$username = strtolower($_POST['username']); $password = $_POST['password'];

1.         $username = strtolower($_POST['username']);
2.         $password = $_POST['password'];
3.        
4.         $prepquery = $db->prepare('SELECT * FROM users WHERE ENCRYPT(:password, password) = password AND username = :username');
5.         $prepquery->bindParam(':username', $username);
6.         $prepquery->bindParam(':password', $password);
7.         $prepquery->execute();
8.         $res = $prepquery->fetch(PDO::FETCH_ASSOC);