View difference between Paste ID: <a href="/BgNFuZrA">BgNFuZrA</a> and <a href="/qmNDd02j">qmNDd02j</a>

<?php
1		<?php
2
3		session_start();
4
5		$pdo = new PDO("mysql:host=localhost;dbname=database", 'username', 'password');
6
7		if(isset($_POST['formreg'])) {
8		$username = $_POST['user_input'];
9		$password = $_POST['pass_input'];
10
11		$query = $pdo->prepare("INSERT INTO users (user,pass) VALUES (:user_token,:pass_token)");
12		$values = array(
13		"user_token" => $username,
14		"pass_token" => sha1($password)
15		);
16		$query->execute($values);
17		}
18
19		if(isset($_POST['formlog'])) {
20		$username = $_POST['user_input'];
21		$password = $_POST['pass_input'];
22
23		$query = $pdo->prepare("SELECT * FROM users WHERE user=:user_token LIMIT 1");
24		$values = array(
25		"user_token" => $username
26		);
27		$query->execute($values);
28		$row = $query->fetch(PDO::FETCH_ASSOC);
29		if($row !== false) {
30		if($row["pass"] === sha1($password)) {
31		echo "Login success.";
32		$_SESSION["username"] = $row["user"];
33		} else {
34		echo "Wrong password.";
35		}
36		} else {
37		echo "Username doesn't exist.";
38		}
39		}
40
41		if(isset($_POST['formlogout'])) {
42		session_destroy();
43		}
44
45		?>
46
47		<h1>Login</h1>
48		<form action="index.php" method="post">
49		username: <input type="text" name="user_input"><br>
50		password: <input type="password" name="pass_input"><br>
51		<input type="hidden" name="formlog" value="1">
52		<input type="submit">
53		</form>
54
55		<?php if(isset($_SESSION['username'])): ?>
56		<h1>Logout</h1>
57		<form action="index.php" method="post">
58		<input type="hidden" name="formlogout" value="1">
59		<input type="submit">
60		</form>
61		<?php endif; ?>
62
63		<h1>Register</h1>
64		<form action="index.php" method="post">
65		username: <input type="text" name="user_input"><br>
66		password: <input type="password" name="pass_input"><br>
67		<input type="hidden" name="formreg" value="1">
68		<input type="submit">
69		</form>