$sql = "select stuff from table where id = " . param('id');