Re: include function in stylesheet
Von: Jonathan N. Little (lws4art@central.net) [Profil]Datum: 09.09.2008 17:24
Message-ID: <9d7b9$48c6907e$40cba7b7$31297@NAXS.COM>
Newsgroup: alt.html
Edwin van der Vaart wrote: > Nico Schuyt wrote: >> Edwin van der Vaart wrote: >>> Neredbojias wrote: >> >>>> But for this case the best way might be to do multiple links rel and >>>> use php to pick the ones you want for each page. >> >>> Hmmm. A php switch with stylesheet links. >>> Sound interesting. I done that a long time ago for a website. >> >> Right! Something like >> <?php >> if ($_GET['style']=="special"){ >> echo '<link href="/styles/special.css" rel="stylesheet" >> type="text/css">'; >> } >> ?> > Thanks for you reaction. > I had use the following for a example rollover menu page: > <?php > $s = $_GET['style']; > if (!($s)) { $s = 'style'; } > ?> > Call my paranoid, but I think prudent, but I would do a bit of validation on that parameter. Think about it, what if s$="bogus.css'><link rel='section' href='/etc/shadow' title='Steal your secrets'>" Same kind of oversight caused that MySpace style switcher script problem a couple of years ago. I still get evidence in my logs of bots looking for the injection vulnerability... -- Take care, Jonathan ------------------- LITTLE WORKS STUDIO http://www.LittleWorksStudio.com[ Auf dieses Posting antworten ]
Antworten
- Edwin van der Vaart (10.09.2008 20:48)