do_activate_user.php at Simple SMS Site Software

<?php 
/******************************************************************************
************** Simple SMS Site Software *********************************
************** SSSSv1.0*****************************************************
************** by (aq) limited http://aql.com *******************************
************** All Rights Reserved ******************************************
************** Please read COPYRIGHT file prior to modification********
********************************************************************************/
session_start();

include("inc/header.inc.php");

$activate_user = $_GET['user'];
$activate_pass = $_GET['pword'];

$query = "SELECT password FROM users WHERE username LIKE '$activate_user'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
?>
<table width="400">
 <tr>
  <td>
<?
if ($row[0] == "$activate_pass") {

	$query = "UPDATE `users` SET `locked` = 'no' WHERE `username` = '$activate_user' LIMIT 1";
	$result = mysql_query($query);
	if (!$result) {
	   	echo 'Could not run query: ' . mysql_error();
		exit;
	}
	else {
		?>
		Account activated.
		<?
	}
}
else {
	?><p align="center"><?echo "User name $activate_user could not be activated";?></p><?
}
include("inc/footer.inc.php");
?>