string ID = "";
if (Session["sID"] != null)
{
ID = Session["sID"].ToString();
con.Open();
string surveysr = "Select ShowResult from Survey where SurveyID=" + ID ;
SqlCommand cmd2 = new SqlCommand(surveysr, con);
SqlDataReader dr = cmd2.ExecuteReader();
.............
给出的错误是“Invalid column name 'S29'”问题是,ID 只是 S29,没有单引号。但是,当 sql catch 带有 ''. 任何想法??