From 5023fa34fd9b8eb3fe7423bb28d88e93c02a57ec Mon Sep 17 00:00:00 2001
From: Jakob <jakob.matzkowski@gmx.de>
Date: Sun, 8 Mar 2020 16:27:02 +0100
Subject: [PATCH] =?UTF-8?q?=E2=80=9Ethreadr/profile/index.php=E2=80=9C=20?=
 =?UTF-8?q?=C3=A4ndern?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 threadr/profile/index.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/threadr/profile/index.php b/threadr/profile/index.php
index b65cbfa..b223947 100644
--- a/threadr/profile/index.php
+++ b/threadr/profile/index.php
@@ -6,10 +6,18 @@ session_start();
 %REQUIRE_LOGIN%
 
 $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
-$statement = $pdo->prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table
-$result = $statement->execute(array('user_id' => $_SESSION['user_id']));
-$dbentry = $statement->fetch();
-$username = $dbentry['name'];
+$error = false;
+$error_message = "";
+if (!$error) {
+  $statement = $pdo->prepare("SELECT name FROM users WHERE id=:uid"); // to be replaced with optional user name off the user data table
+  $statement->execute(array("uid"=>$_SESSION[user_id]));
+  $dbentry = $statement->fetch();
+  $username = $dbentry[name];
+}
+if (!$result) {
+  $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
+}
+
 
 $navbar = "profile";
 ?>