Creates cookies to keep track of a logged in user. A lot of md5 + server-side secret keeps normal "crackers" from forging tickets. Good for times when you don't have SSL.
UPDATE: For added security, place secret.php outside of your web tree so that if PHP breaks they can't easily reach the hash value. Also, forgot to add the PASSWORD into the
hash! Silly me! TODO: Make the cookies update as the user continually checks in so that the cookies expire after X seconds of INACTIVITY vs. a flat 36000 seconds.