Check username exists using PHP and PDO?

Question

I have a db.php file that has the following in it:

// db.php file
// creates connection to database

// DATABASE CONNECTION FUNCTION
function sql_con(){
    try{
        $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME, DB_USER, DB_PASS,
            array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));

        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    } catch (PDOException $e) {
        // log error to file and display friendly error to user
        ExceptionErrorHandler($e);
        exit;
    }
}

I have a signup page and i want to check if username already exists, so i call my sql_con(); function beforehand to connect to database then do the below query

    // connect to database
    sql_con();

    $stmt = $dbh->prepare("SELECT `user_login` FROM `users` WHERE `user_login` = ? LIMIT 1");
    $stmt->execute(array($username));

    if ( $stmt->rowCount() > 0 ) {
        $error[] = 'Username already taken';
    }

I'm very new to PDO and with the above i get the following errors:

Notice: Undefined variable: dbh in C:\wamp\www\signup.php on line 64

Fatal error: Call to a member function prepare() on a non-object in C:\wamp\www\signup.php on line 64

Probably something very silly and I seem to confuse myself with PDO as I'm at the beginner stages. Could anyone tell me what I am doing wrong? Also I am not sure if this is the correct way as I'm new to PDO so if there's a more efficient way to do the username query check then please let me know.

Answer 1

You are defining pdo in function an ist not visible out it.

function sql_con(){
    try{
        $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME, DB_USER, DB_PASS,
            array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));

        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);


        return $dbh; //this 

    } catch (PDOException $e) {
        // log error to file and display friendly error to user
        ExceptionErrorHandler($e);
        exit;
    }
}


 $dbh = sql_con();

It will be better if you create a class for pdo abstraction.

$dbh = DB::getInstance();

Answer 2

The $dbh variable is destroyed once the function is done executing.

You could try returning the handle:

function sql_con() {

    // your connection code

    return $dbh;

}

Then in your signup page:

$dbh = sql_con();

Depending on your needs, a better alternative would be to employ a DI container.

Answer 3

This is because the $dbh object is limited to inside the try catch block and your sql_con() function due to scope.

The correct solution would be to remove the try catch block, and return the $dbh variable at the end of the sql_con() function.

Then:

try {
    $dbh = sql_con();

    $stmt = $dbh->prepare("SELECT `user_login` FROM `users` WHERE `user_login` = ? LIMIT 1");
    $stmt->execute(array($username));

    if ( $stmt->rowCount() > 0 ) {
        $error[] = 'Username already taken';
    }
}
catch (PDOException $e) {

    //Do stuff with $e

}