$contact_person = param("contact_person");
$allocated_to   = param("allocated_to");
$status         = param("status"); #Active or Closed
   
die "At least one of the 'ALLOCATED_TO' or 'CONTACT_PERSON' fields "
   ."must be non-blank!" if ($contact_person eq '' 
    && $allocated_to eq '');
  
$status =~ s/\s+//g;
  
%in = ('allocated_to'   => "$allocated_to",
       'contact_person' => "$contact_person");
  
undef @where_clause;
undef @entries; #one or both of allocated_to/contact_person
undef @values;  #entered name(s) from form
 
#Identify if allocated_to and/or contact_person
#have been selected - create some arrays
 
while( my($key,$value) = each(%in) ) {
  if ($in{$key}) {
    push @where_clause, "UPPER($key) LIKE UPPER(?)";
    push (@entries, $key);
    push (@values, "\%$value\%")
    }
}

#start composing the SQL:
  
$sql = sprintf "SELECT FAULT_NO,FIX_STATUS,%s FROM TEST 
       WHERE %s ", join(", ", @entries), 
       join(" OR ", @where_clause);
  
if ($status eq 'Active') { #Perform search for ACTIVE reports:
    
$sql .= " AND (FIX_STATUS IN ('PENDING RESPONSE',
                              'AWAITING FIX', 
                              'UNDER INVESTIGATION') 
                  )";   
    
} elsif ($status eq 'Closed') {#Perform search for CLOSED reports:
    
$sql .= " AND (FIX_STATUS IN ('FIXED',
                              'NO ACTION REQUIRED',
                              'FOR INFORMATION', 
                              'UNRESOLVED')
              )";
    
} else { die "Value of \'$status\' unknown." }
  
$sql .= " ORDER BY FAULT_NO DESC ";
  
$sth = $dbh->prepare($sql);
$sth->execute( @values );