Index: trunk/admin/config/addtheme.php
===================================================================
diff -u -N -r624 -r766
--- trunk/admin/config/addtheme.php	(.../addtheme.php)	(revision 624)
+++ trunk/admin/config/addtheme.php	(.../addtheme.php)	(revision 766)
@@ -171,6 +171,7 @@
 }
 
   int_header($objCatToolBar,NULL,$title);
+  $c->Data=inp_htmlize($c->Data);
 ?>  
 <FORM enctype="multipart/form-data" ID="theme" NAME="theme" method="POST" ACTION="">
 <TABLE cellSpacing="0" cellPadding="2" width="100%" class="tableborder">
Index: trunk/kernel/include/custommetadata.php
===================================================================
diff -u -N -r701 -r766
--- trunk/kernel/include/custommetadata.php	(.../custommetadata.php)	(revision 701)
+++ trunk/kernel/include/custommetadata.php	(.../custommetadata.php)	(revision 766)
@@ -102,8 +102,9 @@
   
   function DeleteResource($ResourceId)
   {
+		if(!is_numeric($ResourceId))return;
       $sql = "DELETE FROM ".$this->SourceTable." WHERE ResourceID=".$ResourceId;
-      $this->adodbConnection->Execute($ResourceId);
+      $this->adodbConnection->Execute($sql);
   }
   
   function &SetFieldValue($FieldId,$ResourceId,$Value)
Index: trunk/kernel/include/theme.php
===================================================================
diff -u -N -r701 -r766
--- trunk/kernel/include/theme.php	(.../theme.php)	(revision 701)
+++ trunk/kernel/include/theme.php	(.../theme.php)	(revision 766)
@@ -312,10 +312,11 @@
 
 		$missingFiles=array_diff($HDDfiles,$DBfiles);
 		$orphanFiles=array_diff($DBfiles,$HDDfiles);
-		
-		$sql = 'DELETE FROM '.$this->SourceTable.' WHERE FileId IN('.join(',',array_keys($orphanFiles)).')';
-		$this->adodbConnection->Execute($sql);
-
+		if($orphanFiles)
+		{
+			$sql = 'DELETE FROM '.$this->SourceTable.' WHERE FileId IN('.join(',',array_keys($orphanFiles)).')';
+			$this->adodbConnection->Execute($sql);
+		}
 		$l=strlen($fullpath);
 		foreach($missingFiles as $file)
 			$this->AddFile(substr(dirname($file),$l),basename($file),$this->ThemeId,0,'');
@@ -366,7 +367,8 @@
 
     function LoadFileCache()
     {
-        $sql = "SELECT * FROM ".GetTablePrefix()."ThemeFiles WHERE ThemeId=".$this->Get("ThemeId");
+		if(!is_numeric($id=$this->Get("ThemeId")))return;
+        $sql = "SELECT * FROM ".GetTablePrefix()."ThemeFiles WHERE ThemeId=".$id;
         $rs = $this->adodbConnection->Execute($sql);
         while($rs && ! $rs->EOF)
         {