Use SQL::Abstract to write extendable code that builds SQL. This is the tool DBIx::Class uses, so it gets lots of support:
$ cat 1031647.pl
use warnings;
use strict;
use Data::Dumper;
use SQL::Abstract;
my $sql = SQL::Abstract->new;
my($stmt, @bind) = $sql->select(
'table', # table name
[ 'name' ], # fields
{
id => { -in => [ 1, 2, 3, 4 ] } # the ids
},
[ 'id' ] # order by
);
print Data::Dumper->Dump(
[ $stmt, \@bind ],
[ qw( stmt bind ) ],
);
my $sth = $dbh->prepare( $stmt );
$sth->execute( @bind );
$ perl 1031647.pl
$stmt = 'SELECT name FROM table WHERE ( id IN ( ?, ?, ?, ? ) ) ORDER B
+Y id';
$bind = [
1,
2,
3,
4
];
...