What is the PASSWORD supposed to do in your version as I assumed what I put would work, what about changing where PASSWORD is put

PHP Code:
$q sprintf("SELECT * FROM `dbUsers` "WHERE `username`='%s' AND 
`
password`=PASSWORD('%s')) LIMIT 1;--",mysql_real_escape_string($_POST["username"]),
mysql_real_escape_string(
$_POST["password"]) );