A second look, and I see this:
if($_SESSION['auth'] != 'y')
{
header("Location: index.php");
}
If session is not given, you would get an undefined issue. Make sure $_SESSION['auth'] exists before putting it in a conditional statement. Likewise, the headers sent (location) won't work properly on other browsers (like Chrome and Safari) without a "status" being sent first.
When you're grabbing your information from the db, you should loop it all into an assoc array and then clear the db request using mysql_free_result(), and then use the array to build your data in a foreach() loop for every member as the array will be filled properly by request.
You should use require_once() on your file calls as using include(), on fail, would cause the script to continue running when I'm pretty sure you don't intend or want that to happen.
If you need assistance, I can help you rewrite some portions.