One feature designers often wished they had with style sheets are constants –- the chance to define something once and reuse it over and over in the style sheet document. This article shows some techniques for how to achieve that and discusses their pros and cons.
CSS Constants - Parsing CSS with PHP (Page 7 of 7 )
Parsing a CSS file before it gets sent to the server allows us to come up with a notation for the constants. As an example we will use $constant = 'value'; as the definition and $constant as the implementation.
Our CSS looks something like this:
/* Demo CSS */
$colour1 = '#999';
$colour2 = '#363';
$colour4 = '#696';
$colour3 = '#cfc';
font-family:"MS Trebuchet", Arial, Sans-Serif;
We apply it to the HTML document via the LINK or the style tag, like any other CSS; the only difference is that we send it to a PHP script for parsing:
The script to parse the CSS and write out the values of the defined constants is rather simple:
header("Expires: ".gmdate("D, d M Y H:i:s", (time()+900)) . " GMT");
// grab the c parameter and ensure that it contains .css is no slashes
// this is a safety measure to prevent XSS
if(preg_match('/\//',$c) or !preg_match('/.css/',$c))
die('only local CSS files allowed!');
// load the content of the CSS file into the variable css, end if the
// file wasn’t found.
die('File not Found, sorry!');
// grab all constants and store them in the array constants
Disallowing the script to read other than local files and only CSS files are the basic safety measures we should enforce when using this technology. Allowing any script in any location to be parsed might enable visitors to spy on sections of the server they are not supposed to look into.
For basic operations, this is a slick approach to the problem. However, to allow for more complex definitions, we might have to amend the regular expressions –- for example, to allow for multi-line definitions or the usage of quotation marks within a definition.
DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.