You can use [man]strpos/man to determine if the username is part of the password.
Please store a cryptographic hash of your users' passwords instead of storing them as-is. At the very least, you should combine the password, before hashing, with a salt value specific to each user.
