you don't need do "\'", weird, why do you want to do this?string text2 = String.Format("select name, password, flag from admin where name='{0}' and [password]='{1}'", userName.Replace("'","''"),passWord.Replace("'","''"));or you really should use parameters approach
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货