Untitled

<?php
session_start();
session_register("user_id","username");
date_default_timezone_set('America/New_York');
@include('includes/config.inc.php');
?>

<body alink=white vlink=white link=white bgcolor=#222333 background=./images/login.gif text=#FFFFFFF>
<br><br><br><br><br><br><br><br><br><br><br><br><br>
<center>
<?php
$get_time= date('Ydhms');
if (!isset($_SESSION['user_id'])) {?>
 <font face='edgewater'>
  <form method='post' name=auth>
   <i>Username</i>&nbsp;&nbsp;
   <input type=text name=login><br><br><i>Password</i>&nbsp;&nbsp;<input type=password name=pass><br><br>
   <input type=submit name=Submit></form><a href=register.php><i>Not Registered Yet? </i></font></a>";
<?php
}
if (isset($_POST['login']) && isset($_POST['pass']) && $_POST['Submit']) {
    $username=htmlentities($_POST['login']);
    $password=md5($_POST['pass']);
    $query=mysql_query("SELECT * FROM `user` WHERE username='$username' and password='$password'");
    if (@mysql_num_rows($query)) {
        $user_meta=mysql_fetch_array($query);
        echo "hi dear $user_meta[username]";
        $_SESSION['user_id']=md5($username);
        $_SESSION['username']=$username;
        $visit_time=mysql_query("UPDATE user SET last_visit='$get_time' where username='$_SESSION[username]'") or die(mysql_error());
        header("location:user.php");
        exit();
    }
}
if (isset($_SESSION['username']))
    echo "<br><br><br><br><a href='user.php'><i><font color=white><center>Proceed to User Control Panel</center></font></i>";
?>
</body>
</html>