asp.net C#ÃüÃû²ÎÊýSqlParameterÏê½â

DBHelper:
         /// <summary>
        /// Ö´Ðвéѯ
        /// </summary>
        /// <param name="sql">ÓÐЧµÄselectÓï¾ä</param>
        /// <returns>·µ»ØSqlDataReader</returns>
        public static SqlDataReader ExecuteReader(string sql)
        {
            SqlConnection con = new SqlConnection(constring);
            con.Open();
            SqlCommand cmd = new SqlCommand(sql, con);
            return cmd.ExecuteReader(CommandBehavior.CloseConnection);
        }
        /// <summary>
        /// Ö´Ðвéѯ´ø²ÎÊý
        /// </summary>
        /// <param name="sql">ÓÐЧµÄselectÓï¾ä</param>
        /// <returns>·µ»ØSqlDataReader</returns>
        public static SqlDataReader ExecuteReader(string sql,SqlParameter parameter)
        {
            SqlConnection con = new SqlConnection(constring);
            con.Open();
            SqlCommand cmd = new SqlCommand(sql, con);
            cmd.Parameters.Add(parameter);
&nbs