id Posted October 22, 2012 Share Posted October 22, 2012 Ok, this is my question: What is the best way to change the theme of a site (coding wise)? Example, if the users wants to a certain theme, then an option would come up to pick their theme. However, another user wont get the theme change (just like IPB). How would i code that option? 1. Would i have to code the css in php... So instead of style.css it will be style.php 2. On the settings file, it will have an option for the user to pick a theme using a dropdown menu . So if the user selects the all red background, then $default_css = $_POST["theme_selection"]; 3. <link rel=StyleSheet href="<?php $default_css; ?> " type="text/css" /> or is their a simplier way and or a smarter way of achieving this? Quote Link to comment Share on other sites More sharing options...
rmember Posted October 22, 2012 Share Posted October 22, 2012 oh this is easy OK so I am assume you have different files or CSS themes or what not already design so before the theme is set <?php if(!isset($_COOKIE['theme'])) setcookie("theme", $default_css); if(isset($_POST["theme_selection"])){ $default_css = $_POST["theme_selection"];} else{$default_css = "defaultbalagahalsdjjaklsd";} ?> <link rel=StyleSheet href="<?php $default_css; ?> " type="text/css" /> then on every page <?php if(isset($_COOKIE["theme"])){ $default_css = $_COOKIE['theme']; else{$default_css = "defaultbalagahalsdjjaklsd";} ?> <link rel=StyleSheet href="<?php $default_css; ?> " type="text/css" /> Or something like that! Hope that helps! Quote Link to comment Share on other sites More sharing options...
Christian F. Posted October 22, 2012 Share Posted October 22, 2012 You'll want to add some validation to that code, to verify that you are indeed getting a valid filename for a CSS file. If not, show the default stylesheet. Remember that cookies are stored locally on the user's computer, and as such are wide open to be manipulated. Quote Link to comment Share on other sites More sharing options...
id Posted October 22, 2012 Author Share Posted October 22, 2012 So are you suggesting that i do not use cookies? Quote Link to comment Share on other sites More sharing options...
Christian F. Posted October 22, 2012 Share Posted October 22, 2012 No, just that you make sure to verify that what you get from them is what you expect. Cookies are perfectly fine for what you're using them to, but what happens if a user changes (or have it silently changed by someone else) to a filename that doesn't exist? Or worse, an XSS attack? That's why you need to validate the input, and check that the file exists. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.