I have been reading and have been told that prepared statements are one way to prevent SQL injections.

My mysqli conect works, but my new PDO statement doesn't connect

$username = "root";
$password = "1212";
try {
$conn = new PDO('mysql:host=localhost;dbname=test', $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}

Can you tell me why this doesn't work?

Thanks in advance friends