$uname = $dbh->quote($uname);
$pword = $dbh->quote($pword);
my $tablename = 'members_pass';
my @row = ();
# no need for the if statement, we have asked that question in MySQL
my $sth = $dbh->prepare("SELECT * FROM `$tablename`
WHERE `username` = $uname
AND `password` = $pword
LIMIT 1 ;");
$sth->execute;
@row = $sth->fetchrow;
$sth->finish;

print "@row" if @row;
[download]