my $find_name = $dbh->prepare("select * from table where name = ?");
$find_name->execute($unsafe_name_from _user_via_cgi);
my $row = $find_name->fetchrow_hashref; # or whatever
$find_name->finish;