{\r
self::error(_ERROR_BADTEMPLATENAME);\r
}\r
- if ( Template::exists($name) )\r
+ else if ( !preg_match('#^admin/#', $name) )\r
+ {\r
+ self::error(_ERROR_BADADMINTEMPLATENAME);\r
+ }\r
+ else if ( Template::exists($name) )\r
{\r
self::error(_ERROR_DUPTEMPLATENAME);\r
}\r
$desc = Template::getDesc($templateid);\r
\r
// 2. create desc thing\r
- $name = "cloned" . $name;\r
+ $name = $name . "cloned";\r
\r
// if a template with that name already exists:\r
if ( Template::exists($name) )\r
$name .= $i;\r
}\r
\r
- $newid = Template::admincreateNew($name, $desc);\r
+ $newid = Template::createNew($name, $desc);\r
\r
// 3. create clone\r
// go through parts of old template and add them to the new one\r
- $query = "SELECT tpartname, tcontent FROM %sWHERE tdesc=%d;";\r
+ $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";\r
$query = sprintf($query, sql_table('template'), (integer) $templateid);\r
\r
$res = sql_query($query);\r
// 1. read skin to clone\r
$skin = new Skin($skinid);\r
\r
- $name = "clone_{$skin->getName()}";\r
+ $name = "{$skin->getName()}_clone";\r
\r
// if a skin with that name already exists:\r
if ( Skin::exists($name) )\r
{\r
$i = 1;\r
- while (Skin::exists($name . $i))\r
+ while ( Skin::exists($name . $i) )\r
+ {\r
$i++;\r
+ }\r
$name .= $i;\r
}\r
\r
\r
if ( $content )\r
{\r
+ $content = sql_real_escape_string($content);\r
+ $type = sql_real_escape_string($type);\r
+ \r
$query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, '%s', '%s')";\r
$query = sprintf($query, sql_table('skin'), (integer) $newid, $content, $type);\r
sql_query($query);\r
{\r
self::error(_ERROR_BADSKINNAME);\r
}\r
- if ( Skin::exists($name) )\r
+ else if ( !preg_match('#^admin/#', $name) )\r
+ {\r
+ self::error(_ERROR_BADADMINSKINNAME);\r
+ }\r
+ else if ( Skin::exists($name) )\r
{\r
self::error(_ERROR_DUPSKINNAME);\r
}\r
\r
// 1. read skin to clone\r
$skin = new Skin($skinid, 'Admin', 'AdminSkin');\r
- $name = "clone_{$skin->getName()}";\r
+ $name = "{$skin->getName()}_clone";\r
\r
// if a skin with that name already exists:\r
if ( Skin::exists($name) )\r
$skin->getIncludePrefix()\r
);\r
\r
+ // 3. clone\r
$query = "SELECT stype FROM %s WHERE sdesc=%d;";\r
$query = sprintf($query, sql_table('skin'), (integer) $skinid);\r
\r
$res = sql_query($query);\r
while ( $row = sql_fetch_assoc($res) )\r
{\r
- self::$skinclonetype($skin, $newid, $row['stype']);\r
+ self::skinclonetype($skin, $newid, $row['stype']);\r
}\r
self::action_adminskinoverview();\r
return;\r