<?php $username = strip_tags(substr($_POST['username'],0,32)); $pw = strip_t

1. <?php
2.     $username = strip_tags(substr($_POST['username'],0,32));
3.     $pw = strip_tags(substr($_POST['pw'],0,32));
4.  
5.     $cleanpw = crypt(md5($pw),md5($username)); // crypt and md5 ^^
6.  
7.     $sql = "select username,password from users where user='" .  mysql_real_escape_string($username) . "' and password='" .  mysql_real_escape_string($cleanpw) . "' limit 1";
8.     $result = mysql_query($sql);
9.  
10.     if (mysql_num_rows($result))
11.     {
12.         //we have a match!
13.     } else {
14.         //no match
15.     }
16.  
17. // for nathanpc
18. // by v0id
19. ?>