Hiding Password During Registration in PHP

The password input field is typically an input with type password, where entered characters are hidden under asterisks. This is done so that a malicious actor cannot peek at the user's password over their shoulder during registration.

Hiding the password in this way is certainly good, but there is a problem - the user does not see what they are entering. They might make a mistake while entering a character and register with a different password than intended. This would be unfortunate:(, as they then won't be able to log in to the site.

There is a standard solution to this problem: the user is shown two inputs for entering the password - in the first input they enter the password, and in the second input - its confirmation, i.e., the same password a second time:

<form action="" method="POST">
	<input name="login">
	<input type="password" name="password">
	<input type="password" name="confirm">
	<input type="submit">
</form>

Our site's task is to check that the password and its confirmation match, as it is logical that in this case the user entered exactly what they intended to enter:

<?php
	if (!empty($_POST['login']) and !empty($_POST['password']) and !empty($_POST['confirm'])) {
		if ($_POST['password'] == $_POST['confirm']) {
			// register
		} else {
			// display a message about the mismatch
		}
	}
?>

Modify your code so that when the form is submitted, the password is compared to its confirmation. If they match - proceed with registration, and if they don't match - display a message about it.