<?php
require_once("db.class.php");

function check_user($username, $password)
{
  require_once("config.php");
  $db = new DB($conf['db']['user'], $conf['db']['password'], $conf['db']['host'], $conf['db']['database']);

  $escaped_username = $db->escape_string($username);

  $db->query("SELECT password FROM person WHERE email='".$escaped_username."'");
  $data = $db->getNextObject();
  if($data->password == md5($password))
    return true;

  return false;
}
?>