不行还的求助版主或者各位前辈指点下小弟!

复制代码 if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {   if (PHP_VERSION < 6) {     $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;   }   $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);   switch ($theType) {     case "text":       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";       break;        case "long":     case "int":       $theValue = ($theValue != "") ? intval($theValue) : "NULL";       break;     case "double":       $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";       break;     case "date":       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";       break;     case "defined":       $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;       break;   }   return $theValue; } } $colname_Recordset1 = "Request('uname')"; if (isset($_GET['uname'])) {   $colname_Recordset1 = $_GET['uname']; } mysql_select_db($database_conn, $conn); $query_Recordset1 = sprintf("SELECT * FROM userbiao WHERE uname like %s", GetSQLValueString("%" . $colname_Recordset1 . "%", "text")); $Recordset1 = mysql_query($query_Recordset1, $conn) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1);

这是我写的后台按照会员帐户搜索会员的页面代码!    可是能搜索但是搜索出来不显示会员帐户,其他的信息都显示!   请教下代码那里又不对了嘛!  晕呼呼滴!


'700')this.width='700';if(this.offsetHeight>'700')this.height='700';" title="Click Here To EnLarge">

'700')this.width='700';if(this.offsetHeight>'700')this.height='700';" title="Click Here To EnLarge"> 我后来改了请求的变量!
代码如下
<?php require_once('../Connections/conn.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }
  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
$colname_Recordset1 = "1";
if (isset($_GET['uname'])) {
  $colname_Recordset1 = $_GET['uname'];
}
mysql_select_db($database_conn, $conn);
$query_Recordset1 = sprintf("SELECT * FROM userbiao WHERE uname like %s", GetSQLValueString("%" . $colname_Recordset1 . "%", "text"));
$Recordset1 = mysql_query($query_Recordset1, $conn) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>



 之前的是$colname_Recordset1 = "Request('uname')";    
把这个改为了$colname_Recordset1 = "1"; 
然后可以搜索 但是只输入任何帐户  他就只显示和1有关联的帐户信息!

请教怎么回事哦!   那个值改如何写才正确呢!

你可以把值一个个打印出来看看，首先打印下$colname_Recordset1 ，在sql语句前和赋值后打印。然后再把这个的值打印看看，这样就可以GetSQLValueString("%" . $colname_Recordset1 . "%", "text") ，如果都没问题，最后打印下sql语句。这样一步一步下来应该能找到问题所在