MySQL Expression One:
string userName = InputUser.Text.ToString().Trim();
string judgeStr = "select * from users where username='"+userName+"'";
MySQL Expression Two:
string userName = InputUser.Text.ToString().Trim();
string judgeStr = "select * from users where username='@username'";
judgeCmd.Parameters.AddWithValue("@username", userName);
结果应该不一样?