<?php// Load the tNG classesrequire_once('../includes/tng/tNG.inc.php');

1. <?php
2. // Load the tNG classes
3. require_once('../includes/tng/tNG.inc.php');
4.  
5. // Make unified connection variable
6. $conn_topaguas = new KT_connection($topaguas, $database_topaguas);
7.  
8. //Start Restrict Access To Page
9. $restrict = new tNG_RestrictAccess($conn_topaguas, "../");
10. //Grand Levels: Any
11. $restrict->Execute();
12. //End Restrict Access To Page
13.  
14. if (!function_exists("GetSQLValueString")) {
15. function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
16. {
17. if (PHP_VERSION < 6) {
18. $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
19. }
20.  
21. $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
22.  
23. switch ($theType) {
24. case "text":
25. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
26. break;
27. case "long":
28. case "int":
29. $theValue = ($theValue != "") ? intval($theValue) : "NULL";
30. break;
31. case "double":
32. $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
33. break;
34. case "date":
35. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
36. break;
37. case "defined":
38. $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
39. break;
40. }
41. return $theValue;
42. }
43. }
44.  
45. $editFormAction = $_SERVER['PHP_SELF'];
46. if (isset($_SERVER['QUERY_STRING'])) {
47. $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
48. }
49.  
50. if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
51. $insertSQL = sprintf("INSERT INTO cadastro_pedidos (identpedido, indentempresa, id_produto, id_cliente, id_empresa, nomeproduto, quantidade) VALUES (%s, %s, %s, %s, %s, %s, %s)",
52. GetSQLValueString($_POST['identpedido'], "text"),
53. GetSQLValueString($_POST['identempresa'], "text"),
54. GetSQLValueString($_POST['identproduto'], "text"),
55. GetSQLValueString($_POST['identcliente'], "text"),
56. GetSQLValueString($_POST['identempresa'], "text"),
57. GetSQLValueString($_POST['produto'], "text"),
58. GetSQLValueString($_POST['quantidade'], "text"));
59.  
60. mysql_select_db($database_topaguas, $topaguas);
61. $Result1 = mysql_query($insertSQL, $topaguas) or die(mysql_error());
62.  
63. $insertGoTo = "compconf.php";
64. if (isset($_SERVER['QUERY_STRING'])) {
65. $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
66. $insertGoTo .= $_SERVER['QUERY_STRING'];
67. }
68. header(sprintf("Location: %s", $insertGoTo));
69. }
70.  
71. $kt_identificador_Recordset1 = "-1";
72. if (isset($_SESSION['kt_identificador'])) {
73. $kt_identificador_Recordset1 = $_SESSION['kt_identificador'];
74. }
75. mysql_select_db($database_topaguas, $topaguas);
76. $query_Recordset1 = sprintf("SELECT * FROM cadastro_cardapio WHERE indentempresa = %s ORDER BY id ASC", GetSQLValueString($kt_identificador_Recordset1, "text"));
77. $Recordset1 = mysql_query($query_Recordset1, $topaguas) or die(mysql_error());
78. $row_Recordset1 = mysql_fetch_assoc($Recordset1);
79. $totalRows_Recordset1 = mysql_num_rows($Recordset1);
80.  
81. $kt_identificador_Recordset2 = "-1";
82. if (isset($_SESSION['kt_identificador'])) {
83. $kt_identificador_Recordset2 = $_SESSION['kt_identificador'];
84. }
85. mysql_select_db($database_topaguas, $topaguas);
86. $query_Recordset2 = sprintf("SELECT * FROM cadastro_empresa WHERE identificador = %s", GetSQLValueString($kt_identificador_Recordset2, "text"));
87. $Recordset2 = mysql_query($query_Recordset2, $topaguas) or die(mysql_error());
88. $row_Recordset2 = mysql_fetch_assoc($Recordset2);
89. $totalRows_Recordset2 = mysql_num_rows($Recordset2);
90. ?>