The MU forums have moved to WordPress.org

OK. CSS Editor.. not Theme Editor. (46 posts)

  1. realsol
    Member
    Posted 15 years ago #

    I grabbed my old theme-editor.php file from Wordpress and did some editing. It now, instead of loading the current theme, only loads css files that are found in the current blog's upload directory. This way I can drop a .css file there and the user can edit till they are blue in the face. I just use a plugin I wote to add this css below their themes css in the head of each page, thus creating an alternate css for the theme.

    The editor will only allow css files that are in the upload directory and will not let the user change the extension.

    Does anyone know if this would be safe. I mean, can someone still execute a php from a css file?

    Thanks.

  2. dsader
    Member
    Posted 15 years ago #

    @import "mean_old_php.php";

  3. realsol
    Member
    Posted 15 years ago #

    Ah, funny you should spot me.

    I am actually playing around with your userthemes, thinking that if I hide the templates, I would be OK.

    I am trying to do what they do on Wordpress.com. I just want the user to be able to edit a custom ccss file from within the backend.

    I like user themes, but I have strange things that happen when I use it. I end up loosing the preview ability after shutting it off a blog. The only way I could get it back was to remove the plug-in out of the mu-plugins. I now serve it up on a blog by blog basis in the plugin directories.

    I like it. Only use if form my own custom themes and a few customers. had to add some code to not show them userthemes if they did not have switch_theme rights though.

    Any idea how I can do what they do on WordPress.com. I have the code in place, but not simple editor. How do they protect themselves from @import?

  4. realsol
    Member
    Posted 15 years ago #

    dsader,

    I'm this far along, I might as well finish it. I could strip out @imports if this is the only bad thing, which makes this method safer than ftping a file, or giving someone css ability in the file upload in the write post area.

    I am new to menu's and plugins. I really wanted to make my version run from the plugins directory, but too many errors that I don't know how to fix. If I run it from the wp-admin directory, it runs file, but only if access by:

    http://domain.com/wp-admin/ccss-editor.php.

    If I try to put it in the design menu I get an error. It tries to load it from:

    http://domain.com/wp-admin/edit.php?page=ccss-editor.php, which it turn I get a:

    Cannot load ccss-editor.php.

    I'm adding:

    add_action('admin_menu','ccss_admin_menu_pages');
    if (file_exists(ABSPATH.'wp-admin/ccss-editor.php') && (current_user_can('edit_themes')))
    add_management_page('Edit Stylesheet', 'Edit Stylesheet', 10, 'ccss-editor.php');

    Can you tell me what I am doing wrong?

    Thanks.

    Have to tell you on a side note. I really love userthemes. I just get weird things that happen and not sure why. But I love it.

  5. dsader
    Member
    Posted 15 years ago #

    See if adding http://boren.nu/downloads/preview_theme.phps restores the preview_theme as intended.

    Other than that I'm going to rain on your parade.

    In my install I use userthemes and theme-editor to make a copy of an entire theme to mimic another but only to add/edit page templates, or change the header menu, remove the comment form and tinker with post meta links, sidebars, etc., all to use WPMU as more of a CMS for the courses I teach and resources/texts/blogs I publish. No one else has access to theme-editor and I rarely edit the css at all, ironically. Blogs have access to userthemes, blogs of which I am the only Admin.

    A couple of years ago I had rigged the theme-editor to be css only and allowed many more users a taste of CSS editing,(I had no control of ftp access to blogs.dir while in classes back then either) but it caused me more work than I needed, and produced hideous(aka "clown pants") results generally. The more I invested in discovering nasty code to scrub, the more paranoid I became in allowing users access to CSS editing at all. So I've stopped letting users tinker and instead upload hundreds and hundreds of well tested themes instead.(Thanks to FARMS for the first 100).

    As you see I haven't kept up with the changes to WPMU to keep userthemes error free.

    Indeed the ("new") preview functions built into Wordpress(since 2.5?) render the previews as I've coded them useless. The plugin needs work, but it is not on my todo list until after a smooth change to WPMU 2.7 or later.

    To be and absolute pessimist, I'd rather invest my time transforming my favorite themes into themes with special functions pages like Mandingo, Tarski, K2, which allow an array of style/colour/layouts to users in a way that is 100% worry free to me as SiteAdmin.

  6. realsol
    Member
    Posted 15 years ago #

    I agree with you, I love customizable themes. rdgriffin.com is an example. Love tarski so much I converted it into a aeros lookalike so as not to change themes. Slthough, due to their wonderful hooks, I could move things around I wouldn't be able to do otherwise.

    And I just checked out Mandingo yesterday. I think I personally can do almost as much as taski, well at lease without touching php or css.

    I just thought it would be cool to give users a taste of css like wordpress.com. How to they get away with it?

    I do really enjoy user themes. I actually changed it like I said above, and also removed the (copy) if user didn't have admin rights, but lost the changes. Maybe I will check the preview link as stated above.

    Lets review.
    1. I wanted to give users access to http://ftp... bad idea.
    2. spend a day (takes me forever to find stuff for wordpress) rewritting a editor, bad idea.

    But, I appreciate what you said. And, I hate to say it, I know your right. OK. I have given up. Don't want to go through what you went through.

    If I follow the link above, do you think I should be able to move userthemes back to mu-plugins? I do have the editor, but I also get an error when I try to access it from the menu. I want to change the function to only allow my userid to copy the themes and only me and one other admin to edit. I see where to change that. That won't be a problem, but I can get it to display from the menu. Same error as when I try to access my now dead ccss.css that is also wp-admin. Is that just broke until later?

  7. dsader
    Member
    Posted 15 years ago #

    I have never tried userthemes in plugins, only mu-plugins.

    Post your ccss-editor.php you are trying to add to the menu at pastebin.com and I'll have a look.

  8. realsol
    Member
    Posted 15 years ago #

    Actually I get 'The requested theme does not exist.' when trying to edit in userthemes.

  9. realsol
    Member
    Posted 15 years ago #

    I don't want to waste your time with the ccss-editor. You have convinced me (once again) to toss it. Well, I will keep it around, just won't use it.

    I am not sure if the fix for preview had anything to do with what my problem was or not since I am running 2.6. It seemed that if I was using userthemes on a blog and deactivated it (going back to regular themes) that then the users lost their preview when viewing in the standard choose theme page. When I removed userthemes from the mu-plugins directory the problem would go away.

    Not knowing how to fix it, I moved it to the plugins directory and only activated it on blogs I knew would always use it. So, not sure if the preview above would help that.

  10. dsader
    Member
    Posted 15 years ago #

    Sorry, theme previews I try behave as expected on usertheme and non-usertheme blogs.

    WPMU 2.6.3
    Userthemes 2.6.1

    Removing the plugin while a usertheme is active will cause a blank front end and the default theme to load in the themes.php page.

    From what you've written I can't figure what would gum up the theme-preview.js in the core theme.php page.

  11. realsol
    Member
    Posted 15 years ago #

    Well, that's good news. Maybe it was a combination of a few factors. That's why I have a hard time reproducing to every now and then. Maybe, it was something to do with using an older usertheme originally and then the newer one. I don't know.

    Thanks for all the input. I realized how templates could be dangerous, but never css so not having an editor made no sense to me.

    Thanks for all of your help. I will let you know if I figure out a way to consistently duplicate it.

  12. realsol
    Member
    Posted 15 years ago #

    What luck have you had with Tarski. that was the main reason that I stopped using userthemes. I could never get the options screen to display properly.

  13. realsol
    Member
    Posted 15 years ago #

    My son uses user themes and ftp's his themes to the usertheme directory. Would this cause any problem?

  14. dsader
    Member
    Posted 15 years ago #

    I didn't know what I was missing, either.

    Here's what I tried:

    Tarski Version 2.3

    /tarski/library/helpers/admin_helper.php

    $tarski_options_link = '';

    /tarski/app/launcher.php

    add_action('admin_print_scripts', 'tarski_inject_scripts');
    	add_action('admin_print_styles', 'tarski_inject_styles');
  15. realsol
    Member
    Posted 15 years ago #

    Ignore what I was saying about the php error bringing up the editor. Just shut off the Wordpress AdminBar plugin and the regular menu's bring it up fine.

    Now of a good Admin Menu? probably should wait for 2.7 anyhow since they will all probably break.

    As far as Tarski, I do get the options and they look like they are all there. Maybe it is the options stylesheet that is missing. i think when I originally noticed it, it probably scared me since I was just starting to use userthemes. Feel more comfortable with it now and knowing you know of tarski, makes me confident.

    The 100 farms tarski is missing the tarski options (also missing a version number so maybe this is an older tarski). The current 2.3 tarski when loaded works fine other than (i think) the stylesheet.

  16. dsader
    Member
    Posted 15 years ago #

    "ftp's his themes to the usertheme directory. Would this cause any problem?"

    Shouldn't cause userthemes to do anything different. Stick a theme in the bogs.dir/###/themes. Some themes link to their fancy bits using hard coded, non-relative urls, you won't get every theme to work, but most will.

    Permissions on the uploaded files?

  17. realsol
    Member
    Posted 15 years ago #

    Well, I'll tell you dsader (hope I can call you that :) ), I think I am loving userthemes more. Here are a couple of changes I am going to make.

    1. I am going to add a variable shutting off the delete and copy methods unless I activate (which in most cases, i won't). Only two that I will give access to later. Might add a 'allowed users' in the admin setup where I can add usernames.

    2. Keep theme editor off (unless it matches the ones I want (later probably adding this to the admin setup).

    3. Adding it text under 'User Themes' to reflect that this area is for customers who have purchased custom these along with a little ad for me :)

    4. With your advise, have it added for all new blogs.

    I am using a plugin that I got here that set's default blog defaults, like changing formum and help admin links and removing meta links. Is it possible to setup the plugin to always show userthemes? With the above options I ad it should be safe.

  18. realsol
    Member
    Posted 15 years ago #

    As far as FTP stuff, it would be nice, later, if userthemes automatically created the themes directory when the plug-in was activated for a blog, and visa versa, if the themes directory is empty, delete it when deactivated.

  19. dsader
    Member
    Posted 15 years ago #

    I had to hack Tarski to add style to the admin options via the laucher.php, lines 73/74 in my case.

  20. dsader
    Member
    Posted 15 years ago #

    Themes dir is only created when Copying. And yes it is a peeve that the blogs.dir can swell to the crack 'o doom, hence the limit in the userthemes admin. Using a plugin to delete user files scares the crap out of me.

    A handful of theme files per user allowed is minor disk space for me.

  21. realsol
    Member
    Posted 15 years ago #

    I was talking about only deleting if the deactivated and no files exist. Just the directory is gone. Just a thought.

    When you say you hacked Tarski, are you talking about the one included in the 100 farm pack? From the looks of the file, it seem pretty old. I was thinking about editing the 2.3 version and adding the wsa add links into it.

  22. dsader
    Member
    Posted 15 years ago #

    2.3

  23. realsol
    Member
    Posted 15 years ago #

    OK. I'll give it a shot. I guess really its only looks. You sound like me. I'll spend hours if it doesn't look right because I know I can make it look right. My son thinks I am foolish.

    Did you see my message as far as activating on new blogs? it would save me a step, that is if I remove the stuff I mentioned above.

  24. realsol
    Member
    Posted 15 years ago #

    I have this option in the 'defaults' plugin I mentioned to change default sidebar widgets. Looks like I could hook into this to add the blog.


    function add_default_options() {
    add_option('ut_use_user_theme') ;
    }
    add_action("populate_options", "add_default_options");

  25. dsader
    Member
    Posted 15 years ago #

    Userthemes enables a blog Admin to access copying themes. If a Blog Admin promotes a subsriber to Admin a new user has access to edit themes, without SiteAdmin doing a thing. A crazy blog Admin could add all kinds of users to trash his blog, and with access to theme-editor . . .

    Userthemes has no user level control, only blog control.

    Auto-activating it as a new blog default:

    update_blog_option($blog, 'ut_enabled', 1);
  26. realsol
    Member
    Posted 15 years ago #

    yeah, Quoting from above:

    1. I am going to add a variable shutting off the delete and copy methods unless I activate (which in most cases, i won't). Only two that I will give access to later. Might add a 'allowed users' in the admin setup where I can add usernames.

    2. Keep theme editor off (unless it matches the ones I want (later probably adding this to the admin setup).

  27. dsader
    Member
    Posted 15 years ago #

    Once upon a time every user saw the usertheme interface as a theme picker, but only "enabled" could get to the theme editor. And then I changed it to the way it is now. But that was a couple years ago. I recall an interesting side-effect was that I could copy one theme into the blog folder, and only one theme was listed in the theme picker. But I assign special themes to blogs using the SiteAdmin->Blogs->Edit now.

  28. realsol
    Member
    Posted 15 years ago #

    I was just renaming the Theme Name and keeping my custom themes in the same theme folder. That was fine. But now with 120 themes, it is just getting too overwhelming. And, now I taught my son some theme design and he is going crazy installing themes. Thus, I started out using UserThemes. Kept him out of the Themes directory and only give him ftp access to install new themes to his own blog. He was accidentally changing themes he shouldn't be changing. UserThemes was a blessing.

    But now that blogsonus.com is about ready to be out of beta, I thought it was time to revisit userthemes.

    You have been a big help. Thank you so much. Glad I took a nap today since I want to finish this up tonight to move on.

    Thanks again. I'll drop you a note if I run into anything weird, unless you have a place for me to comment on if I find something.

  29. realsol
    Member
    Posted 15 years ago #

    Found one.

    If I click on the 'Edit' when I have a user theme I get a 'The requested theme does not exist.' The url it is trying is 'http://test.blogsonus.com/wp-admin/theme-editor.php?theme=AlmostSpring'.

    If I just click on Edit UserThemes, I get the theme editor just fine with the current theme loaded. It goes to: http://test.blogsonus.com/wp-admin/theme-editor.php?theme=AlmostSpring.

    Is this how it is suppose to be?

  30. realsol
    Member
    Posted 15 years ago #

    Seems like I am bugging you and you probably know all these things already but..

    If you have a System Theme activated, the 'preview' works fine when previewing either a 'user theme' or a 'system theme'. But if you have a 'user theme' activated, the preview does not work for the 'system themes' but continues to work for the 'user themes'. This is before and after i installed the previewer link you mentioned above.

About this Topic