$user = iconv("utf-8", "gb2312",addslashes(urldecode($_POST['username'])));
$pass = md5(urldecode($_POST['password']));
$SQL = "SELECT `password` FROM " . USER_TABLE . " WHERE `username` = '$user'";
$Result = $DB -> query($SQL);
$Row = $DB -> queryArray($Result);
if($Row['password'] == $pass){
session_register(name');
$_SESSION[name'] = iconv("gb2312", "utf-8",$user);
}