This post is designed to accompany Chapter 4 of my book, the WordPress-MU 2.7 Beginner’s Guide.
Would you like to allow users to edit their themes on your WordPress-MU blog? One of the most common requests from users on WordPress-MU sites is the ability to edit the themes that are offered. Giving users the ability to edit the PHP files that make up a WordPress-MU theme is a little risky, but it is possible to allow users to edit CSS files, which will give them some freedom to customize their site, and is much less risky from the site owner’s point of view.
If you want to allow your users to customize their WordPress-MU themes, the first thing you need is UserThemes Revisited. You can download the plugin here.
Before you install the plugin, I would recommend making a few changes. In it’s unedited state, the plugin allows your users to access both PHP and CSS files. Offering unrestricted access to PHP files means that you are risking the possibility of malicious code being ran on your server. Let’s block PHP files from being edited:
Open up /wp-admin/theme-editor.php – under the line that begins with $parent_file, insert the following code:
if((get_option(‘ut_use_user_theme’) != 1) || (get_option(‘ut_enabled’) != 1))
wp_die(‘Either you have not been granted permission from the site administrator to access the theme editor OR you do not have a usertheme as your active theme, theme editor will die while a system theme is active.’);
Look for this line:
$allowed_files = array_merge($themes[$theme][‘Stylesheet Files’], $themes[$theme][‘Template Files’]);
Comment it out, and insert this below:
array_merge($themes[$theme][‘Stylesheet Files’],$themes[$theme][‘Stylesheet Files’]);
Next, open the file /wp-admin/includes/mu.php and comment out this line:
unset( $submenu[‘themes.php’] );
Once they’ve made a copy of a theme, they can edit the CSS files using the theme editor.
For your convenience, you can download the edited versions of the core files here.