (unfiltered_html + Pro)
✓Site head injection
✓Footer injection
✓Before content injection
✓After content injection
✓After paragraph N injection
✓Login page injection
✓404 page injection
✓Search results injection
✓Admin head injection
✓Before / after comments injection
✓7 OTheme-specific hook locations
✓Page type targeting
✓URL pattern targeting (wildcards)
✓User condition (logged-in / out)
✓User role targeting
✓Device targeting (mobile / desktop)
✓Schedule (start / end date)
✓Per-snippet priority ordering
✓4 statuses (published, draft, paused, archived)
✓Snippet revision history (25 per)
✓Safe Mode + auto-recovery on PHP fatal
✓Recovery URL token (24h, single-use)
✓OIntel linter (security + perf checks)
✓Snippet library with placeholders
✓Per-snippet execution log (10k cap)
✓[ocodeinsert id="..."] shortcode
// Explore the product
Click around.
It's all real.
Six interactive previews of the actual OCodeInsert admin. No screenshots; these are working mock-ups of what ships in the plugin.
12Total snippets
9Active
11Locations used
4Snippet types
Registered snippetslive sample
| Title | Type | Location | Status | Last fired |
|---|---|---|---|---|
| Google Analytics | JS | head | active | 2m ago |
| Cookie banner | HTML | footer | active | 2m ago |
| Author bio extension | HTML | after_content | active | 14m ago |
| Schema.org JSON-LD | HTML | head | active | 14m ago |
| Affiliate disclosure | HTML | after_paragraph | active | 1h ago |
| Login page styling | CSS | login_page | paused | 3d ago |
Schema.org JSON-LD · HTML · headediting
<script type="application/ld+json">
{
"@context": "https://schema.org",
"@type": "Article",
"headline": "<?php echo get_the_title(); ?>",
"datePublished": "<?php echo get_the_date('c'); ?>",
"author": {
"@type": "Person",
"name": "<?php the_author(); ?>"
}
}
</script>HTMLSyntax mode
headLocation
10Priority
singlePage type
Schema.org JSON-LD · revision history14 revisions
| Rev | Author | Saved | Status | Action |
|---|---|---|---|---|
| #14 | editor (id:14) | 2m ago | current | view |
| #13 | admin (id:1) | 2h ago | published | restore |
| #12 | editor (id:14) | 1d ago | published | restore |
| #11 | admin (id:1) | 3d ago | draft | restore |
| #10 | admin (id:1) | 1w ago | published | restore |
Plugin settingsglobal
enabled
true
Master kill switch for all snippets
safe_mode
false
Suspends snippet output globally
safe_mode_auto
false
Set true when shutdown handler trips
allowed_roles
administrator
Roles that can access OCodeInsert admin
recovery_expires
0
Unix ts of one-time recovery token
OTheme hooks
auto
7 extra locations if OTheme is active
3,418Fires (24h)
0Errors (24h)
0.42msMedian PHP time
10,000Log retention
Recent fireslive
| Snippet | URL | User | Fired |
|---|---|---|---|
| Google Analytics | /blog/post-1 | guest | 2s ago |
| Cookie banner | /about | guest | 4s ago |
| Schema JSON-LD | /blog/post-1 | guest | 4s ago |
| Author bio extension | /blog/welcome | id:14 | 12s ago |
| Affiliate disclosure | /reviews/headphones | guest | 22s ago |
Safe Mode statusoff
All snippets are firing normally. To disable execution site-wide, click Enable Safe Mode above. For emergency recovery from a locked admin, append
?oci_safe=1 to any URL while logged in as an admin.Safe Mode historylast 5 toggles
| When | Action | Triggered by | Reason |
|---|---|---|---|
| 3d ago | off | admin (id:1) | manual toggle |
| 3d ago | on | admin (id:1) | ?oci_safe=1 URL |
| 9d ago | off | admin (id:1) | manual toggle |
| 9d ago | on | editor (id:14) | PHP fatal caught |
| 21d ago | off | admin (id:1) | fresh install |
// Compare
What you get
vs. what they sell you.
Most snippet plugins for WordPress hit a paywall the moment you need conditions, revisions, or recovery. OCodeInsert ships every feature in the free version, no Pro tier, no add-ons.
| WPCode (Headers/Footers) | Code Snippets | Custom CSS & JS | OCodeInsert | |
|---|---|---|---|---|
| HTML / JS / CSS snippet types | HTML/JS only | ✓ | CSS/JS only | ✓ |
| PHP snippet type (capability + Pro gated) | paid add-on | ✓ | n/a | Pro |
| 11 injection locations | 3 (head/body/footer) | ✓ | 2 | Built in |
| After-paragraph N injection | no | paid add-on | no | Built in |
| URL pattern targeting (wildcards) | paid add-on | ✓ | no | Built in |
| User condition (logged-in / logged-out) | no | paid add-on | no | Built in |
| User role targeting | paid add-on | ✓ | no | Built in |
| Device targeting (mobile / desktop) | paid add-on | paid add-on | no | Built in |
| Schedule (start / end date) | paid add-on | paid add-on | no | Built in |
| Snippet revision history (25 per snippet) | no | ✓ | no | Built in |
| Safe Mode + auto-recovery on PHP fatal | partial | paid add-on | no | Built in |
| Recovery URL token (locked-out admins) | no | no | no | Built in |
| OIntel linter (security + perf checks) | no | no | no | Built in |
| Built-in snippet library with placeholders | paid add-on | no | no | Built in |
| Execution log (per snippet, 10k rows) | no | paid add-on | no | Built in |
| Per-snippet priority ordering | no | ✓ | no | Built in |
| CodeMirror syntax highlighting | ✓ | ✓ | ✓ | Built in |
| OTheme hook locations (7 extra) | no | no | no | Built in |
| Tracking pixels phoning home | yes | partial | no | Never |
| Pricing model | Free + $99 yr Pro | Free + $79 yr Pro | Free | Free + Pro for PHP |
// Built like real software
Clean public API.
Read the source.
Static OCI_Snippets and OCI_Settings APIs cover save, fetch, toggle, duplicate, status, revisions, and Safe Mode toggling. The OCI_Linter exposes security and performance checks. The snippets table is yours to query directly. Extend any subsystem without forking.
// Insert a snippet into the site <head> from PHP via the OCI_Snippets API. OCI_Snippets::save_snippet([ 'title' => 'Google Analytics', 'type' => 'js', 'location' => 'head', 'priority' => 10, 'status' => 'published', 'code' => "gtag('config', 'G-XXXXXXX');", ]); // Stored in {prefix}oci_snippets · auto-wrapped in <script> · gated by Safe Mode.
// Pricing
Free for HTML, JS, CSS.
Pro unlocks PHP.
HTML, JavaScript, and CSS snippets ship 100% free with every targeting rule, every injection location, revisions, OIntel linting, and Safe Mode. The PHP snippet type executes only with a Pro license on top of the WordPress unfiltered_html capability check.
// free
OCodeInsert Free.
HTML, JavaScript, CSS. All targeting and tooling.
$0
unlimited sites
- 3 snippet types (HTML, JS, CSS)
- 11 injection locations + 7 OTheme hooks
- Revisions, library, OIntel linter
- Safe Mode + auto-recovery + recovery URL
// pro
OCodeInsert Pro.
Adds PHP snippet execution. Same UI, same rules.
$0
pricing TBA
- Everything in Free
- PHP snippet type (capability + license gated)
- ob_start() output capture, error logging
- Auto-pause on PHP fatal via shutdown handler
// More from Orravo
Complete your stack.
You are already running one Orravo plugin. These are the commercial ones our customers reach for next.
MOMailer
Full-stack email infrastructure for WordPress: built-in SMTP, subscriber CRM, campaign builder, automation flows, A/B testing, WooCommerce integration, lead scoring, deliverability tools, REST API, webhooks, and more.
ExploreFOForms
Lightweight form builder and workflow automation engine.
ExploreAOAds
Native ad manager for WordPress.
Explore// Common questions
Asked & answered.
What ships free vs. what costs money? +
HTML, JavaScript, and CSS snippets are 100% free with every feature: 11 injection locations, all targeting rules (page type, URL pattern, user role, device, schedule), revision history, Safe Mode, the OIntel linter, and the snippet library. PHP snippet execution is the only Pro-gated capability, since arbitrary PHP needs a license check on top of the WordPress unfiltered_html guard.
How is this different from just dropping code in functions.php? +
Three things. First, snippets live in their own table with revision history capped at 25 per snippet, so a bad edit is one click away from rollback. Second, targeting: a snippet can scope to single posts, logged-out visitors, a specific role, mobile only, between two dates, or any URL pattern, without writing the conditional logic yourself. Third, Safe Mode: if a PHP snippet fatals, the shutdown handler auto-enables Safe Mode and pauses only the snippets that fired on the failing request.
Can I run JavaScript snippets in the head safely? +
Yes. JS snippets are wrapped in a script tag with a configurable priority. The snippets table indexes by location and priority, so head snippets fire in the order you set. Use this for analytics, tag managers, or third-party widgets.
What is Safe Mode and when do I need it? +
Safe Mode is a global kill switch for all snippet output. It can be toggled from settings, triggered automatically by the shutdown handler when a PHP fatal is detected, or bypassed per-request by appending ?oci_safe=1 to any URL while logged in as an admin (manage_options required). If a fatal locks you out of the admin entirely, OCodeInsert can mint a one-time recovery URL with a 24h-token via OCI_Settings::get_recovery_url().
Does the PHP snippet type actually run arbitrary PHP? +
Yes, with two guard rails. Editing or saving a PHP snippet requires the WordPress unfiltered_html capability (administrators only by default). At execution time, oci_is_pro() must also return true, so PHP needs a Pro license on top of the capability check. Code runs inside ob_start() with a wrapped error handler so syntax errors and exceptions are logged to the error log instead of blanking the page.
Where does the data live? Anything sent to your servers? +
Three custom tables on your WordPress install: oci_snippets (snippet records), oci_snippet_revisions (capped at 25 per snippet), oci_execution_log (capped at 10,000 rows, auto-pruned). Settings and the v1 migration backup live in wp_options. Nothing is sent to Orravo or any third party. No telemetry, no tracking pixels. The plugin works fully offline once installed.
How does it inspect snippets for security issues? +
OCodeInsert ships with the OIntel linter (OCI_Linter). Every snippet is scanned for obfuscation patterns like eval(base64_decode(...)) (critical), dangerous PHP functions like exec/shell_exec/passthru (high), absolute-path file writes (high), document.write() and render-blocking scripts (medium), and broad-targeting hints when a snippet runs on every page from head or footer (info).