<?php$pdo = new PDO("mysql:host=localhost;dbname=database", 'username', 'pas

1. <?php
2.  
3. $pdo = new PDO("mysql:host=localhost;dbname=database", 'username', 'password');
4.  
5. if(isset($_POST['formreg'])) {
6.     $username = $_POST['user_input'];
7.     $password = $_POST['pass_input'];
8.    
9.     $query = $pdo->prepare("INSERT INTO users (user,pass) VALUES (:user_token,:pass_token)");
10.     $values = array(
11.         "user_token" => $username,
12.         "pass_token" => sha1($password)
13.     );
14.     $query->execute($values);
15. }
16.  
17. if(isset($_POST['formlog'])) {
18.     $username = $_POST['user_input'];
19.     $password = $_POST['pass_input'];
20.  
21.     $query = $pdo->prepare("SELECT * FROM users WHERE user=:user_token LIMIT 1");
22.     $values = array(
23.         "user_token" => $username
24.     );
25.     $query->execute($values);
26.     $row = $query->fetch(PDO::FETCH_ASSOC);
27.     if($row !== false) {
28.         if($row["pass"] === sha1($password)) {
29.             echo "Login success.";
30.         } else {
31.             echo "Wrong password.";
32.         }
33.     } else {
34.         echo "Username doesn't exist.";
35.     }
36. }
37.  
38. ?>
39.  
40. <h1>Login</h1>
41. <form action="index.php" method="post">
42. username: <input type="text" name="user_input"><br>
43. password: <input type="password" name="pass_input"><br>
44. <input type="hidden" name="formlog" value="1">
45. <input type="submit">
46. </form>
47.  
48. <h1>Register</h1>
49. <form action="index.php" method="post">
50. username: <input type="text" name="user_input"><br>
51. password: <input type="password" name="pass_input"><br>
52. <input type="hidden" name="formreg" value="1">
53. <input type="submit">
54. </form>