Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Load the tNG classes
- require_once('../includes/tng/tNG.inc.php');
- // Make unified connection variable
- $conn_topaguas = new KT_connection($topaguas, $database_topaguas);
- //Start Restrict Access To Page
- $restrict = new tNG_RestrictAccess($conn_topaguas, "../");
- //Grand Levels: Any
- $restrict->Execute();
- //End Restrict Access To Page
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- if (PHP_VERSION < 6) {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- }
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- $editFormAction = $_SERVER['PHP_SELF'];
- if (isset($_SERVER['QUERY_STRING'])) {
- $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
- }
- if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
- $insertSQL = sprintf("INSERT INTO cadastro_pedidos (identpedido, indentempresa, id_produto, id_cliente, id_empresa, nomeproduto, quantidade) VALUES (%s, %s, %s, %s, %s, %s, %s)",
- GetSQLValueString($_POST['identpedido'], "text"),
- GetSQLValueString($_POST['identempresa'], "text"),
- GetSQLValueString($_POST['identproduto'], "text"),
- GetSQLValueString($_POST['identcliente'], "text"),
- GetSQLValueString($_POST['identempresa'], "text"),
- GetSQLValueString($_POST['produto'], "text"),
- GetSQLValueString($_POST['quantidade'], "text"));
- mysql_select_db($database_topaguas, $topaguas);
- $Result1 = mysql_query($insertSQL, $topaguas) or die(mysql_error());
- $insertGoTo = "compconf.php";
- if (isset($_SERVER['QUERY_STRING'])) {
- $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
- $insertGoTo .= $_SERVER['QUERY_STRING'];
- }
- header(sprintf("Location: %s", $insertGoTo));
- }
- $kt_identificador_Recordset1 = "-1";
- if (isset($_SESSION['kt_identificador'])) {
- $kt_identificador_Recordset1 = $_SESSION['kt_identificador'];
- }
- mysql_select_db($database_topaguas, $topaguas);
- $query_Recordset1 = sprintf("SELECT * FROM cadastro_cardapio WHERE indentempresa = %s ORDER BY id ASC", GetSQLValueString($kt_identificador_Recordset1, "text"));
- $Recordset1 = mysql_query($query_Recordset1, $topaguas) or die(mysql_error());
- $row_Recordset1 = mysql_fetch_assoc($Recordset1);
- $totalRows_Recordset1 = mysql_num_rows($Recordset1);
- $kt_identificador_Recordset2 = "-1";
- if (isset($_SESSION['kt_identificador'])) {
- $kt_identificador_Recordset2 = $_SESSION['kt_identificador'];
- }
- mysql_select_db($database_topaguas, $topaguas);
- $query_Recordset2 = sprintf("SELECT * FROM cadastro_empresa WHERE identificador = %s", GetSQLValueString($kt_identificador_Recordset2, "text"));
- $Recordset2 = mysql_query($query_Recordset2, $topaguas) or die(mysql_error());
- $row_Recordset2 = mysql_fetch_assoc($Recordset2);
- $totalRows_Recordset2 = mysql_num_rows($Recordset2);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement