my $sth = $dbh->prepare( "select ..." );  # sql with "?" in there somewhere
$sth->execute( $param );  # pass a value from cgi params
my $rows = $sth->fetchall_arrayref;

if ( ref( $rows ) eq 'ARRAY' and @$rows ) {
    print "<table>";
    print "<tr><th>User</th><th>System</th></tr>\n";

    for my $row ( @$rows ) {
        print "<tr><td>" . join( "</td><td>", @$row ) . "</td></tr>\n";
    }
    print "</table>\n";
}
else {
    print "<p>No matches found.</p>";
}