PDO Insert not working with bindParam

Question

I am currently using PDO to connect to my database and it works, but when a user logs in, I want it to check if the user's id is already in a row, I have already done this in the code below:

<?php
require 'steamauth/steamauth.php';

if(!isset($_SESSION['steamid'])) {

$username = "Unknown";
$avatar = "defaultUser";
$accid = "Unknown";

$credits = "Not Applicable";

$avatarSmall = "smallUser"; //For Dashboard

} else {

include ('steamauth/userInfo.php');

$username = &$steamprofile['personaname'];
$avatar = &$steamprofile['avatarmedium'];
$accid = &$steamprofile['steamid'];

$avatarSmall = &$steamprofile['avatar']; //For Dashboard

$db_user = "USERNAME";
$db_pass = "PASSWORD";
$db_host = "HOST";
$db_name = "DATABASE NAME";

$db = new PDO("mysql:host=".$db_host.";db_name=".db_name, $db_user, $db_pass);

    try{
        $check = $db->prepare("SELECT userID from userData WHERE userID = :accountID");
        $check->bindParam(':accountID', $accid, PDO::PARAM_INT);
        $check->execute();
        if(!$check){
            die("Server Error: 404Check, Please Contact A Member Of Staff If This Error Continues.");
        }else{
            if($check->rowCount() > 0) {
                $creditsQuery = $db->prepare("SELECT userCredits FROM userData WHERE userID = :accountID3");
                $creditsQuery->bindParam(":accountID3", $accid, PDO::PARAM_INT);
                $creditsQuery->execute();
                //Set Credits To Variable From Database Column
                $credits = $creditsQuery->fetch(PDO::FETCH_ASSOC);
            }else{
                $sql = $db->prepare("INSERT INTO userData (userID, userCredits) VALUES (:accountID2, '0')");
                $sql->bindParam(':accountID2', $accid, PDO::PARAM_INT);
                $sql->execute();
                if(!$sql){
                    die('Server Error: 404Insert, Please Contact A Member Of Staff If This Error Continues.');
                }
            }   
        }
    }catch(PDOException $e){
        die ("Server Error: 404Connection, Please Contact A Member Of Staff If This Error Continues.");
    }
}       

?>

Although, when I login, it doesn't seem to store the user's id or credits as 0, and the table (userData) is empty.

Thanks,

Matt

Answer 1

This is wrong:

    $check->execute();
    if(!$check){
       ^^^^^^^

$check doesn't magically change into a boolean true/false if the execute fails. It will ALWAYS be a prepared statement object, and therefore always evaluate to true .

You didn't enable exceptions in PDO, therefore it runs in the default "return false on failure" mode, which means your code should be:

$res = $check->execute();
if(!$res) {
  die(...);
}

And this holds true for your other prepare/execute blocks as well - Your script is killing itself before it ever gets to the insert query, because your test for database failure is wrong.