When you're only expecting an integer value, do something like this in your code:
if(is_numeric($_GET['id'])){
$query = "SELECT name WHERE id = '" . $_GET['id'] . "'";
}
else{
die("ID is not numeric.");
}
Also, this is another way:
$query = "SELECT name WHERE id ='" . intval($_GET['id']) . "';
It'll save you some headaches 
