Help for this page
my $sth = $dbh->prepare("select * from foo where bar = ?"); $sth->execute($userinput);
my $sql = sprintf "select * from foo where bar = %s", $dbh->quote($use +rinput);