$username = mysql_real_escape_string(stripslashes($_REQUEST['name']));
$password = md5(mysql_real_escape_string(stripslashes($_REQUEST['pass'])));

$sql="SELECT * FROM users WHERE  gid= '2' AND username='$username' AND password='$password' ";
$result=@mysql_query($sql);
$count=@mysql_num_rows($result);