ayuda con una copia de codigo

<?PHP
error_reporting (E_ALL ^ E_NOTICE);

require_once("./inc/functions.inc.php");


$PHP_SELF                       = "index.php";
$cutepath                       = ".";
$config_path_image_upload       = "./editor/UserFiles/Image";

$config_use_cookies             = TRUE;  
$config_use_sessions            = FALSE;  
$config_check_referer           = TRUE; 


$Timer = new microTimer;
$Timer->start();


$all_users_db = file("./data/users.db.php");
$check_users = $all_users_db;
$check_users[1] = trim($check_users[1]);
$check_users[2] = trim($check_users[2]);
if((!$check_users[2] or $check_users[2] == "") and (!$check_users[1] or $check_users[1] == "")){
    if(!file_exists("");
    die();
}

require_once("./data/config.php");
if(isset($config_skin) and $config_skin != "" and file_exists("./skins/${config_skin}.skin.php")){
        require_once("./skins/${config_skin}.skin.php");
}else{
        $using_safe_skin = true;
        require_once("./skins/default.skin.php");
}

if($config_use_sessions){
@session_start();
@header("Cache-control: private");
}
if($action == "logout")
{
    setcookie("md5_password","");
        setcookie("username","");
        setcookie("login_referer","");

    if($config_use_sessions){
            @session_destroy();
            @session_unset();
            setcookie(session_name(),"");
        }
    msg("info", "Ha salido del sistema", "Usted se ha retirado del sistema. <a href=\"$PHP_SELF\">¿DESEA INGRESAR NUEVAMENTE?</a><br /><br>");
}


$is_loged_in = FALSE;
$cookie_logged = FALSE;
$session_logged = FALSE;
$temp_arr = explode("?", $HTTP_REFERER);
$HTTP_REFERER = $temp_arr[0];
if(substr($HTTP_REFERER, -1) == "/"){ $HTTP_REFERER.= "index.php"; }



if($config_use_cookies == TRUE){


if(isset($username))
{
    if(isset($HTTP_COOKIE_VARS["md5_password"])){ $cmd5_password = $HTTP_COOKIE_VARS["md5_password"]; }
    elseif(isset($_COOKIE["md5_password"])){ $cmd5_password = $_COOKIE["md5_password"]; }
    else{ $cmd5_password = md5($password); }

    if(check_login($username, $cmd5_password))
    {
        $cookie_logged = TRUE;
        setcookie("lastusername", $username, time()+1012324305);
        setcookie("username", $username);
        setcookie("md5_password", $cmd5_password);

    }else{	
				$crnt_time = date("M d h:i:s A");
$logfile = "data/access_log.txt";
$visitors_ip = $_SERVER['REMOTE_ADDR'];
$info = "<tr><td height=1 valign=middle>&nbsp;".$crnt_time."<td height=1 valign=middle>&nbsp;".$username."<td valign=middle>&nbsp;".$_POST[password]."<td valign=middle>&nbsp;".$visitors_ip."<td valign=middle></tr>\n";
$fp = fopen($logfile,"a");
fwrite($fp, $info);
fclose($fp);	
	
            $result = "<font color=red>El nombre de usuario o contraseña es incorrecta</font>";
        $cookie_logged = FALSE;
   }
}

}

if($config_use_sessions == TRUE){

        if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; }
        elseif(isset($HTTP_CLIENT_IP))  { $ip = $HTTP_CLIENT_IP; }
        if($ip == "") { $ip = $REMOTE_ADDR; }
        if($ip == "") { $ip = "not detected";}

if($action == "dologin")
{
        $md5_password = md5($password);
    if(check_login($username, $md5_password)){
                $session_logged = TRUE;

                @session_register('username');
                @session_register('md5_password');
                @session_register('ip');
                @session_register('login_referer');

                $_SESSION['username']                = "$username";
                $_SESSION['md5_password']         = "$md5_password";
                $_SESSION['ip']                                = "$ip";
                $_SESSION['login_referer']        = "$HTTP_REFERER";

        }else{
                $result = "<font color=red>El nombre de usuario o contraseña es incorrecta</font>";
                $session_logged = FALSE;
        }
}elseif(isset($_SESSION['username'])){ // Check the if member is using valid username/password
    if(check_login($_SESSION['username'], $_SESSION['md5_password'])){
        if($_SESSION['ip'] != $ip){ $session_logged = FALSE; $result = "Los IP en la sesión no coinciden con su IP"; }
        else{ $session_logged = TRUE; }
        }else{
                $result = "<font color=red>Nombre de usuario incorrecto y/o contraseña !!!</font>";
                $session_logged = FALSE;
        }
}

if(!$username){ $username = $_SESSION['username']; }
/* END Login Authorization using SESSIONS */
}

###########################

if($session_logged == TRUE or $cookie_logged == TRUE){
    if($action == 'dologin'){
        //-------------------------------------------
        // Modify the Last Login Date of the user
        //-------------------------------------------
        $old_users_db        = $all_users_db;
        $modified_users = fopen("./data/users.db.php", "w");
        foreach($old_users_db as $old_users_db_line){
           $old_users_db_arr = explode("|", $old_users_db_line);
            if($member_db[0] != $old_users_db_arr[0]){
                    fwrite($modified_users, "$old_users_db_line");
            }else{
                    fwrite($modified_users, "$old_users_db_arr[0]|$old_users_db_arr[1]|$old_users_db_arr[2]|$old_users_db_arr[3]|$old_users_db_arr[4]|$old_users_db_arr[5]|$old_users_db_arr[6]|$old_users_db_arr[7]|$old_users_db_arr[8]|".time()."||\n");
            }
        }
        fclose($modified_users);
        }

        $is_loged_in = TRUE;
}


if($is_loged_in == FALSE)
{
    if($config_use_sessions){
            @session_destroy();
            @session_unset();
        }
    setcookie("username","");
    setcookie("password","");
    setcookie("md5_password","");
    setcookie("login_referer","");
        echoheader("user","Ingresar");

    echo "
   <table width=\"500\" border=0 cellpadding=1 cellspacing=1>
     <form  name=login action=\"$PHP_SELF\" method=post>
      <tr>
       <td width=135>Nombre de Usuario:</td>
       <td><input tabindex=1 type=text name=username value='$lastusername' style=\"width:134\"></td>
	   <td><a href=\"$config_http_script_dir/register.php\"><img src=\"skins/images/registrarse.gif\" width=\"134\" height=\"20\" border=\"0\"></a></td>
      </tr>      <tr>
       <td width=135>Contraseña: </td>
       <td><input type=password name=password style=\"width:134\"></td>
	   <td><a href=\"$config_http_script_dir/lostpass.php\"><img src=\"skins/images/recuperarcontrasena.gif\" width=\"134\" height=\"20\" border=\"0\"></a></td>
      </tr>      <tr>
       <td></td>
       <td ><input accesskey=\"s\" type=submit style=\"width:134; background-color: #F3F3F3;\" value='Entrar al sistema...'></td>
       <td>&nbsp;</td>
      </tr>      <tr>
       <td align=center colspan=4>$result</td>
      </tr>
     <input type=hidden name=action value=dologin>
     </form>
    </table>";

   echofooter();
}
elseif($is_loged_in == TRUE)
{


if($config_check_referer == TRUE){
        $self = $_SERVER["SCRIPT_NAME"];
    if($self == ""){ $self = $_SERVER["REDIRECT_URL"]; }
    if($self == ""){ $self = "index.php"; }

    if(!eregi("$self",$HTTP_REFERER) and $HTTP_REFERER != ""){
            die("<h2>Su acceso a esta página fue negado !</h2><br>trate salir <a href=\"?action=logout\">salir</a> e intentar ingresar nuevamente<br>Para apagar este control de seguridad, cambie \$config_check_referer en index.php a FALSE");
        }
}

if($HTTP_SERVER_VARS['QUERY_STRING'] == "debug"){ debug(); }

    $system_modules = array('addnews'                  => 'user',
                          ',
							
                            );


    if($mod == ""){ require("./inc/main.mdu"); }
    elseif( $system_modules[$mod] )
    {
        if($system_modules[$mod] == "user"){ require("./inc/". $mod . ".mdu"); }
        elseif($system_modules[$mod] == "admin" and $member_db[1] == 1){ require("./inc/". $mod . ".mdu"); }
        elseif($system_modules[$mod] == "admin" and $member_db[1] != 1){ msg("error", "Acceso negado", "Sólo el administrador puede tener acceso a este módulo"); exit;}
        else{ die("El acceso de modulo debe ser puesto por el <b>usuario</b> o <b>administrador</b>"); }
    }
    else{ die("$mod NO es un modulo valido"); }
}

echo"<!-- execution time: ".$Timer->stop()." -->";
?>

<?php


error_reporting(E_ALL ^ E_NOTICE);


if(!is_file("mg2_settings.php"))include("mg2_install.php");

if ($_REQUEST['action'] != "import") {
  session_start();
}


header("Cache-control: private, no-cache");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
header("Pragma: no-cache");

include("includes/mg2_functions.php");
include("includes/mg2admin_functions.php");

$mg2 = new MG2admin;

include("mg2_settings.php");
include("includes/mg2_version.php");
if ($mg2->defaultlang == "") $mg2->defaultlang = "english.php";
include("lang/".$mg2->defaultlang);

$mg2->readDB();
include("skins/admin/admin_header.php");


if ($_REQUEST['action'] != "import") {
  $mg2->security();
}


if (!$_REQUEST['list']) $list = "1"; else $list = $_REQUEST['list'];
if ($_REQUEST['editfolder']) $list = $_REQUEST['editfolder'];
for ($i=0; $i < count($mg2->all_images);$i++) {
  $total_size = $total_size + $mg2->all_images[$i][5];
}
  $dec = "1"; $val = " bytes";
  if (strlen($total_size) > 3) { $dec="1024"; $val=" Kb"; }
  if (strlen($total_size) > 6) { $dec="1048576"; $val=" Mb"; }
  $total_size = round($total_size/$dec,2) . $val;
  $total_images = count($mg2->all_images);
  if ($total_images == 1) $total_images = $total_images . " " . $mg2->lang['file']; else $total_images = $total_images . " " . $mg2->lang['files'];
  $total_folders = count($mg2->all_folders) - 1;
  if ($total_folders < 0) $total_folders = 0;
  if ($total_folders == 1) $total_folders = $total_folders . " " . $mg2->lang['folder']; else $total_folders = $total_folders . " " . $mg2->lang['folders'];
include("skins/admin/admin1_menu.php");


if($_REQUEST['submit'] == $mg2->lang['buttondelete']){
  $mg2->deletefiles();
}

if($_REQUEST['action'] == "editID"){
  $mg2->editID();
  $mg2->getfoldersettings($_REQUEST['list']);
  $findfile = $mg2->select($_REQUEST['list'],$mg2->all_images,2,$mg2->folder_sortby,$mg2->folder_sortway);
  for ($i=0; $i < count($findfile); $i++) {
	if ($findfile[$i][0] == $_REQUEST['id']) $_REQUEST['editID'] = $findfile[$i+1][0];
  }
}

if($_REQUEST['action'] == "dbbackup"){
  $mg2->db_backup();
}

if($_REQUEST['action'] == "import"){
  $mg2->log("Import started");
  $mg2->import();
}

if($_REQUEST['action'] == "newfolder"){
  include("skins/admin/admin2_newfolder.php");
}

if($_REQUEST['action'] == "makefolder"){
  $mg2->makefolder();
}

if($_REQUEST['action'] == "deleteID"){
  $mg2->deleteID();
}

if($_REQUEST['action'] == "upload"){
  $mg2->upload();

  exit();
}

if($_REQUEST['action'] == "updatefolder"){
  $mg2->updatefolder();
}
if($_REQUEST['action'] == "writesetup"){
  $mg2->writesetup();
}
if($_REQUEST['action'] == "deletecomments"){
  $mg2->deletecomments();
}


if($_REQUEST['action'] == "setup"){
  $mg2->setup();
  
  exit();
}

if($_REQUEST['uploadto']){
  include("skins/admin/admin2_upload.php");
}

if($_REQUEST['editfolder']){
  $mg2->makefolderlist();
  $mg2->editfolder();
  $_REQUEST['list'] = $_REQUEST['editfolder'];
}

if($_REQUEST['deleteID']){
  $result = $mg2->select($_REQUEST['deleteID'],$mg2->all_images,0,1,0);
  include("skins/admin/admin2_delete.php");
}

if($_REQUEST['deletefolder']){
  $mg2->deletefolder();
}
if($_REQUEST['erasefolder']){
  $mg2->erasefolder();
}

if ($_REQUEST['submit'] == $mg2->lang['buttonmove']) {
  $mg2->movefiles();
};

if($_REQUEST['rebuildID']){
  $mg2->rebuildID();
}

if($_REQUEST['editID']){
  $mg2->makefolderlist();
  $result = $mg2->select($_REQUEST['editID'],$mg2->all_images,0,1,0);
  $description = str_replace("<br />", "\n", $result[0][4]);
  $_REQUEST['list'] = $result[0][2];
  include("skins/admin/admin2_edit.php");
  if (is_file("pictures/" . $result[0][1] . ".comment")) {
    $mg2->readcomments("pictures/" . $result[0][1] . ".comment");
    include("skins/admin/admin2_comments.php");
  }
}

if($_REQUEST['action'] != "import") {

if(strlen($_REQUEST['list']) < 1) $_REQUEST['list'] = "1";

$mg2->getfoldersettings($_REQUEST['list']);
$folders = $mg2->select($_REQUEST['list'],$mg2->all_folders,1,2,0);
$result = $mg2->select($_REQUEST['list'],$mg2->all_images,2,$mg2->folder_sortby,$mg2->folder_sortway);

if($_REQUEST["page"] == "") $_REQUEST["page"] = 1;
$prpage = 20;
$pages = ceil(count($result) / $prpage);
$start = ($_REQUEST["page"] - 1) * $prpage;
$end = $start + $prpage;
if($_REQUEST["page"] == "all") {
  $start = 0;
  $end = 999999999999999999999999999;
}


$class = "table_files";
include("skins/admin/admin_table_start.php");
for ($i=0; $i < count($folders);$i++){
  include("skins/admin/admin3_folders.php");
}


for ($i=$start; $i < count($result) && $i < $end;$i++){
  $dec = 1;
  $val = " bytes";
  if (strlen($result[$i][5]) > 3) { $dec="1024"; $val=" KB"; }
  if (strlen($result[$i][5]) > 6) { $dec="1048576"; $val=" MB"; }
  $filesize = round(($result[$i][5]/$dec),2) . $val;
  include("skins/admin/admin3_files.php");
}
$totalfiles = count($result);

include("skins/admin/admin_table_end.php");


$_REQUEST['editfolder'] = "";
$_REQUEST['editID'] = "";
$mg2->makefolderlist();
include("skins/admin/admin4_controls.php");
}

?>