SqlCommand com = new SqlCommand("select * from myuser where username=@UserName and password=@Pwd", con);
com.Parameters.Add(new SqlParameter("@UserName", UserName));
com.Parameters.Add( new SqlParameter("@Pwd",Pwd));
SQL参数化
最新推荐文章于 2024-09-15 23:28:35 发布