$sth = $dbh->prepare("SELECT * FROM $pictures_table WHERE stats="2" AND poster_name = "param('name')" ASC ");