tags:

views:

49

answers:

3
+1  Q: 

Letting users custom skin

As an exercise, I'm trying to wrap my head around what goes into letting a user custom skin their profile (like myspace as an example). I'm using PHP. Since I'm clueless as to the whole thing, I'm not sure what to ask, but some of my concerns are how complex this is, is it going to require an overhaul of my code, can I separate this part into a separate module that can maybe be turned off as needed, are there templating engines that can help with this, and security. The assumption is that if a user wants to custom-skin their profile, they have design/coding skills to begin with. Any ideas with this are appreciated.

+1  A: 

Depends on the costumization you want to give them. If we are talking about say:

  1. user background image
  2. text colors
  3. link colors

That can all be achieved very easily with CSS without breaking your code.

Lets assume you stored all those values in a database. And you have your HTML like this:

<html>
    <head>
        <link rel="stylesheet" href="...">
        <style type="text/css">
        <?php
            // if is set get user css and post it here; example:
            // #userid { background-image: url(...) }
        ?>
        </style>
    </head>
    <body>
        <div id="userid" class="userpannel">
            ...
        </div>
    </body>
</html>

Your users defined styles could be easily set to override the default theme.

Hope it helps!

Frankie  2009-11-03 09:05:19
+1  A: 

It depends how much control over the appearance that you want to give to the user.

I developed a website for a theater who wanted the ability to change the look of the front end as and when, the way this was achieved was to set up several different css files, in the back end there was a page of previews for the different styles and the client just picked which ever one they wanted. The style they picked was stored in the database and when the front end was loaded the css file they had picked was loaded.

<link rel="stylesheet" type="text/css" href="<?php echo $styleSheet; ?>" />
RMcLeod  2009-11-03 09:06:02
+1  A: 

This is a very difficult thing to accomplish and still be secure. If someone can upload custom PHP code, then you are just giving your server away to the first hacker. You also have to worry about the user uploading custom JavaScript, because that would be a Stored Cross Site Scripting (XSS) Vulnerability.

You might want to check out this Open Source PHP project:

(DISCLAMER I have no idea how secure this software is. ) http://sourceforge.net/projects/myownspace/

Rook  2009-11-05 01:33:00

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases