String problem

Anon

I have a generic db_select function which both login and db_retrieve
call. The problem is in db_select I need to put single quotes ' around
$find_value becuase in login.php the parameter is a flash5 imported
variable, however in db_retrieve its just a php declare string. Any
ideas how I can convert the flash variable into a regular php string?

//----------------------------------------------------------------------

// db_select.php

//----------------------------------------------------------------------

<?php
function db_select($return_entity, $table_name, $find_entity,
$find_value)
{
$databaseconnect = db_include();
$select = "SELECT $return_entity
FROM $table_name
WHERE ($find_entity = $find_value)";
// WHERE ($find_entity = '$find_value')"; For login

$query_select = odbc_exec($databaseconnect, $select);
$return_value = urlencode(odbc_result($query_select,

$return_entity));
return $return_value;
}
?>

//----------------------------------------------------------------------

// login.php

//----------------------------------------------------------------------

<?php
require ('db_select.php');
require ('include.php');

$table_name = "user";
$find_entity = "username";
$find_value = $username_input; // Flash variable
$return_entity = "password";

// Calls the dynamic db_get function from db_get.php
$return_value = db_select($return_entity, $table_name, $find_entity,
$find_value);
?>

//----------------------------------------------------------------------

// db_retrieve.php

//----------------------------------------------------------------------

<?php
require ('db_select.php');
require ('include.php');
require ('db_select_inner_join.php');

$table_name = "question";
$find_entity = "question_id";
$find_value = $question_id;

$question_text = db_select("question_text", $table_name, $find_entity,
$find_value);
$question_graphic = db_select("question_graphic", $table_name,
$find_entity, $find_value);
$answer = db_select_inner_join("answer", "question", "answer",
"question_id", $find_value);
$correct_answer = db_select_inner_join("answer_is_correct", "question",
"answer", "question_id", $find_value);
$explanation = db_select("explanation", $table_name, $find_entity,
$find_value);

echo "question_text=".$question_text."&";
echo "question_graphic=".$question_graphic."&";
echo "answer_a=".$answer[0]."&";
echo "answer_b=".$answer[1]."&";
echo "answer_c=".$answer[2]."&";
echo "answer_d=".$answer[3]."&";
echo "explanation=".$explanation."&";