Check if two textbox value is same in php

Question

I've created a add user page where users can be added to the database, the code is below i would want to compare two textbox and if they are matching(password=conform password) then it should be inserted in the database , how can i achieve that in php

<?php
    require("../connect.php");
    error_reporting(0);
    /*
    if(!(adminsessioncheck()))
    header('location:index.php'); */

    if(isset($_POST['add']))
    {
        $username=$_POST['username'];
        $password=$_POST['password'];


         mysql_query("INSERT INTO user VALUES('','$username','$password')") or die(mysql_error());
   }

?>


   <div style=" width:250px; margin-left:auto; margin-right:auto;">
   <div class="heading1" style="text-align:center">Add a new User</div>
   <br>
   <form action="" method="post" onsubmit="msgbox()">
     <table width="330" height="135" border="0" class="text">
<tr>
    <td><label>User Name</label></td>
    <td><input type="text" name="username" id="username" required></td> 
    </tr>

    <tr>
    <td><label>Password</label></td>
    <td><input type="password" id="password" name="password" required></td>
    </tr>

    <tr>
    <td><label>Confirm Password</label></td>
    <td><input type="password" id="cpassword" name="cpassword" required></td>
    </tr>

    <tr><td></td></tr>
    <tr><td></td></tr>

<tr><td></td><td align="center"><input type="submit" name="add" value="Add"></td></tr>
</table>
  </form>
 </div>


   </div>

Answer 1

Simple.

if($_POST['password'] !== $_POST['cpassword']) {
    header("location:index.php")
} else {
    mysql_query("INSERT INTO user VALUES('','$username','$password')") or die(mysql_error());
}

Answer 2

 if(isset($_POST['add']))
{
        $username=$_POST['username'];
        $password=$_POST['password'];
        if ($_POST['password']!= $_POST['cpassword'])
        {
        echo("Password did not match! Try again. ");
        }
        else
        {
        mysql_query("INSERT INTO user VALUES('','$username','$password')") or die(mysql_error());
       }
}

Answer 3

To only check after post you can do this.

if(isset($_POST['add']))
{
    $username=mysql_real_escape_string($_POST['username']);
    $password=mysql_real_escape_string($_POST['password']);

   if($_POST['password'] == $_POST['cpassword'])
     mysql_query("INSERT INTO user VALUES('','$username','$password')") or die(mysql_error());
   else
      //create error message

 }

But it would be better to check before posting. Also NEVER insert unsanitized data into your database! ever! Plus others will tell you so i might as well mention mysql is deprecated, check out mysqli instead.