My suggestion would be to use HERE documents (or at least simple scalar variables containing the SQL statements and using those variables in the dbh->prepare statements. The code would look cleaner and be easier to debug. For e.g. :
$sql = "select $sub_parent from Roster where User = '" . $user . "'";
$sth = $dbh->prepare ($sql);
$sth->execute ();