Protecting a Xml based gallery from being locally run

Hi guys and girls,
been up all night, having troubles thinking logically so bare with me…

My question is in relation to an image gallery I have. Users have to register before they can gain access to this gallery through a registration system I have setup. Now that all works fine, but Im wondering whether my login strategy is the safest option and most logical. You see currently a user logs in by filling in a Flash based form (login.swf), which if valid after quering the mysql db then in-turn loads the gallery.swf file which contains the image gallery. Now of coarse due to the caching of the gallery.swf file, and the fact this gallery runs off an xml file any user can run the gallery locally, which is good for useabiloty but terrible for security

Any ideas?
Should I put the login form into gallery.swf? and do away with login.swf?