How do I ensure user input is CSS and not malicious code?

Question

On my website I want to include a text box that will allow the members to change anything they want css wise on their profiles....but I don\'t want to wake up one morning to

Answer 1

O hai MySpace…

Just give users the ability to specify colours and images from a web form, and construct a user-specific style sheet from that. Allowing users to specify their own CSS in its entirety will just lead to ugly, ugly pages. See: MySpace 1.0.