incorrect syntax

biircoop

Please help!

I am getting this error:

Warning: mssql_query() [function.mssql-query]: message: Line 2: Incorrect syntax near '<'. (severity 15) in E:\Inetpub\wwwroot\securty_tracking\admin_task_daily.php on line 39. The value of $dow should be the day of the week: Sunday, Monday, etc. 'hours_spent' is input from a text box. Let me know if you need anything else.

Here is the php code that I am trying to use. Line 39 is the execution of $sql_update. This causes a fail of the query.

$sql_insert="INSERT INTO TICKETS_DAILY
	              VALUES(".$ticket_id.",'".trim(strtoupper($_SESSION['username'])).
					"', ".$req_id.",0,0,0,0,0,0,0)";

		mssql_query($sql_insert);

		$sql_update="UPDATE TICKETS_DAILY
				 SET ".$_REQUEST['dow']."=".$_REQUEST['hours_spent'].
					 " WHERE ticket_id=".$ticket_id.
					 " AND                                                                 accepted_by='".trim(strtoupper($_SESSION['username']))."'
					 AND req_id=".$req_id;

		mssql_query($sql_update);

djjjozsi

its not suggested to send update field names with form or URL.

print the SQL query in phpmyadmin.

if you enter a string to an SQL query lets use the apostrofe around it.

If you post to this forum, please indent your code => use the php BBcodes around your phpcodes to help the troubleshooting with a better read of your problem.

If your insert form and your textfield has broken, your posted values would have broken html codes , the parts from the textfield. See the source code first.

Bad example:

<form action="index.php" method="post" name="Form">
<input name="a" id="a" type="text" value="<?php
echo (isset($_POST["a"])?htmlspecialchars($_POST["a"]):"" ) ?>>

as you can see the last double qoute is missing. Once you post this form, the last > will be a dust in your post.

biircoop

i'm not sure if i understand.. can you clarify that?

this is how i was posting the information:

<form method="post" action="admin_task_daily.php" name="f1">
<input type="hidden" name="ticket_id" value="<? echo $_REQUEST['ticket_id']; ?>" />
<input type="hidden" name="req_id" value="<? echo $_REQUEST['req_id']; ?>" />
<input type="hidden" name="action" value="log_hours" />
<input type="hidden" name="req_name" value="<? echo $_REQUEST['req_name']; ?>" />
<input type="hidden" name="admin" value="<? echo $_REQUEST['admin']; ?>" />
<input type="hidden" name="user" value="<? echo $_SESSION['username']; ?>" />
<input type="hidden" name="added_user" value="<? echo $_REQUEST['added_user']; ?>" />
<input type="hidden" name="dow" value="<? echo $_REQUEST['dow']; ?>" />
<input type="hidden" name="daytotal" value="<? echo $_REQUEST['daytotal']; ?>" />