Fixed a vulnerability in the setup.php file and other code cleanups. Thanks to the person that wishes to remain anonymous for reporting and providing a patch Also added a notice to readme to not use this web app during beta for production use

check_login.php

@@ -1,11 +1,13 @@
 <?php
+	
+	if(!isset($_SESSION)){
+    session_start();
+	}
+
 	//Check to see if setup is enabled
 	if(!isset($config_enable_setup) or $config_enable_setup == 1){
   	header("Location: setup.php");
-	}
-
-	if(!isset($_SESSION)){
-    session_start();
+  	exit;
 	}
 	
 	if(!$_SESSION['logged']){