I managed to fix this myself with the following
<?php
if (isset($_GET['id']))
{
$id = $_GET ['id'];
}
else
{
$id = "";
}
//$url = "http://18.168.90.222/device-repair-service/device?id=$id";
require 'sql_connect.php';
try {
$connection = new PDO($dsn, $username, $password);
$connection -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//echo "connection succesful";
} catch (PDOException $error){
echo $error -> getMessage();
}
//prevent SQL injection
$sql = "SELECT * FROM newdevices WHERE deviceId =?";
$result = $connection -> prepare($sql);
$result -> bindParam(1, $id);
$result -> execute();
$row = $result -> fetch()