View difference between Paste ID: <a href="/ukpT6b9Q">ukpT6b9Q</a> and <a href="/vcnBFnUi">vcnBFnUi</a>

<?php
1		<?php
2
3	-	if(isset($_POST['formsub'])) {
3	+	$pdo = new PDO("mysql:host=localhost;dbname=database", 'username', 'password');
4
5		if(isset($_POST['formreg'])) {
6		$username = $_POST['user_input'];
7	-	$pdo = new PDO("mysql:host=localhost;dbname=database", 'username', 'password');
7	+
8
9		$query = $pdo->prepare("INSERT INTO users (user,pass) VALUES (:user_token,:pass_token)");
10		$values = array(
11		"user_token" => $username,
12		"pass_token" => sha1($password)
13		);
14		$query->execute($values);
15		}
16
17		if(isset($_POST['formlog'])) {
18		$username = $_POST['user_input'];
19		$password = $_POST['pass_input'];
20
21	-	<input type="hidden" name="formsub" value="1">
21	+	$query = $pdo->prepare("SELECT * FROM users WHERE user=:user_token LIMIT 1");
22		$values = array(
23		"user_token" => $username
24		);
25		$query->execute($values);
26		$row = $query->fetch(PDO::FETCH_ASSOC);
27		if($row !== false) {
28		if($row["pass"] === sha1($password)) {
29		echo "Login success.";
30		} else {
31		echo "Wrong password.";
32		}
33		} else {
34		echo "Username doesn't exist.";
35		}
36		}
37
38		?>
39
40		<h1>Login</h1>
41		<form action="index.php" method="post">
42		username: <input type="text" name="user_input"><br>
43		password: <input type="password" name="pass_input"><br>
44		<input type="hidden" name="formlog" value="1">
45		<input type="submit">
46		</form>
47
48		<h1>Register</h1>
49		<form action="index.php" method="post">
50		username: <input type="text" name="user_input"><br>
51		password: <input type="password" name="pass_input"><br>
52		<input type="hidden" name="formreg" value="1">
53		<input type="submit">
54		</form>