diff --git a/php/libraries/SinglePointLogin.class.inc b/php/libraries/SinglePointLogin.class.inc
index fde51a64657..91bc32165ba 100644
--- a/php/libraries/SinglePointLogin.class.inc
+++ b/php/libraries/SinglePointLogin.class.inc
@@ -237,8 +237,8 @@ class SinglePointLogin extends PEAR
         }
 
         // check users table to see if we have a valid user
-        $query = "SELECT COUNT(*) AS User_count, Password_md5, Password_expiry, Active FROM users WHERE UserID = '".$_POST['username']."' GROUP BY UserID";
-        $DB->selectRow($query, $row);
+        $query = "SELECT COUNT(*) AS User_count, Password_md5, Password_expiry, Active FROM users WHERE UserID = :username GROUP BY UserID";
+        $row = $DB->pselectRow($query, array('username' => $_POST['username']));
         if (PEAR::isError($row)) {
             return PEAR::raiseError("DB Error: ".$row->getMessage());
         }
@@ -262,22 +262,6 @@ class SinglePointLogin extends PEAR
                 $this->_username = $_POST['username'];
                 return true;
             }
-            // !!! DELETE ONCE ALL PASSWORDS HAVE BEEN SET TO MD5 SALTS
-            else {
-                // check users table to see if we have a valid user
-                $query = "SELECT COUNT(*) AS User_count FROM users WHERE UserID = '".$_POST['username']."' AND Password = PASSWORD('".$_POST['password']."')";
-                $DB->selectRow($query, $row2);
-                if (PEAR::isError($row2)) {
-                    return PEAR::raiseError("DB Error: ".$row2->getMessage());
-                }
-
-                // user is logged in
-                if ($row2['User_count'] == 1) {
-                    // force password expiry screen
-                    $this->showPasswordExpiryScreen();
-                }
-            }
-            // !!! END DELETE
             // bad usename or password
         }