尝试
'从查询中删除并
Prepare在添加参数后使用:
cmd = new MySqlCommand("SELECt * FROM admin WHERe admin_username=@val1 AND admin_password=PASSWORd(@val2)", MySqlConn.conn);cmd.Parameters.AddWithValue("@val1", tboxUserName.Text);cmd.Parameters.AddWithValue("@val2", tboxPassword.Text);cmd.Prepare();
