Проверьте пожалуйста нормально ли написан код. Код (Text): <?php include ("db.php"); session_start(); if(!empty($_SESSION['uid']) and !empty($_SESSION['name'])) { $check = true; }elseif(!empty($_COOKIE['hash']) and !empty($_COOKIE['uid'])){ $ip = $_SERVER['REMOTE_ADDR']; $sql = mysql_query("SELECT s.*, u.* FROM `sess` s INNER JOIN `users` u on s.uid = u.id WHERE `uid` = '".mysql_real_escape_string($_COOKIE['uid'])."' and `hash` = '".mysql_real_escape_string($_COOKIE['hash'])."' and `ip` = '$ip'",$db); if(mysql_num_rows($sql) > 0) { $row = mysql_fetch_assoc($sql); $_SESSION['uid'] = $row['uid']; $_SESSION['name'] = $row['name']; $check = true; }else{ SetCookie("hash",''); SetCookie("uid",''); $check = false; } }elseif(isset($_POST['ok'])) { $name = !empty($_POST['name']) ? trim($_POST['name']) : FALSE; $pass = !empty($_POST['pass']) ? sha1(trim($_POST['pass'])) : FALSE; if($name and $pass) { $ip = $_SERVER['REMOTE_ADDR']; $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHI JKLMNOPRQSTUVWXYZ0123456789"; $code = ""; $clen = strlen($chars) - 1; while (strlen($code) < 10) { $code .= $chars[mt_rand(0,$clen)]; } $hash = md5($code); $sql = mysql_query("SELECT * FROM `users` WHERE `name` = '".mysql_real_escape_string($name)."' and `pass` = '".mysql_real_escape_string($pass)."'",$db); if(mysql_num_rows($sql) > 0) { $row = mysql_fetch_assoc($sql); $uid = $row['id']; SetCookie("hash",$hash,time()+60*60*24*30); SetCookie("uid",$uid,time()+60*60*24*30); $sql = mysql_query("INSERT INTO `sess`(uid,hash,ip) VALUES('$uid','$hash','$ip')",$db); $_SESSION['uid'] = $uid; $_SESSION['name'] = $row['name']; header("Location: /login.php"); }else{ echo'Неправильное имя или пароль'; } }else{ echo'Заполните все поля'; } }else{ $check = false; } if($check == true) { echo 'Привет, '.$_SESSION['name']; }else{ ?> <form action='' method='post'> <input type='text' name='name'><br> <input type='password' name='pass'><br> <input type='submit' name='ok'> </form> <? } ?>