Untitled

mysql_connect(*);

	if(intval($_COOKIE["logged_in"])==1)
	{
		$test_row = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `username` LIKE '" . $_COOKIE['username'] . "'"));
		if($test_row["session"] != $_COOKIE["session_id"])
		{
			 header( 'Location: index.php?logout=1' ) ;
		}
	}


	function session_gen()
	{
		$length = 10;
		$characters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
		$string = "";
		for ($p = 0; $p < $length; $p++)
		{
			$string .= $characters[mt_rand(0, strlen($characters))];
		}
		return $string;
	}

	function RemoveCookieLive($name)
    {
        unset($_COOKIE[$name]);
        return setcookie($name, NULL, -1);
    }

	if(intval($_GET["logout"])==1)
	{
		mysql_query("UPDATE `u702113482_db`.`users` SET session='null' WHERE username='" . $_COOKIE['username'] . "';");
		RemoveCookieLive("username");
		RemoveCookieLive("logged_in");
		RemoveCookieLive("session_id");
	}

	$logged_in = 0;

	if($_POST["username"])
	{
		$get_row = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `username` LIKE '" . $_POST['username'] . "'"));
		$atp_pass = $_POST["password"];
		$true_pass = $get_row["password"];
		if(hash("md5",$atp_pass) == $true_pass)
		{
			$session_id = $get_row['username'] . "_" . session_gen();
			$logged_in = 1;
			setcookie("logged_in", 1, time()+1200);
			setcookie("username", $_POST['username'], time()+1200);
			setcookie("session_id", $session_id , time()+1200);
			mysql_query("UPDATE `u702113482_db`.`users` SET session='" . $session_id . "' WHERE username='" . $_POST['username'] . "';");
		}
		else
		{
			die("<p>Inccorect details, click <a href='index.php'>here</a> to try again</p>");
		}
	}

	if(intval($_COOKIE["logged_in"]) == 1)
	{
		$logged_in = 1;
	}

	if(!$logged_in)
	{
		include "login.php";
		$user_id = $get_row["id"];
		$cur_un = "Guest";
	}
	else
	{
		if(intval($_COOKIE["logged_in"]) == 1)
		{
			$cur_un = $_COOKIE["username"];
		}
		else
		{
			$cur_un = $_POST["username"];
		}
		include "usercp.php";
	}