I suggest that by default, joomla should not allow the user to change the template. This should be an option to turn on.

2 key reasons:

1) Many people choose to implement features in their template based on if ( $my->id )  etc

If a visitor simply accesses the site with e.g. index.php?jos_change_template=rhuk_solarflare_ii in the url

They will bypass the security implemented in the template.

Mostly people use it for simple things like hiding / showing a welcome message etc. but some may have implemented more significant access control via the template.

2) A malicious user could leave links around the net to someone's joomla site with e.g. jos_change_template=madeyourweb etc

They could do this deliberately to create google links to a person's site with the layout completely messed up, giving the impression of a poor site / unusable site  ( the intended site may use completely different module positions to those in the other templates )


I know that the joomla admin can delete all other templates but I do not think that most joomla admins would think to do this.

I have seen hoards of posts suggesting the use of  if ( $my->id )  etc but never once seen anyone warning that you can overide any such measure a simply as jos_change_template=rhuk_solarflare_ii in the url