my $c_first = $query->param('c_first');
  my $c_address = $query->param('c_address');

  my $sql = "SELECT id FROM names WHERE first = '$c_first'";
  my $sth = $dbh->prepare( $sql );
  if ( $sth && $sth->execute() ) {
    while ( my $row = $sth->fetchrow_arrayref() ) {
      print( "$c_first => " . $row->[0] . "\n" );
    }
    $sth->finish();
  }

##</code><code>##

  my $sql = "SELECT id FROM names WHERE first = ?";
  my $sth = $dbh->prepare( $sql );
  if ( $sth && $sth->execute( $c_first ) ) {
    while ( my $row = $sth->fetchrow_arrayref() ) {
      print( "$c_first => " . $row->[0] . "\n" );
    }
    $sth->finish();
  }

##</code><code>##

  $c_first = $dbh->quote( $c_first ); # make O'Brian safe

  my $sql = "SELECT id FROM names WHERE first = $c_first";
  my $sth = $dbh->prepare( $sql );
  if ( $sth && $sth->execute() ) {
    while ( my $row = $sth->fetchrow_arrayref() ) {
      print( "$c_first => " . $row->[0] . "\n" );
    }
    $sth->finish();
  }