Parsing a CSS file before it gets sent to the server allows us to come up with a notation for the constants. As an example we will use $constant = 'value'; as the definition and $constant as the implementation.

Our CSS looks something like this:

/* Demo CSS */

/* Constants 

$colour1 = '#999';

$colour2 = '#363';

$colour4 = '#696';

$colour3 = '#cfc';

*/

body{

        text-align:center;

        background:$colour2;

        font-family:"MS Trebuchet", Arial, Sans-Serif;

}

#boundary{

        font-size:90%;

        margin:1em auto;

        text-align:left;

        position:relative;

        width:40em;

        background:$colour2;

}

[…]

We apply it to the HTML document via the LINK or the style tag, like any other CSS; the only difference is that we send it to a PHP script for parsing:

<style type="text/css">

        @import 'cssconst.php?c=demo.css';

</style>

The script to parse the CSS and write out the values of the defined constants is rather simple:

<?PHP

header('content-type:text/css');

header("Expires: ".gmdate("D, d M Y H:i:s", 
(time()+900)) . " GMT");

// grab the c parameter and ensure that it contains 
.css is no slashes

// this is a safety measure to prevent XSS

$c=$_GET['c'];

if(preg_match('/\//',$c) or !preg_match('/.css/',$c))

{

        die('only local CSS files allowed!');

        exit;

}

// load the content of the CSS file into the variable css,
 end if the

// file wasn’t found.

$css=load($c);

if($css=='')

{

        die('File not Found, sorry!');

        exit;

}

// grab all constants and store them in the array constants

preg_match_all("/\\$(\w+).*=.*\'(.*)\'/",$css,$constants);

for($i=0;$i<sizeof($constants[1]);$i++)

{

// replace all occurrences of the contants with their values

        $css=preg_replace('/\\$'.$constants[1][$i].'/',
$constants[2][$i],$css);

}

// delete all constant definitions

$css=preg_replace("/\\#.*=.*?;\s+/s",'',$css);

// print out the style sheet

echo $css;

function load($filelocation)

{

        if (file_exists($filelocation))

        {

               $newfile = fopen($filelocation,"r");

               $file_content = fread($newfile, 
filesize($filelocation));

               fclose($newfile);

               return $file_content;

        }

}

?>

To see it in action, check the demonstration page with the unparsed
style sheet.

Disallowing the script to read other than local files and only CSS files are the basic safety measures we should enforce when using this technology. Allowing any script in any location to be parsed might enable visitors to spy on sections of the server they are not supposed to look into.

For basic operations, this is a slick approach to the problem. However, to allow for more complex definitions, we might have to amend the regular expressions –- for example, to allow for multi-line definitions or the usage of quotation marks within a definition.