{$username = mysql_real_escape_string($_POST['username']);$password = $_POST

1. {
2. $username = mysql_real_escape_string($_POST['username']);
3. $password = $_POST['password'];
4. $password = md5($password);
5.  
6. $query = "SELECT * FROM members WHERE username='$username' and password='$password'";
7. $resource = mysql_query($query);
8.  
9. $row = "SELECT FROM `members` WHERE username='$username'";
10. $admin = mysql_query($row);
11. $some = mysql_fetch_assoc($admin);
12.  
13.  
14. if(mysql_num_rows($resource) == '1')
15. {
16.     if($some['access'] = '3')
17.     {
18.         session_start();
19.         $_SESSION['moderator']&&['username'] = htmlentities($username) 
20.     }else
21.         {
22.             session_start();
23.             $_SESSION['username'] = htmlentities($username);
24.             header('location: /index.php');
25.         }
26. }else
27.     {
28.         echo "Wrong username or password";
29.     }
30. }