$sth = $dbh->prepare( "select CODE from INV where CODE = ?");
    # Execute the SQL statement and generate a result set
    $sth->execute($user_input);