...
    my $searchterm = $query->param('searchterm');
...
    my $stmt = "SELECT * FROM users WHERE $searchfield = $searchterm";
...
my $sth = $dbh->prepare ($stmt) or die "Error Preparing:\n" . $stmt . "\nDBI returned: \n", $dbh->errstr;
    
    $sth->execute () or die "Unable to execute query: " . $sth->errstr;

##</code><code>##

    my $stmt = "SELECT * FROM users WHERE $searchfield = ?";
...
    my $sth = $dbh->prepare ($stmt) or die "Error Preparing:\n" . $stmt . "\nDBI returned: \n", $dbh->errstr;
    
    $sth->execute($searchterm) or die "Unable to execute query: " . $sth->errstr;