ChatGPT can write code, but that doesn’t mean you should copy and paste it straight into your site. AI-generated code is often missing key details, contains subtle errors, or just flat-out doesn’t work.
If you’re using AI generated code in WordPress, you need to understand how to rollout that code safely to avoid unnecessary headaches and critical errors that can bring an entire site down.
Where and How to Add Code
Before you drop any AI-generated code into WordPress, work in a safe environment.
- If you’re a developer, use a local environment like Local or DevKinsta
- If you’re not a dev, make a copy of your site on a staging server
- If you can’t do either, install a fresh WordPress instance somewhere private for testing
There are two main places where you can add custom code:
- Custom plugin (best option)
- Theme’s
functions.phpfile (not great, but it works)
Option #1: Theme functions.php
You can add code to functions.php, but here’s why you probably shouldn’t:
Theme updates will wipe it out
If your theme gets updated, say goodbye to your custom code.
It’s easy to break your site
A single typo can cause a fatal PHP error, bringing everything down.
Developers or agencies might remove it
If someone works on your theme, they might not realize your code is there.
Option #2: Custom Plugin
A custom plugin is the better option. It’s clean, it’s isolated, and it sticks around even if you switch themes.
Primary reasons for a plugin over theme functions.php include:
- Theme updates won’t touch it
- Developers won’t accidentally delete it
- It has built-in error protection: if it crashes, WordPress can disable it instead of breaking your whole site.
- Everything stays in one place: easier to manage, easier to organize.
How to Create a Custom WordPress Plugin
Here’s a bare bones example of a custom WordPress plugin to get your started:
<?php
/**
* Plugin Name: Custom AI Code
* Plugin URI: https://kevinleary.net
* Description: Custom plugin for safely running AI-generated code authored by tools like ChatGPT.
* Version: 1.0
* Author: Kevin Leary
* Author URI: https://kevinleary.net
*/
// Example function.
function custom_ai_example_function() {
return 'Hello, AI!';
}
Using the Plugin
To use this as a plugin on your site you’ll need to:
- Create a directory with a single PHP file in it:
custom-ai-code/custom-ai-code.php - Copy the PHP code above into the .php file
- Upload it to your WordPress sites
wp-content/plugins/using SFTP, or create a .zip archive of the folder and upload it through the WP admin UI under Plugins > Add New and then use the “Choose File” upload input at the top of the screen above the list of plugins - Activate the plugin after uploading it
Generating Reliable AI Code
If you want ChatGPT and other AI LLM tools to generate high quality WordPress code that works you need to ask for it the right way.
Be Clear in Your Prompt
AI needs context. Instead of saying something like “Generate PHP code for me.” be specific and say something like:
“Create a WordPress function that adds a custom shortcode for displaying the current date.”
This provides ChatGPT with a narrower focus, allowing it to put more attention into solving the problem than it would otherwise if it was working with just PHP.
Always Use WordPress Core Functions
WordPress has thousands of built-in functions, which is why it’s such a popular framework for building and managing websites. These functions are primarily built with PHP, and there are ways to do things with just PHP but it’s always simpler and more standard to use a built-in WordPress function when and where it makes sense.
To make sure your AI tool knows this I’d recommend that you tell the prompt to:
- Use hooks (
add_actionoradd_filter) whenever you’re modifying WordPress behavior, or need code to run at a certain point during the load process. Maybe after all plugins are loaded as an example. - Always use core functions first before writing and custom ones, for example
wp_enqueue_script,wp_remote_get, etc.
A good example of a brief but well written prompt could look something like this:
“Create a WordPress function that adds an admin notice using the
admin_noticesaction hook.”
Double Check for Errors
AI-generated code isn’t always right so don’t just assume it’s correct. Look for syntax errors and ask the prompt to double check for errors for you:
“Double check that this code is 100% production ready and can be used safely on my live WordPress website”
It’s also good to make sure security functions are used to sanitize and escape any sensitive or potentially malicious user input with functions like esc_html(), esc_attr(), sanitize_text_field(), and wp_nonce_field()
– Test in a safe environment, never on a live website (otherwise known as cowboy coding)
Always Have Good Documentation
Document everything to make it very clear what’s going on in the future. This is especially important when working with AI generated code, particularly for those that are new to coding in general.
Have the prompt add descriptive DocBlock comments to all functions and classes, and useful inline comments within the functions. Sometimes it’s a good idea to provide the description of the docblock directly to provide context about what you were looking to solve or do with the generated code.
Well formatted DocBlocks will quickly tell you:
- What the function does
- Why it was added and where it’s used
- Any relevant contextual information a developer or other team member would need to know
Here’s a good example of a docblock commented function:
/
* Display the current date with a shortcode.
*
* This function adds a `[current_date]` shortcode that outputs
* the current date in `F j, Y` format.
*
* Added: 2025-02-20
* Affects: Shortcodes
* Usage: [current_date]
*/
function custom_ai_current_date_shortcode() {
return date( 'F j, Y' );
}
add_shortcode( 'current_date', 'custom_ai_current_date_shortcode' );
Keep Your Plugin Organized
If your plugin file starts getting long, which it probably will, it’s definitely a good idea to split it up. To do this you can organize your code into separate files in a subfolder like inc/:
shortcodes.phpuser-register.phpseo.phpgutenburg.php
In your plugin’s main file you can reference all of these subfiles by “including” them with PHP like this:
require_once 'inc/shortcodes.php';
Good file organization will save you a lot of time and prevent future mistakes. If you’re not a coder, organization and documentation will be incredibly important to keep in mind when working with AI generated code.
Be Specific When Debugging
If something isn’t working, give ChatGPT full context when asking for help by providing details and even feeding it the actual files where the issue is happening (if you can):
- Include the exact error message
- Tell it where the code is running if you can (theme, plugin, functions.php, etc.) and also where in the site it’s happening if there is a live URL available
- When possible attach a
.zipof the theme or plugin files related to the error, this will provide the AI prompt with the precise information and context about the error, which helps a lot
In general the more details you give, the better the response you’ll get, provided it’s all useful and contextually relevant.
Final Thoughts
ChatGPT can be a great coding assistant, and it’s already revolutionizing the way people work with WordPress and other development related tasks. But it won’t replace experience, and it’s very important to always test in a safe environment before using AI-generated code on a live site.
Use a custom plugin instead of functions.php, be clear when asking for code, and stay organized. These steps will save you from unnecessary headaches and keep your site running smoothly.
As generated code becomes more commonplace I think people will quickly realize how disorganized it can get when provided ad hoc as needed. Keeping an organized structure for the generated code you work with will help tremendously down the road. I’m a very experienced WordPress developer, and I find it to be significantly helpful myself.