CSS

CSS, the Cascading Style Sheets, is the language used to describe the visual presentation of HTML documents. It controls layout, colours, fonts, spacing, animations, and responsiveness across devices.

While CSS itself is a client-side technology, PHP frequently interacts with it:

• Generating dynamic CSS values for theming, user preferences, etc.

• Injecting CSS variables from server-side configuration

• Rendering HTML templates that include or link stylesheets

• Parsing or minifying CSS on the server

When PHP outputs CSS content directly, care must be taken to escape values correctly to prevent CSS injection. It is a form of XSS where an attacker injects malicious CSS rules.

In modern PHP applications, CSS is typically bundled by a frontend build tool and linked from PHP templates.

<?php

    // Generating a dynamic CSS custom property from a user setting
    $primaryColor = '#3498db'; // from database / user preference
    $primaryColor = preg_replace('/[^#a-fA-F0-9]/', '', $primaryColor); // sanitize

    header('Content-Type: text/css');

    echo ":root {
        --primary-color: {$primaryColor};
    }
    ";

?>

Documentation

See also CSS - MDN and CSS Injection.

Related : HyperText Markup Language (HTML), Cross Site Scripting (XSS), Front-end, World Wide Web (WWW), Javascript, Asset, Template