my $name = $cgi->param("name"); 

 my $dbh = DBI->connect('DBI:mysql:my_db', 'user', 'pass')
          or die "Couldn't open database: $DBI::errstr";

my $sth = $dbh->prepare( "select * from my_db where name like ?" ) or die "DBI prepare: $DBI::errstr";

$sth->execute( %name% ) or die "Couldn't execute statement: $DBI::errstr";

##</code><code>##

$sth->execute( $name ) or die "Couldn't execute statement: $DBI::errstr";

##</code><code>##

my $sth = $dbh->prepare("
    SELECT blah FROM blah WHERE blah LIKE ?
");
$sth->execute('%foo%');