This should work if the password is in the db in plain text. If it's encrypted you're not going to get any results from the query. That is why crypt could be handy. You store the passwords in the db with crypt and check it against the crypted entered password. This way you won't be able to get the password from the db, 'cause only the crypted version is ever stored.
I don't really know how to use the MySQL encrpytion in PHP, but from the docs i gather you should be able to create the following query:
SELECT * FROM table WHERE login = '$login' AND password = ENCRYPT('$password')
There are a couple of encrypt/decrypt function you can use in a query:
check the documentation!
Edit: mofo typos