I'm trying to get my query to work for this PHP but I'm getting a "Invalid Parameter Number: number of bound variables do not match number of tokens" This is a snippet of my PHP:
<?php
/*
Our "config.inc.php" file connects to database every time we include or require
it within a php script. Since we want this script to add a new user to our db,
we will be talking with our database, and therefore,
let's require the connection to happen:
*/
require("configmob.php");
//if posted data is not empty
if (!empty($_POST)) {
//If the username or password is empty when the user submits
//the form, the page will die.
//Using die isn't a very good practice, you may want to look into
//displaying an error message within the form instead.
//We could also do front-end form validation from within our Android App,
//but it is good to have a have the back-end code do a double check.
if (empty($_POST['FirstName']) || empty($_POST['LastName'])) {
// Create some data that will be the JSON response
$response["success"] = 0;
$response["message"] = "Please Enter Both a First Name and a Last Name.";
//die will kill the page and not execute any code below, it will also
//display the parameter... in this case the JSON data our Android
//app will parse
die(json_encode($response));
}
//if the page hasn't died, we will check with our database to see if there is
//already a user with the username specificed in the form. ":user" is just
//a blank variable that we will change,Spot FROM Reservation WHERE Date = ':Date' AND Time = ':Time' AND Spot = ':Spot' ";
//now lets update what :user should be
$query = "Select * FROM Reservation WHERE Date = ':Date' AND TimeIn = ':TimeIn' AND Spot = ':Spot'";
$query_params = array(':Date' => $_POST['Date'] , ':TimeIn' => $_POST['Time'] , ':Spot' => $_POST['Spot']
);
//Now let's make run the query:
try {
// These two statements run the query against your database table.
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
// For testing, you could use a die and message.
//die("Failed to run query: " . $ex->getMessage());
//or just use this use this one to product JSON data:
$response["success"] = 0;
$response["message"] = $ex->getMessage();
die(json_encode($response));
}
//fetch is an array of returned data. If any data is returned,
//we know that the username is already in use, so we murder our
//page
$row = $stmt->fetch();
if ($row) {
// For testing, you could use a die and message.
//die("This username is already in use");
//You could comment out the above die and use this one:
$response["success"] = 0;
$response["message"] = "I'm sorry, this Reservation is already Taken";
die(json_encode($response));
}
//If we have made it here without dying, then we are in the clear to
//create a new user. Let's setup our new query to create a user.
//Again, to protect against sql injects, user tokens such as :user and :pass
$query = "INSERT INTO Reservation (Fname, Lname, Garno, Gname, EmpID, CustID, License, Floor, Spot, TimeIn, TimeOut, Date, Confirmation)
VALUES (:Fname, :Lname, :Garno, :Gname, :EmpID, :CustID, :License, :Floor, :Spot, :TimeIn, :TimeOut, :Date, :Confirmation) ";
//Again, we need to update our tokens with the actual data:
$query_params = array(
':Fname' => $_POST['FirstName'],
':Lname' => $_POST['LastName'],
':Gname' => $_POST['Garage'],
':Date' => $_POST['Date'],
':TimeIn' => $_POST['Time'],
':Spot' => $_POST['Spot'],
':Confirmation' => $_POST['Confirmation'],
);
//time to run our query, and create the user
try {
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
// For testing, you could use a die and message.
//die("Failed to run query: " . $ex->getMessage());
//or just use this use this one:
$response["success"] = 0;
$response["message"] = $ex->getMessage();
die(json_encode($response));
}
//If we have made it this far without dying, we have successfully added
//a new user to our database. We could do a few things here, such as
//redirect to the login page. Instead we are going to echo out some
//json data that will be read by the Android application, which will login
//the user (or redirect to a different activity, I'm not sure yet..)
$response["success"] = 1;
$response["message"] = "Reservation Added!!";
echo json_encode($response);
//for a php webservice you could do a simple redirect and die.
//header("Location: loginmob.php");
//die("Redirecting to loginmob.php");
} else {
?>
<h1>Register</h1>
<form action="register.php" method="post">
Username:<br />
<input type="text" name="username" value="" />
<br /><br />
Password:<br />
<input type="password" name="password" value="" />
<br /><br />
<input type="submit" value="Register New User" />
</form>
<?php
}
?>
Thank you for the help!
This is what I found in your second statement:
$query = "Select * FROM Reservation WHERE Date = ':Date' AND TimeIn = ':Time' AND Spot = ':Spot'";
$query_params = array(':Date' => $_POST['Date'] , ':TimeIn' => $_POST['Time'] , ':Spot' => $_POST['Spot']
);
Your :TimeIn should be :Time like follows:
$query_params = array(':Date' => $_POST['Date'] , ':Time' => $_POST['Time'] , ':Spot' => $_POST['Spot']
Update:
Also in your second query you have :Garno missing, please try the following:
$query = "INSERT INTO Reservation (Fname, Lname, Garno, Gname, EmpID, CustID, License, Floor, Spot, TimeIn, TimeOut, Date, Confirmation)
VALUES (:Fname, :Lname, :Garno, :Gname, :EmpID, :CustID, :License, :Floor, :Spot, :TimeIn, :TimeOut, :Date, :Confirmation) ";
//Again, we need to update our tokens with the actual data:
$query_params = array(
':Fname' => $_POST['FirstName'],
':Lname' => $_POST['LastName'],
':Garno' => $_POST['Garno'], // Hopefully $_POST['Garno'] is what you want.
':EmpID' => $_POST['EmpID'], // Hopefully $_POST['EmpID'] is what you want.
':CustID' => $_POST['CustID'], // Hopefully $_POST['CustID'] is what you want.
':License' => $_POST['License'], // Hopefully $_POST['License'] is what you want.
':Floor' => $_POST['Floor'], // Hopefully $_POST['Floor'] is what you want.
':TimeOut' => $_POST['TimeOut'], // Hopefully $_POST['TimeOut'] is what you want.
':Gname' => $_POST['Garage'], // You don't need this, remove this.
':Date' => $_POST['Date'],
':TimeIn' => $_POST['Time'],
':Spot' => $_POST['Spot'],
':Confirmation' => $_POST['Confirmation'],
);
Related
I want to save the data with php. The program does not return an error. But to the database does not record.
DOSYA ADI:signup.php
MY CODES:
<form action="islem.php" method="post">
Ad:<input type="text" name="bilgilerim_ad" placeholder="giriniz">
Soyad:<input type="text" name="bilgilerim_soyad" placeholder="giriniz">
Mail:<input type="text" name="bilgilerim_mail"placeholder="giriniz">
Yaş:<input type="text" name="bilgilerim_yas" placeholder="giriniz">
<button name="insertislemi" type="submit">Kayıt</button>
</form>
DOSYA ADI:config.php
MY CODES
<?php
include 'baglan.php';
if(isset($_POST['insertislemi'])){
$query = $db->prepare("INSERT INTO uyeler SET
bilgilerim_ad =: bilgilerim_ad,
bilgilerim_soyad =: bilgilerim_soyad,
bilgilerim_mail =: bilgilerim_mail,
bilgilerim_yas =: bilgilerim_yas,
");
$insert = $query->execute(array(
"bilgilerim_ad" => $_POST['bilgilerim_ad'],
"bilgilerim_soyad" => $_POST['bilgilerim_soyad'],
"bilgilerim_mail" => $_POST['bilgilerim_mail'],
"bilgilerim_yas" => $_POST['bilgilerim_yas'],
));
if ( $insert ){
$last_id = $db->lastInsertId();
print "insert işlemi başarılı!";
}
}
?>
MY CODES
CONNECTION FILE
<?php
try {
$db = new PDO("mysql:host=localhost;dbname=test", "root", "");
//echo "giriş";
} catch(PDOException $e) {
echo $e->getMessage();
}
?>
You first write bilgilerim_ad =: bilgilerim_ad, ... in your insert query, then "bilgilerim_ad" => $_POST['bilgilerim_ad'],.
There's a misplaced space, the datas are bound to bilgilerim_ad but you declared : bilgilerim_ad.
Replace your insert query by :
$query = $db->prepare("INSERT INTO uyeler SET
bilgilerim_ad = :bilgilerim_ad,
bilgilerim_soyad = :bilgilerim_soyad,
bilgilerim_mail = :bilgilerim_mail,
bilgilerim_yas = :bilgilerim_yas");
And bind your datas this way :
$insert = $query->execute(array(
":bilgilerim_ad" => $_POST['bilgilerim_ad'],
":bilgilerim_soyad" => $_POST['bilgilerim_soyad'],
":bilgilerim_mail" => $_POST['bilgilerim_mail'],
":bilgilerim_yas" => $_POST['bilgilerim_yas']));
This is out of topic, but in your php files where you are using only php code (the one that insert and the one that manage DB connection in example) do not close php tag ?>. This can send unwanted characters to http header
Currently using Stripe to process payments however I would like to perform an SQL statement which will ban a user lets say when the Stripe risk evaluation is highest.
My current charge code using stripe's PHP library contains a basic error exception message:
<?php
require 'lib/Stripe.php';
if ($_POST) {
Stripe::setApiKey($stripeSecretKey);
$error = '';
$success = '';
try {
if (empty($_POST['street']) || empty($_POST['city']) || empty($_POST['zip']))
throw new Exception("Fill out all required fields.");
if (!isset($_POST['stripeToken']))
throw new Exception("The Stripe Token was not generated correctly");
Stripe_Charge::create(array("amount" => $price * 100,
"currency" => "gbp",
"card" => $_POST['stripeToken'],
"description" => "User: " . $userUsername . " - " . $userEmail,
"receipt_email" => $userEmail));
$success = '<div class="alert alert-success">
<strong>Success!</strong> Your payment was successful, Redirecting...
</div>';
header('Refresh: 3; URL=https://urlhere');
}
catch (Exception $e) {
$error = '<div class="alert alert-danger">
<strong>Error!</strong> '.$e->getMessage().'
</div>';
}
}
if(!(empty($success)))
$txid = generateTxid();
{
$SQL = $odb -> prepare("INSERT INTO `payments` VALUES(NULL, :price, :planid, :userid, :payer, :transactionid, UNIX_TIMESTAMP())");
$SQL -> execute(array(':price' => $price, ':planid' => $planID, ':userid' => $userID, ':payer' => $userEmail, ':transactionid' => $txid));
$unit = $plan['unit'];
$length = $plan['length'];
$newExpire = strtotime("+{$length} {$unit}");
$updateSQL = $odb -> prepare("UPDATE `users` SET `expire` = :expire, `membership` = :plan WHERE `ID` = :id");
$updateSQL -> execute(array(':expire' => $newExpire, ':plan' => (int)$planID, ':id' => (int)$userID));
}
?>
With reference to https://stripe.com/docs/api#charge_object I can see that under the PHP tab it has the outcome object which could be used in my cas ehowever not sure how to implement it.
Check the response from your charge creation. Look at the risk_level attribute and write a condition that does something when the condition is met.
$response = Stripe_Charge::create(...
To get the risk_level attribute:
print $response->outcome->risk_level
P.S. you should be checking the charge response to verify it succeeded and not just assuming it succeeded if an Exception was not thrown. It could be Pending, which is not an Exception but it's also not a success, for example.
I am trying to update and add posts to a custom coded blog using PDO.
I can read and delete fine, but adding posts or editing them does not work on the live server.
It works fine on XAMPP...
I have made sure the PDO_mysql extension is enable on my database.
At a loss as to where the problem is?
My EDIT POST code looks like:
<?php
//if form has been submitted process it
if(isset($_POST['submit'])){
//collect form data
extract($_POST);
//very basic validation
if($postID ==''){
$error[] = 'This post is missing a valid id!.';
}
if($postTitle ==''){
$error[] = 'Please enter the title.';
}
if($postDesc ==''){
$error[] = 'Please enter the description.';
}
if($postCont ==''){
$error[] = 'Please enter the content.';
}
if(!isset($error)){
try {
$postSlug = slug($postTitle);
//insert into database
$stmt = $db->prepare('UPDATE blog_posts_seo SET postTitle = :postTitle, postSlug = :postSlug, postDesc = :postDesc, postCont = :postCont WHERE postID = :postID') ;
$stmt->execute(array(
':postTitle' => $postTitle,
':postSlug' => $postSlug,
':postDesc' => $postDesc,
':postCont' => $postCont,
':postID' => $postID
));
//delete all items with the current postID
$stmt = $db->prepare('DELETE FROM blog_post_cats WHERE postID = :postID');
$stmt->execute(array(':postID' => $postID));
if(is_array($catID)){
foreach($_POST['catID'] as $catID){
$stmt = $db->prepare('INSERT INTO blog_post_cats (postID,catID)VALUES(:postID,:catID)');
$stmt->execute(array(
':postID' => $postID,
':catID' => $catID
));
}
}
//redirect to index page
header('Location: index.php?action=updated');
exit;
} catch(PDOException $e) {
echo $e->getMessage();
}
}
}
?>
<?php
//check for any errors
if(isset($error)){
foreach($error as $error){
echo $error.'<br />';
}
}
try {
$stmt = $db->prepare('SELECT postID, postTitle, postDesc, postCont FROM blog_posts_seo WHERE postID = :postID') ;
$stmt->execute(array(':postID' => $_GET['id']));
$row = $stmt->fetch();
} catch(PDOException $e) {
echo $e->getMessage();
}
?>
and my ADD POST code is
<?php
//if form has been submitted process it
if(isset($_POST['submit'])){
//collect form data
extract($_POST);
//very basic validation
if($postTitle ==''){
$error[] = 'Please enter the title.';
}
if($postDesc ==''){
$error[] = 'Please enter the description.';
}
if($postCont ==''){
$error[] = 'Please enter the content.';
}
if(!isset($error)){
try {
$postSlug = slug($postTitle);
//insert into database
$stmt = $db->prepare('INSERT INTO blog_posts_seo (postTitle,postSlug,postDesc,postCont,postDate) VALUES (:postTitle, :postSlug, :postDesc, :postCont, :postDate)') ;
$stmt->execute(array(
':postTitle' => $postTitle,
':postSlug' => $postSlug,
':postDesc' => $postDesc,
':postCont' => $postCont,
':postDate' => date('Y-m-d H:i:s')
));
$postID = $db->lastInsertId();
//redirect to index page
header('Location: index.php?action=added');
exit;
} catch(PDOException $e) {
echo $e->getMessage();
}
}
}
//check for any errors
if(isset($error)){
foreach($error as $error){
echo '<p class="error">'.$error.'</p>';
}
}
?>
Is there anything I should check on the MySQL DB or is there something in my code that is preventing my CRUD from working in a live environment?
As said before, the exact same code (other than the config file) is working on XAMPP.
It might be a privilege error on the server side, since you cannot edit (write) the files or create new ones. I suggest checking the users privileges on the database.
When you say it does not work, what does it return to you?
Have you tried a var_dump or echo if it works as a query, or it doesn't allow the query to execute at all?
UPDATE:
Last but not least, the configuration file, as suggested by the comments, should be the main problem. It really depends how you have configured the files to work on the server. Check includes and such.
The problem is how you insert DATE.
That's the only difference between Insert, update and delete.
The best is not to add it at all via PHP and since you are adding the current time you can let the database do it for you.
':postDate' => date('Y-m-d H:i:s') <- let the db do it for you as default parameter set to now() or just use TIMESTAMP probably the best.
This question already has answers here:
How do I display a MySQL error in PHP for a long query that depends on the user input? [duplicate]
(6 answers)
Why shouldn't I use mysql_* functions in PHP?
(14 answers)
Closed 5 years ago.
I'm trying to insert values in table it is saying error please tell me where i'm wrong here is my code
its said please try again
<?php
include_once('dbconnect.php');
if(isset($_POST['submit']))
{
$name = $_POST['name'];
$phone = $_POST['phone'];
$cash = $_POST['cash'];
if(mysql_query("INSERT INTO tbl2 VALUES('',$name','$phone','$cash','date('l jS \of F Y h:i:s A'))"))
echo "Successful Insertion!";
else
echo "Please try again";
}
$res = mysql_query("SELECT * FROM tbl2");
?>
<form action="" method="POST">
<input type="text" name="name"/><br />
<input type="text" name="phone"/><br />
<input type="text" name="cash"/><br />
<input type="submit" name="submit" value=" Enter "/>
</form>
<h1>List of companies ..</h1>
<?php
while( $row = mysql_fetch_array($res) )
echo "$row[id].$row[Name]
<a href='edit.php?edit=$row[id]'>edit</a><br />";
?>
will you guide me i thought the problem is in date date
Two things I can think of top my head;
mysql_ has been deprecated, thus the else kicks in.
Your syntax maybe wrong for mysql_query?
Nonetheless, start over and start over with code that is functional and up-to-date...
Given that your connection is working properly update it to a new mysqli syntax, it's very simple and much more elegant:
$connect = new mysqli( 'localhost', 'USERNAME', 'PASSWORD', 'DATABASE' );
// check for an error
if ($this->_connection->connect_error)
{
trigger_error("Connection Error: " . $this->_connection->connect_error(), E_USER_ERROR);
}
Now that you are connected walk-through a new process for your code.
Start by checking like you currently are for a submit $_POST so that you can start running the script:
if ( isset( $_POST['submit'] ) )
{
// Encode the URL when creating the variables
$name = htmlentities( $_POST['name'] );
$phone = htmlentities( $_POST['phone'] );
$cash = htmlentities( $_POST['cash'] );
$date = date( 'l jS \of F Y h:i:s A' );
// create sql
// DO NOT INSERT VALUES STRAIGHT INTO YOUR QUERY
$sql = "INSERT INTO tbl2 ( name, phone, cash, date ) VALUES ( ?, ?, ?, ? )";
Note: before continuing, let me explain that you should never insert content into your query because that would throw raw user input in the mist of your code. Now, most users will never try anything fishy. But anyone could easily throw a few SQL commands inside of your inputs and DELETE, SELECT, and UPDATE your database content and cause numerous problems.
Here is some reference: https://en.wikipedia.org/wiki/SQL_injection
To work around that problem, use prepared statements. You can read all about it on PHP manual; and also see some real-life examples.
// prepare query
// USE PREPARED STATEMENTS
if ($stmt = $connect->prepare( $sql ))
{
// bind the params
$stmt->bind_param('ssss', $name, $phone, $cash, $date);
// execute the query
$stmt->execute();
// check for errors
if ($stmt->errno)
{
$message = array(
'is_error' => 'danger',
'message' => 'Error: ' . $stmt->error
);
}
// make sure at least 1 or more rows were affected
if ($stmt->affected_rows > 0)
{
$message = array(
'is_error' => 'success',
'message' => 'Success: ' . $stmt->affected_rows . ' rows were inserted.' // value should be 1
);
}
else
{
// if not, send warning to user
$message = array(
'is_error' => 'warning',
'message' => 'Warning: ' . $stmt->affected_rows . ' rows were updated.'
);
}
// close your connection
$stmt->close();
}
else
{
$message = array(
'is_error' => 'danger',
'message' => 'QUERY: error. Try again.'
);
exit;
}
}
else
{
$message = array(
'is_error' => 'warning',
'message' => 'There was no submission attempt. Try again.'
);
exit;
}
Notice in the code is broken down into parts where you can catch multiple errors, and it's important for debugging; it will allow you to know exactly where the code went wrong, and localize your problem to a single section of it.
EDIT: Seems to be something with the database. We cant figure out what it is.
Im having a problem with storing data thats been put into the forms. I tested the query in MS SQL (we have to use that for school) but it doesnt seem to work once i put in my variables. So im guessing the problem comes from the variables. However im not sure about that because when i echo the $_POST variables it outputs strings like i want it to. But when i put it in the query it just wont store rit in my database. Would be great if someone could help me out with this.
HTML code:
<form action="registerSystem.php" method="post">
Email:
<input type="email" name="emailAdres" required> <br>
Naam:
<input type="text" name="naamGebruiker" required> <br>
Wachtwoord:
<input type="password" name="wachtwoordGebruiker" required> <br>
Herhaal wachtwoord:
<input type="password" name="bevestigWachtwoord" required> <br>
<input type="submit" value="Registreer">
</form>
Php code:
require "connect.php";
session_start();
GLOBAL $conn;
function createAccount(){
$email = $_POST['emailAdres'];
$username = $_POST['naamGebruiker'];
$wachtwoord = $_POST['wachtwoordGebruiker'];
GLOBAL $conn;
$hashed_pass = md5($wachtwoord);
$paypal = $email;
$subscription_start = date("Y:m:d");
$land = 'Nederland';
$query = $conn->prepare("INSERT INTO Customer (customer_mail_adress, name, paypal_account, subscription_start, subscription_end, password, country_name) "
."VALUES (:customer_mail_adres, :naam, :paypal, :subscription_start, null, :password, :country_name)");
$query->bindParam(':customer_mail_adres', $email);
$query->bindParam(':naam', $username);
$query->bindParam(':paypal', $paypal);
$query->bindParam(':subscription_start', $subscription_start);
$query->bindParam(':password', $hashed_pass);
$query->bindParam(':country_name', $land);
$conn->query($query);
}
if($_SERVER['REQUEST_METHOD'] === 'POST'){
//password check
if ($_POST['wachtwoordGebruiker'] == $_POST['bevestigWachtwoord']) {
createAccount();
header("location: loginSystem.php");
} else {
echo "De opgegeven wachtwoorden komen niet overeen!";
}
}?>
I have found where the problem is on your function.
The problem is here : VALUES (:customer_mail_adres, :naam, :paypal, :subscription_start, null, :password, :country_name)");
that null after :subscription_start is the problem, rather put a place holder in place then have a string that you will assign it value to null. then your query should work.
I'm not sure what datatype is subscription_end but I guess it should be date. and also use try catch block so that you can see when you have errors in your sql query. Also don't rush to reload the next page after running your query atleast but some delay on your header() so that you can print success message and see if its displaying then load next page
So this is how I updated your function.
<?php
require 'connect.php';
session_start();
GLOBAL $conn;
function createAccount()
{
$email = $_POST['emailAdres'];
$username = $_POST['naamGebruiker'];
$wachtwoord = $_POST['wachtwoordGebruiker'];
GLOBAL $conn;
$hashed_pass = md5($wachtwoord);
$paypal = $email;
$subscription_start = date("Y:m:d");
$land = 'Nederland';
$enddate = 'null';
try {
$query = $conn->prepare("INSERT INTO Customer (customer_mail_adress, name, paypal_account, subscription_start, subscription_end, password, country_name) " . "VALUES (:customer_mail_adres, :naam, :paypal, :subscription_start, :enddate, :password, :country_name)");
$query->bindParam(':customer_mail_adres', $email);
$query->bindParam(':naam', $username);
$query->bindParam(':paypal', $paypal);
$query->bindParam(':subscription_start', $subscription_start);
$query->bindParam(':password', $hashed_pass);
$query->bindParam(':country_name', $land);
$query->bindParam(':enddate', $enddate);
if ($query->execute()) {
echo "Done";
}
}
catch (PDOException $e) {
echo "error". $e->getMessage();
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
//password check
if ($_POST['wachtwoordGebruiker'] == $_POST['bevestigWachtwoord']) {
createAccount();
header("refresh:5;url=loginSystem.php");
} else {
echo "De opgegeven wachtwoorden komen niet overeen!";
}
}
?>
Hope this helps.
NB: Don't use md5(); to encrypt your passwords its no longer safe,
rather use php functions password_hash() and password_verify()
they are available on php.net for you to read and understand them.
$query = $conn->prepare("INSERT INTO Customer (customer_mail_adress, name, paypal_account, subscription_start, subscription_end, password, country_name)"
." VALUES (:customer_mail_adres, :naam, :paypal, :subscription_start, null, :password, :country_name)");
$query->bindParam(':customer_mail_adres', $email);
$query->bindParam(':naam', $username);
$query->bindParam(':paypal', $paypal);
$query->bindParam(':subscription_start', $subscription_start);
$query->bindParam(':password', $hashed_pass);
$query->bindParam(':country_name', $land);
$query->execute();
What I've changed here is $conn->query($query); to $query->execute(). Because you're working with prepared statements, you need to call execute method of the object instance of prepared statement $query.
$conn->query($sql) is commonly used when only retrieving results with SELECT query which doesn't contain filtering conditions that receive data from user inputs.
For your information, as a best practice, wrap up the code with try catch blocks which helps you handle the errors.
try {
$query = $conn->prepare("INSERT INTO Customer (customer_mail_adress, name, paypal_account, subscription_start, subscription_end, password, country_name)"
." VALUES (:customer_mail_adres, :naam, :paypal, :subscription_start, null, :password, :country_name)");
$query->bindParam(':customer_mail_adres', $email);
$query->bindParam(':naam', $username);
$query->bindParam(':paypal', $paypal);
$query->bindParam(':subscription_start', $subscription_start);
$query->bindParam(':password', $hashed_pass);
$query->bindParam(':country_name', $land);
$query->execute();
} catch (PDOException $ex) {
echo $ex->getMessage(); // or die($ex->getMessage());
}
Before using try catch blocks, set the PDO's error reporting to exception:
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
Set this attribute as soon as you created the PDO object instance.
You can also set this attribute during the object instantiation through constructor like:
$conn = new PDO('mysql:host=localhost;dbname=demo', 'root', 'password', array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
));
Hope it helps!