$sth = $dbh->prepare(qq(
SELECT *
FROM $pictures_table
WHERE stats="2"
AND poster_name = ?
ORDER BY poster_name ASC));

$sth->execute(param('name'));