database.php

@@ -1,9 +1,10 @@
 <?php  
-$db_file = "db_file.sqlite"; 
+$db_file = dirname(__DIR__)."/db_file.sqlite";
 
 // create database file when not existent yet
 if (!file_exists($db_file)) {
  $db = new PDO('sqlite:' . $db_file);
+ $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  $db->exec("CREATE TABLE registrations(
   id INTEGER PRIMARY KEY AUTOINCREMENT, 
   first_name TEXT,
@@ -17,13 +18,11 @@ if (!file_exists($db_file)) {
 else {
  // establish connection 
  $db = new PDO('sqlite:' . $db_file);
- $ins_stmt = $db->prepare("INSERT INTO registrations
-    (first_name, last_name, note, email, username, verify_token)
-    VALUES (:first_name, :last_name, :note, :email, :username, :verify_token)");
+ $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 } 
 
 // set writeable when not set already
 if (!is_writable($db_file)) {
  chmod($db_file, 0777); 
 }
-?>
+?>

public/register.php

@@ -44,14 +44,17 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 		$message = $language["SIRNAME_INVALID_FORMAT"];
 	}
 	else {
-	// check valid password
+		// check valid password
 		require_once("../database.php");
-		$ins_stmt->bindParam(':first_name', $first);
-		$ins_stmt->bindParam(':last_name', $last);
-		$ins_stmt->bindParam(':username', $user);
+		$ins_stmt = $db->prepare("INSERT INTO registrations
+			(first_name, last_name, note, email, username, verify_token)
+			VALUES (:first, :last, :note, :email, :username, :token )");
+		$ins_stmt->bindParam(':first', $first);
+		$ins_stmt->bindParam(':last', $last);
 		$ins_stmt->bindParam(':note', $note);
 		$ins_stmt->bindParam(':email', $email);
-		$ins_stmt->bindParam(':verify_token ', $vToken);
+		$ins_stmt->bindParam(':username', $user);
+		$ins_stmt->bindParam(':token ', $vToken);
 
 		$first = filter_var($_POST["first_name"], FILTER_SANITIZE_STRING);
 		$last  = filter_var($_POST["last_name"], FILTER_SANITIZE_STRING);