@input                = ();

$string = "abc";

push(@input, '%' . $string . '%');

$sth=$dbh->prepare("SELECT *
                    FROM table
                    WHERE field LIKE ?") or die $dbh->errstr;
$sth->execute(@input) or die $dbh->errstr;

##</code><code>##

@input                = ();

$string = "1,2,3";

push(@input, $string);

$sth=$dbh->prepare(" SELECT *
                    FROM table
                    WHERE field IN (?) ") or die $dbh->errstr;
$sth->execute(@input) or die $dbh->errstr;