> $sql = "SELECT u_name FROM members WHERE u_name = {$uid}"; in general this should be the correct way: $sql = "SELECT u_name FROM members WHERE u_name = ".$uid;
if you are paranoid you should go for typecasting: $sql = "SELECT u_name FROM members WHERE u_name = ".(int)$uid; if you are paranoid but lazy: $sql = "SELECT u_name FROM members WHERE u_name = ".($uid+0);