Ok this is just a lil experiment by me to see if it could be done. This code could be built upon (or easily added into the likes of a forum etc) to give users control over the colours/text/layout basically anythign thats controled through CSS
anyways on with the code
first I set up a sql table called cu_css which has -
id [int, auto inc]
name [varchar 255]
css [text]
file [1] - index.php
Code:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Custom CSS</title>
<link rel="stylesheet" href="css.php?id=<?php echo $_GET['id']; ?>" type="text/css" />
</head>
<body>
<h1>This is in H1 tags</h1>
<br />
<h2>This is in H2 tags</h2>
<br />
<p>This is in paragraph tags</p>
<br />
<blockquote>This is in block quotes</blockquote>
</body>
</html>
File [2] - css.php
Code:
<?php
header("Content-Type: text/css");
//get required files
require './inc/database.php';
require './inc/functions.php';
//get id from url
$id = $_GET['id'];
//check if id exsists
if(!$id)
{
$id = "default";
}
//make sure id only contains letters
$check = isLetters($id);
if(!$check)
{
$id = "default";
}
//set up query
$query = "select * from cu_css where name = '$id'";
//run query
$result = mysql_query($query)
or die( "Couldn't find CSS : ".mysql_error() );
//prepare to echo out css
$row = mysql_fetch_array($result);
echo $row['css'];
?>
File [3] - add_css.php
Code:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Add CSS</title>
</head>
<body>
<form name="form1" method="post" action="add_css_script.php">
<p>
Name :
<input name="name" type="text" id="name">
</p>
<p>Css : <br>
<textarea name="css" cols="50" rows="20" id="css"></textarea>
</p>
<p>
<input type="submit" name="Submit" value="Submit">
<input type="reset" name="Reset" value="Reset">
</p>
</form>
</body>
</html>
File [4] - add_css_script.php
Code:
<?php
//get required files
require './inc/database.php';
require './inc/functions.php';
//get sent variables
$name = $_POST['name'];
$css = $_POST['css'];
//check both exsist
if(!$css || !$name)
{
echo "Please go back and complete both fields";
}
else
{
$check = isLetters($name);
if(!$check)
{
echo "Error name must only contain lower or uppercase letters";
die();
}
else
{
//check if name exsists
$query = "select * from cu_css where name = '$name'";
/* query the database */
$result = mysql_query($query);
//name already exsists show error
if (mysql_fetch_row($result))
{
echo "That name is taken - try another";
}
else
{
//remove any scripting
$search = array ("'<script[^>]*?>.*?</script>'si", // Strip out javascript
"'<[\/\!]*?[^<>]*?>'si", // Strip out HTML tags
"'([\r\n])[\s]+'", // Strip out white space
"'&(quot|#34);'i", // Replace HTML entities
"'&(amp|#38);'i",
"'&(lt|#60);'i",
"'&(gt|#62);'i",
"'&(nbsp|#160);'i",
"'&(iexcl|#161);'i",
"'&(cent|#162);'i",
"'&(pound|#163);'i",
"'&(copy|#169);'i",
"'&#(\d+);'e"); // evaluate as php
$replace = array ("",
"",
"\\1",
"\"",
"&",
"<",
">",
" ",
chr(161),
chr(162),
chr(163),
chr(169),
"chr(\\1)");
//now lets apply it
$css = preg_replace($search, $replace, $css);
//right lets inset them into table
$query = "INSERT INTO `cu_css` ( `id` , `name` , `css` ) VALUES ( '', '$name', '$css' )";
$result = mysql_query($query)
or die( "Couldn't add CSS : ".mysql_error() );
echo "<SCRIPT LANGUAGE=\"JavaScript\">";
echo "window.location=\"index.php?id=$name\"";
echo "</script>";
}
}
}
?>
File [5] - ./inc/functions.php
Code:
<?php
//--------------------------------------------------------
// isLetters($element)
// $element is string to be checked
// returns FALSE if string contains anything other than letters
// checks lower/uppercase
//--------------------------------------------------------
function isLetters($element) {
return !preg_match ("/[^A-z]/", $element);
}
File [6] - ./inc/database.php
Code:
<?php
//setup database variables
$user = ""; // your database username
$pass = ""; // your database password
$db = ""; // your database name
//connect to mySQL server
$link = @mysql_connect( "localhost", $user, $pass );
//if server can't be found then kill script
if ( ! $link ) { die( "Couldn't connect to mySQL : ".mysql_error() ); }
//select databse
@mysql_select_db($db)
//if database not found die
or die ( "Couln't open $db: ".mysql_error() );
?>
its not very pretty but it works
Basic principle is sound - and as i mentioned above should be easily adapted
you can find a version of it in my dev folder
to add a new css just go to add_css.php
comments?
v_Ln