msql code looked weird

threadr/userhome/index.php

@@ -6,10 +6,17 @@ session_start();
   %NO_CHEAP_SESSION_STEALING%
 
 $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
-$statement = $pdo->prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table
+$error = false;
-$result = $statement->execute(array('user_id' => $_SESSION['user_id']));
+$error_message = "";
+if (!$error) {
+  $statement = $pdo->prepare("SELECT name FROM users WHERE id=:uid"); // to be replaced with optional user name off the user data table
+  $statement->execute(array("uid"=>$_SESSION[user_id]));
   $dbentry = $statement->fetch();
-$username = $dbentry['name'];
+  $username = $dbentry[name];
+}
+if (!$result) {
+  $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
+}
 
 $navbar = "home";
 //ToDo: differentiate between home and userhome (or auto-redirect)