Code:
function VerifyUser( $Username,$Password )
{
		$result = mysql_query( "SELECT Username FROM cb_accounts WHERE Username='$Username' AND Password='$Password'" );
		if ( $row = mysql_fetch_array($result) )
			return true;
		else
			return false;
}
Would you say that this code is optimal or somehow insecure? I always make a check if ( VerifyUser($user,$pass) ).. Usually the logins are stored in a cookie.