The problem is that you are creating the PDO connection incorrectly.
Example connections:
$dbh = new PDO('mysql:host=localhost;dbname=test', 'root', 'password');
$dsn = 'mysql:dbname=testdb;host=127.0.0.1';
$dbh = new PDO($dsn, $user, $password);
$dsn = 'uri:file:///usr/local/dbconnect';
$dbh = new PDO($dsn, $user, $password);
To solve this what you have to do is, instead of using mysql_real_escape_string... since you're using PDO, you should bind your parameters to prevent SQL injection:
$result_set = $pdo->prepare("INSERT INTO `users` (`username`, `password`, `first_name`, `last_name`)
VALUES (:username, :password, :first_name, :last_name)");
$result_set->execute(array(
':username' => $username, ':password' => $password,
':first_name' => $firstname, ':last_name' => $lastname
));
I hope this helps you.