This would not be the final code I'd want to deploy, but for some quick debugging, let's get all defensive-coding about it:
<?php
ini_set('display_errors', true);
error_reporting(E_ALL);
if(empty($_GET['id'])) {
die("<pre>ERROR: 'id' not set.</pre>");
}
$consulta = ConsultarCuenta($_GET['id']);
if($consulta == false) {
die("<pre>Nothing returned by query</pre>");
}
function ConsultarCuenta($id)
{
require 'conexion.php'; // it's not optional, so `require` it
$sentencia = "SELECT * FROM cuenta WHERE id='$id'";
$resultado = $conexion->query($sentencia);
if($resultado == false) {
die("<pre>QUERY ERROR:\n".print_r($conexion->errorInfo(), true)."\nQuery:\n$$sentencia</pre>");
}
$fila = $resultado->fetch(PDO::FETCH_ASSOC);
return $fila;
}
My wild guess is that cuenta.id
is an integer, not a string, in which case it should not be quoted in the SQL. This is where using prepared statements can automate some of that for you while sanitizing the inputs.:
function ConsultarCuenta($id)
{
require 'conexion.php'; // it's not optional, so `require` it
$sentencia = "SELECT * FROM cuenta WHERE id = :id";
$stmt = $conexion->prepare($sentencia);
if($stmt == false) {
die("<pre>INVALID QUERY:\n".print_r($conexion->errorInfo())."\nSQL:\n$sentencia</pre>");
}
$resultado = $stmt->execute($stmt, array('id' => $id));
if($resultado == false) {
die("<pre>QUERY ERROR:\n".print_r($stmt->errorInfo(), true)."\nQuery:\n$$sentencia</pre>");
}
$fila = $resultado->fetch(PDO::FETCH_ASSOC);
return $fila;
}
(Warning: all code is untested.)