WordPress MU

AndWat... tell me one software that ain't got vulnerabilities??? Please.. just one... and no cheating please.. machine gotta be hooked up on the internet now!!!

mickemus - he was joking :)

Yes, I was joking, but there is a serious point behind the joke, and behind mick's challenge.
I don't believe that there is such a thing as a system without vulnerability. I do believe that one of the tasks of system developers is to minimize vulnerabilities. I believe that the WPMU developers are taking this task very seriously.
I think that it's good to kick around ideas about how to make WPMU more customizable without opening doors that bad people can exploit. Donncha is aware of some of these potential doors. I'm glad that he is.
So it'll be a frustrating conversation. People make suggestions. Donncha points out problems. It's frustrating to feel that your suggestions are being shot down. It's frustrating to have to revisit things you've already considered in designing WPMU.
Thanks to all for keeping the frustrating conversation respectful.

Nice plugin, going to use the php4 version on my new MU setup. Only thing i had to change was part of the add_submenu_page line, at the top of the file, from:

basename(dirname(__FILE__)) . '/' . basename(__FILE__)

To just:

basename(__FILE__)

As otherwise it wouldn't pick up the css colors correctly. Thanks for releasing it. :)

the download link is broken. Can anyone give me the correct download URL.

i know of a program that is free from vulnerabilities :)
i wrote it about 4 years ago

hello world :)

where is the working url for this plugin using php 4 ?

Has anyone found a 'user customizable template' plug-in that actually works?

When I install the plugin and go to the page, all I get is a blank screen, any help with this?

the php4 download link is still broken, can someone upload it again and make it accessible, please?

I second Ovidiu's request.

Donncha, can you please re-upload it to somewhere safe? (preferably WPMUdev.org)

Try this guys: http://www.hadithuna.com/wp-content/mu-plugins/Jason_Customciser-doc.phps

thx. that seems to work, still one more question:

in the plugin code it says to cut out a certain portion if yo uare able to install the following pear module: HTML_CSS I did instal that module but I do not know which is the last line that has to be cut out,...

can someone help with this too?

I just noticed, that if my theme loads a style.css and later on a plugin loads another style.ccs this plugin only parses the second style.css, meaning I am actually unable to change any style belonging to my theme, just those styles belonging to my plugins... any fix for this?

I've a somewhat stupid question from a noob.

I'm trying to set up a blog with multiple contributors/authors - as I understand it, if I use the above plugin I can customise the theme however all authors would have access to the plugin. Wouldnt jst deactivating the plugin put a stop to this? (ie switch it on and off as needed as an admin)

If just the site admin needs access to the theme to change or fix it, you don't even need this plugin.

Also, I'm not sure if this plugin handles it, but if one blog has multiple authors, as long as their user level is belwo admin (on that blog) they shouldn't be able to edit the theme anyway.

Is there a way to make a visual panel not to impose CSS manually and choose colors from the table, like header color changing? I think it will be more useful.
May be "copy adn paste" code from custom-header.php?

Is this plugin working on the latest version of MU ? 1.3 ?

I only get errors.

It works fine on MU 1.3 and latest TRAC (as of January 18, 2008 anyways). You have to make sure you are using the correct version for your php install (4 or 5).

Trent

I've problem with some themes using jason_customicer
with some already customizable theme like InSense, when i go to the customicer link this happen :

[Mon Jan 21 23:18:50 2008] [debug] core.c(3046): [client 84.33.1.73] r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/style.css
[Mon Jan 21 23:18:50 2008] [error] [client 84.33.1.73] Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
[Mon Jan 21 23:18:50 2008] [debug] core.c(3046): [client 84.33.1.73] r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css
[Mon Jan 21 23:18:50 2008] [debug] core.c(3052): [client 84.33.1.73] redirected from r->uri = /wp-content/themes/insense/wp-layout-normal.css

it also happen with other already customizable themes like Clores , Chamaleon and other, is there any way to disable Jason_Customciser table for some themes ?