I'm trying to integrate a script I'm using into a forum site. The problem is my forum uses md5 with salt to protect the passwords.

For the new script to get the user information I'm using this query:

$query = mysql_query("SELECT * FROM forums_users WHERE email='$email'");
$user = mysql_fetch_assoc($query);
$input_pw = md5(md5($password).md5($user['salt']));
if($input_pw == $user['password'])
{ $user_info = $user;}

But I get stuck with this statement. I think there's something I'm doing wrong here:

if(mysql_num_rows(mysql_query("SELECT * FROM forums_users WHERE email='$email' AND password='$input_pw'")) == 0) {
$is_error = "yes";
$error = "The login information you have provided is invalid.";}