Code:
if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['password']))) ) {
$password = $_POST['password'];
$password = mysql_real_escape_string($password);
$result = mysql_query("SELECT * FROM users WHERE username= '$username', password =...