I dont know what to do anymore, when i login it's cool and then when i return back it logs me out but cookies arent destroyed, i want on whatever page i go to stay logged on, and yep, SUBMIT buttons i can press it because when i log in its not hidden, please help, im on the edge of losing it, improve my code if its wrong, and i know it is
<?php
error_reporting(0);
$con = mysqli_connect("localhost","root","","samp");
if (mysqli_connect_errno())
{
echo "Failed to connect to the database: " . mysqli_connect_error();
die();
}
session_start();
if(!empty($_POST['username']) && !empty($_POST['password']))
{
$userName = isset($_POST["username"]) ? $_POST["username"] : null;
$userPass = isset($_POST["password"]) ? $_POST["password"] : null;
$hashedPass = hash('whirlpool', $userPass);
$query = "SELECT Ime FROM Igraci WHERE Ime = '$userName' AND Lozinka = '$hashedPass'";
$result = mysqli_query( $con, $query);
$row = mysqli_fetch_array($result);
if($row)
{
$session = md5($userName.$hashedPass);
mysqli_query($con, "UPDATE Igraci SET session = '$session' WHERE Ime = '$userName' AND Lozinka = '$hashedPass'");
setcookie("login", $userName,time()+3600);
echo "You are now logged in with hash: ".htmlspecialchars($_COOKIE["login"]). ' <a href="index.php?logout=1">logout</a>?';
header('index.php');
}
else
{
die('Account has not been found.');
}
}
if(isset($_GET['logout']))
{
setcookie("login", "", time()-60);
exit(); # stop executing here
header('index.php');
}
if(isset($_COOKIE["login"]) && mb_strlen(isset($_COOKIE["login"]) == '32'))
{
$session = $con->real_escape_string($_COOKIE["login"]);
$query = "SELECT Ime FROM Igraci WHERE session = '$session' LIMIT 1";
$result = mysqli_query( $con, $query); $row = mysqli_fetch_array($result);
if($row['Ime'])
{
echo "User is already logged in with username ".$row['Ime']. " and hash: ".htmlspecialchars($_COOKIE["login"]). ' <a href="index.php?logout=1"> logout</a>?';
exit();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Roleplay Factory User Control Panel</title>
<link rel="stylesheet" type="text/css" href="style.css">
<link href='https://fonts.googleapis.com/css?family=Roboto:300' rel='stylesheet' type='text/css'>
</head>
<body>
<h1>Welcome, please login to your account.</h1>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="text" placeholder = "Username" name="username">
<input type="password" placeholder = "Password" name="password">
<input type="submit" name="login_button" value="Login">
</form>
<div class="footer">
<p>roleplay factory © 2016 all rights reserved</p>
</div>
</body>
</html>