help with php login system

Beginners - Learning PHP
#1

I’m trying to put together an account system for the website of a minecraft server I run-
theres a registration system in-game that supplies the passwords in an SHA1 hash, stores them and the usernames in a mysql table, so I’ve pieced together the login process from various tutorials (I’m not new to php, just inexperienced with it ).

the script is supposed to connect to the database, and see if the users entered username and password match anything in the table, but when I attempt to login I get
The following error(s) occured:
Array

not sure where I went wrong, if anyone can help me out it’d be greatly appreciated!
actually any advice/tips/tricks or anything helpful at all about the code in general is appreciated, I’m hoping to do this right and learn more about using mysql data in php.

the script:

<?php
//if page was reached by the form
if(isset($_POST['submit'])){
 // Create connection
$con=mysqli_connect("localhost","root","weed45654","authme");

// Check connection
if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
 // protect function (?)
function protect($value){
    return mysql_real_escape_string(trim(strip_tags($value)));
}

//session_start();
ob_start();
//define username and password from post data
$username = protect($_POST['username']);
$password = $_POST['password'];

//error check i still dont quite understand
$errors[] = array();

if(!$username){
    $errors[] = "You did not supply a username!";
}

if(!$password){
    $errors[] = "You did not supply a password!";
}


if(count($errors) >= 1){
    echo "The following error(s) occured:<br>\n";
        foreach($errors AS $error){
            echo $error . "<br>\n";
        }
}else {
//mysql query
    $sql = "SELECT * FROM `authme` WHERE `username`='".$username."' AND `password`='".SHA1($password)."'";
    $res = mysqli_query($sql) or die(mysqli_error());
//returns no results error?
    if(mysqli_num_rows($res) == 0){
        echo "Username and password combination incorrect!";
        }else {
            $row = mysqli_fetch_assoc($res2);
			//setting cookie session on remember me
        if (isset($_POST['rememberme'])) {
            /* Set cookie to last 1 year */
            setcookie('username', $_POST['username'], time()+60*60*24*365, '/', 'www.shed-craft.com');
            setcookie('password', md5($_POST['password']), time()+60*60*24*365, '/', 'www.shed-craft.com');
        
        } else {
            /* Cookie expires when browser closes */
            setcookie('username', $_POST['username'], false, '/', 'www.shed-craft.com');
            setcookie('password', md5($_POST['password']), false, '/', 'www.shed-craft.com');
        }
        }
    }
//dont know?
ob_end_flush();
//if the page wasn't reached by the form, close with error
}else {
    echo "You are accessing this page incorrectly!";
}

?>

authme is the name of both the database and table, and I’ve only written the login process and form so far, not sure how to do anything with cookies yet.

#2

Your problem is this line:

[php]$errors[] = array();[/php]

This has a very specific significance. $errors[] means “add a new element to $errors”. array() is an empty array.

Assume you start with $errors being undefined. So, in other words, array(). You then use the line of code you’ve put. Your array suddenly has one item inside it, which is an empty array. as a result, count($errors) returns 1 and not the 0 you expect.

To fix this:
[php]$errors = array();[/php]
Provides an initialization for $errors as an empty array with zero initial members.

Sponsor our Newsletter | Privacy Policy | Terms of Service