例如 “MaterialCode = 'Waston's001' and MediaTypeId =5”
红色部分需要转义,在sql中 应写成 where code = 'Waston''s001';
c#中'Waston\''s001' code = code.Replace("'","\''");
