$params['node_creator'] = UBIK_ID;
$params['node_parent'] = 2029360;
$params['node_name'] = "addTemplate execute: node $add_template_id";
- $params['node_content'] = mysql_real_escape_string("addTemplate execute: node <a href='$add_template_id'>$add_template_id</a> by user ".$_SESSION['user_name']);
+ $params['node_content'] = db_escape_string("addTemplate execute: node <a href='$add_template_id'>$add_template_id</a> by user ".$_SESSION['user_name']);
nodes::addNode($params);
$set=$db->query("select node_content from nodes where node_id='$add_template_id'");
$fp = fopen (OWN_TEMPLATE_DIR.$add_template_id.".tpl", "w+");
fwrite($fp,$node_content);
fclose($fp);
- chown(OWN_TEMPLATE_DIR.$add_template_id.".tpl","wwwedit");
+ chown(OWN_TEMPLATE_DIR.$add_template_id.".tpl","wwwedit"); // XXX WTF
$q="update nodes set external_link = 'template://$add_template_id' where node_id='".$add_template_id."'";
$db->query($q);