这串代码有问题吗
string id = Request.QueryString["id"];
string sql = "select * from BookInfo where id =@id";
DataTable table = DAB.ExecuteDataTable(sql);
SqlConnection con = new SqlConnection();
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.Add(new SqlParameter("@id", SqlDbType.Int)).Value = Request.QueryString["id"];
cmd.ExecuteNonQuery();
cmd.Parameters.Add(new SqlParameter("@id", SqlDbType.Int)).Value = Request.QueryString["id"];