select username from User where username="+username;
select username from User where username='"+username"'";
="+username与='"+username"'"有什么区别
select username from User where username='"+username"'";
="+username与='"+username"'"有什么区别
在者单引号的好处的可以防止SQL注入!