my $dbh = DBI->connect("DBI:mysql:$db:$host", $user, $pw) || die;

my $sql;
my $sth;

if($ENV{'REQUEST_METHOD'} eq 'GET')
{
    my $daten;
    $daten = $ENV{'QUERY_STRING'};
    my @formularfelder = split(/&/, $daten);
    my @formular = ();
    my $i=0;
    foreach my $feld (@formularfelder)  
    {
        (my $name, my $value) = split(/=/, $feld);   
        $value =~ tr/+/ /;
        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
        $value =~ s/<!--(.|\n)*-->//g;      
		$formular[$i] = $cgi->escapeHTML($name);
        $i++;
        $formular[$i] = $cgi->escapeHTML($value); 
        $i++;
    }
    if(!defined $formular[0] || $formular[0] ne "dl" || ! defined $formular[1] || $formular[1] !~ /^\d+$/)
    {
        Navi::print_navi(": Nice try... :");
        print qq{<div id="category">[ NICE TRY ]</div>};
        print "<b>Nice try...</b>";
    }
    else
    {
        $sql = qq{select p.category as category, p.titel as titel, p.beschreibung as beschreibung , c.werbung as werbung from movie_projects as p join movie_categories as c on c.id = p.category WHERE p.id = ?};
        
        $sth = $dbh->prepare($sql) or die "Error: $DBI::errstr";
        my $error = $sth->execute($formular[1]) or die "Error: $DBI::errstr";
        print "$error\n";
        
        while (my $ergebnis = $sth->fetchrow_hashref())
        {