Ok this is a big hack people... and I am sure you want to know what it does.. Ok this is very simple to use. It gives the user the ability to make his own custom style/color for the site, which the user can use, edit, let other users usem and delete. It is all very staright forward to use. This will not impact the sites original sytels or such. Now I have input that users can only edit their own styles, as people with think there are security holes, but I have patched then up, so if they they to mess with the system they will get a error message (Tested) This system I larger and
if you find any errors please report them to me at once.

Updated! 1.3

1) In the admin cp user styles / replacements now have their own section as not to confuse admin in the site styles / replacements.

2) In user options they now have the site styles, and then teh drop down for user styles

3) Security updated.


Add Style:
http://www.anime-imagine.com/previewimages/add.jpg

Modify Style:
http://www.anime-imagine.com/previewimages/modify.jpg

Edit Style:
http://www.anime-imagine.com/previewimages/edit.jpg

Remove Style:
http://www.anime-imagine.com/previewimages/remove.jpg

Customize Style:
http://www.anime-imagine.com/previewimages/styleedit.jpg

Security Preview:
http://www.anime-imagine.com/previewimages/security.jpg

Enjoy. :smoke:

Disclaimer: Nothing against you, seems like you've done a good job here.

But, I would definitely not let my users mess with styles other people can use. The reason is very simple. Anyone with a little knowledge in Javascript can easily steal cookie data from you with malicious code. So one can create his own style, put some JS code in the header template and bam - anyone using the style (even for once) will have his account stolen.

But it seems like a really great hack too...

I am debating on it right now....

Originally posted by FireFly
Disclaimer: Nothing against you, seems like you've done a good job here.

But, I would definitely not let my users mess with styles other people can use. The reason is very simple. Anyone with a little knowledge in Javascript can easily steal cookie data from you with malicious code. So one can create his own style, put some JS code in the header template and bam - anyone using the style (even for once) will have his account stolen.

True. But this is an addon, while there may be a way to steal cookie data with malicious code. This could be a very usefull hack. I have added some security to the script, but I am still not totally sure about the security like you have said. So firefly do you think there are any steps to take to get around this?

And thank you for the comment.

I would limit it to color changes... the hack I mean. Giving them just the ability to change like.. the text, background, post color, post color #2, and a few other colors.

Edit, just another questioN~what is to stop users to say, making the header look like http://www.thisisanastyilligalsite.com and, you don't notice it, a member chooses this style, notices, and notifies the authorities :x

Just seems like alot of unwanted work/attention....

Add a regex that will remove all Javascripts from the templates. It's not the best way to go on this, and while it might make some people angry I think it's worth it.

Oh and yes I agree with the above post.

I think users must NOT have possibilities to change templates.
Only colors and they cannnot share them with others. Nobody want to choose a set from 1000 styles... Just my opinion...

does user edit templates?
if user can edit header, he can add some javascript, as firefly said, and i don't want to have some problems with my users accounts!

How about make an option in the admin, with check boxes to which style fields you allow the users to be able to customize, e.g.
CHECKBOX-Ticked Background Colour
CHECKBOX-Unticked Text Colour etc etc.

And perhaps allow the admin to disable/enable the option for the user to share his/her custom style to others, otherwise the board may end up with 1000 style for people to choose from as someone as mentioned above.

I would defintly go with the color/text size, let them know what it is like to run a forum, most people haveno idea, and I have had requests for them to be able to do that so that would killer to do that.

hmmm...I understand all your guy's problems as well, but it looks like a great idea and I am going to mess with it, but I want to see if I can set it up so that just say people that I setup a custom forum for can customize...we will see.

Can we allow this only for certain user groups? Or is this for everyone?

James

P.S. If not how would I go about adding that.

well I won't use this

but I do want to say, that this is a nice hack for the people that need it, Neo

a better way it's the possibility to users to change a theme colours only for him

i mean i put all in black i will be the only one to have this clour

Greetings:

Wow, I definately agree that this could be a VERY powerful hack! I can see it now, users having their own little contests to see who can come up with the best template, with other users casting votes, etc. etc.

I do agree, however, that major limitations need to be placed on this. If you limited this to just colors, fonts, etc.... I would definately be more interested in implimenting it.

I think this is one that would be worth investing the time in to develop further (heh, easy for me to say, considering it's not my time).

just my 2cents.

Heh, after I posted this, I went to open up winamp to play some mp3s, and I realized, hell, I'm using a custom winamp skin that I downloaded! Same goes with windows media player, etc. There certainly are a lot of examples out there of how being able to create third-party skins can help the popularity of a product (and let's not ever forget folks, your website is a product)!

The only edit this has to anothing related the header is Head Insert:.. I am going to take that out. This does not give users access to edit templates. I am going to take firefly's suggestion aswell. So I will make it so that only color/text can be edited and such. I will have this by tomorrow. Thanks you all your input.

Updated :D

neo: may be we can use it with Vbpad to choice for your Vbpad custom style?
I requested 3 weeks ago new features for Vbpad, you can see them...

Umm... well it could be used for what I made it for, or what ever else peope see the need for it... and I forgot what the vbpad thing was

Where is the customstyle.php file that is needed (it is in the form part of the customstyle_add template)? In the instructions it says to make a file called customstylesfunc.php, but no customstyle.php is mentioned anywhere in the instructions !

Also, since installing this my boards have slowed to a crawl :(

Ammendment... this hack had nothing to do with my boards slowing... still can't find that customstyle.php file though ??

Also, since installing this my boards have slowed to a crawl
Probably entirely unrelated to this hack.

its admin/style.php

I dont know where you got custonmstyle.php though

In your addstyletemp and modifystyletemp there are references to a file called customstyle.php which isn't in the zip file and there are no references to it in the instructions....

<form action="customstyle.php" name="name" method="post">
<input type="hidden" name="action" value="insert">
<input type="hidden" name="userselect" value="1">

i mean member.php then