自己其组合起来吧var
SQL: String;
begin
SQL := 'SELECT * FROM user WHERE user.name = "'
+ Text1.Text
+'" AND user.password = "'
+ Text12.Text + '"';
SQL: String;
begin
SQL := 'SELECT * FROM user WHERE user.name = "'
+ Text1.Text
+'" AND user.password = "'
+ Text12.Text + '"';
$text1 = mysql_escape_string($HTTP_GET_VARS['text1']);
$text2= mysql_escape_string($HTTP_GET_VARS['text2']);
$sql = "SELECT * FROM user WHERE name = '$text1' AND password = 'text2'";