$name = "O'Reilly";
  $sth = $db->prepare("SELECT * FROM emp WHERE name = '$name'");
  $sth->execute();

##</code><code>##

  $name = "O'Reilly";
  $sth = $db->prepare("SELECT * FROM emp WHERE name = ?");
  $sth->execute($name);

##</code><code>##

  my $field = $old ? "olddata" : "newdata";
  $sth = $db->prepare("SELECT * FROM ?");
  $sth->execute($field);