19.
БИТ,
<?php
$string = 'sdasdsdsad';
$db = new mysqli('localhost', 'user', 'password', 'db');
$db->query('SELECT * FROM blablabla WHERE id = '. $db->escape_string($string));
$db->close();
$db = mysqli_connect('host', 'user', 'password', 'db');
mysqli_query($db, 'SELECT * FROM blablabla WHERE id = ' . mysqli_escape_string($db, $string));
mysqli_close($db);