my $sth = $dbh->prepare("SELECT * FROM foo WHERE bar='$baz'");
$sth->execute;