Untitled

<?php
function encrypt($string){
    return base64_encode(base64_encode(base64_encode($string)));
}

function decrypt($string){
    return base64_decode(base64_decode(base64_decode($string)));
}
    include('../database.php');
    $mail = mysql_real_escape_string($_POST['email']);
    $pass = mysql_real_escape_string(encrypt($_POST['password']));
    $my = mysql_query("SELECT * FROM user WHERE email = '$mail' and password = '$pass'");
    $jumlah = mysql_num_rows($my);
    $fetch = mysql_fetch_array($my);
    $today = mysql_real_escape_string(date('Y-m-d | H:i:s'));
    $ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
    $simpan = mysql_query("UPDATE user SET ip_user = '$ip' WHERE email = '$mail'");
    if ( $jumlah == 0 )
    {
        header('Location:index.php?message=Wrong_Login');
?>
<?php
        } else
    {
    $uq = mysql_query("INSERT INTO visit (`id`, `ip_user`, `tanggal`, `action`) VALUES (NULL, '$ip', '$today', 'Login With User : $user')");
    $banned = $fetch['banned'];
    $banned_reason = $fetch['banned_reason'];
    if ( $banned == 1 )
    {
        header("Location:../page-error-404.html?banned=yes&email=$mail&message=Cannot Join On This Site.");
    } else
    {
    session_start();
      $_SESSION['email'] = $mail;
      $_SESSION['password'] = $pass;
      $_SESSION['level'] = $fetch['level'];
      header('Location:page-pin.php');
    }
    }

?>