Well I was wondering, editing a template at the source… wouldn’t this take effect on all users who use this theme? (me noob)
Also I agree with Joni here, most users will want to edit things like colors and are too noob with php to do serious damage (I think). But hell, you cannot be too careful these days….
I have two solutions/ ideas:
1) Editing templates can only via WYSISWYG kinda way, like Frontpage and Dreamweaver have in their design mode. Easy color changing, selecting colors form a color table etc. Drag and drop sections in sidebars to change their level of appearance and so on.
So make it: PHP allowed etc etc, should take some security risks away.
Just my 2 cents