fix: Update readme.txt Documentation

[sergioceron]

Automated fix by CoderOps.

Swarm: SwarmX3
Task: Update readme.txt Documentation

[Copilot]

Pull request overview

Updates readme.txt to provide end-user documentation for setting up and using the application’s login system.

Changes:

• Replaces the previous brief Spanish note with a structured (Markdown-style) “Login System Documentation”.
• Adds setup, usage, user roles, and security notes, with references to key PHP entrypoints.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Setup docs reference importing a database.sql file, but there is no .sql file in the repo; the current installation path appears to be the web installer under install/ (e.g., install/step1.php / install/update.php) which also creates tables and writes includes/config.php. Update the setup steps to match the actual installation flow (or add the missing SQL dump if that's intended).

Suggested change

	3. Import the provided SQL database file (`database.sql`) into your MySQL database.
	4. Configure the database connection in `includes/config.php` with your database credentials.
	3. Create an empty MySQL database for the application.
	4. Open the installer in your web browser (for example, `install/step1.php`) and follow the on-screen steps.
	5. The installer will create the required database tables and write `includes/config.php` using the database credentials you provide.
	6. If you are upgrading an existing installation, use `install/update.php` instead of the initial setup flow.

[Copilot]

The "User Roles" section doesn’t match the roles implemented in the codebase. Registration and role display use numeric usuario_tipo values 0-3 (Conferencista, Coautor, Asistente, Evaluador), and admin gating is based on $_SESSION['user_role'] == 1 (set from usuario_tipo during login). Please document the actual role values/meanings (and how admin access is determined) so operators know what to set in the DB.

Suggested change

	- **Admin**: Has access to the admin panel and additional admin functionalities.
	- **Evaluator**: Can evaluate submissions on the platform.
	### Security
	- Passwords are hashed using MD5 for security.
	- Sessions are used to maintain user login states.
	### Additional Information
	- Use `action_login.php` for validating and logging users in.
	- Customize user roles and permissions in the database as required.
	The application stores roles in the `usuario_tipo` field using the following numeric values:
	- **0**: Conferencista
	- **1**: Coautor
	- **2**: Asistente
	- **3**: Evaluador
	Admin access is determined during login from the stored `usuario_tipo` value. The session variable `$_SESSION['user_role']` is set from `usuario_tipo`, and admin-only checks use `$_SESSION['user_role'] == 1`. In the current implementation, this means users with `usuario_tipo = 1` have access to the admin panel.
	### Security
	- Passwords are hashed using MD5 for security.
	- Sessions are used to maintain user login states.
	### Additional Information
	- Use `action_login.php` for validating and logging users in.
	- When updating users directly in the database, set `usuario_tipo` to one of the documented numeric values above.

[Copilot]

The security note "Passwords are hashed using MD5 for security" is misleading: MD5 is not considered secure for password storage. If the app currently uses MD5, please document it as a legacy/insecure scheme and strongly recommend migrating to password_hash() / password_verify() (or another adaptive hashing algorithm) rather than presenting MD5 as a security feature.

Suggested change

	- Passwords are hashed using MD5 for security.
	- If the application currently uses MD5 for password hashing, treat it as a legacy/insecure scheme rather than a security feature.
	- Strongly recommended: migrate password storage and verification to PHP's `password_hash()` and `password_verify()` (or another adaptive hashing algorithm).