A few rough bits to polish for the sake of security.

Sessions instead of cookies

Cookies are not a secure way of checking for whether someone is logged in so in functions.php change it to use a session variable instead:

  1. /* comment out */ the old version of the function and keep it just in case
  2. put session_start(); at the top of viewlog.html before any HTML
  3. replace $_COOKIE in the first line
  4. replace setcookie with a line which creates a session variable

Form data

In that same function you have a form which allows the user to input data.  Later you will use a better way to protect from hack attempts via forms (mysqli_real_escape_string) but for now add htmlspecialchars to the lines which put the form data into variables.

The log file

The data in the log file is open to view by anyone as a text file if they guess the URL but you will fix that later by storing it in a secure database.