my $chk_arid = "SELECT MAX( arid ) FROM $table where flag = ?";
my ($arid) = sql_query( $chk_arid , 1 );

#                 or
 my $cmd = "select aid, code from authors where name =  ? ";
 ( $aid, $code ) = sql_query( $cmd, $name );

#                   or even

my $cmd_up = "UPDATE SET flag = 0 where flag = 1 and arid = ?";
sql_query( $cmd_up, $pub{arid} ) or die("Error update flag");

     my $cmd_ins = "INSERT INTO $table ( arid, catid, filename, title,
        aid, teaser, text, links, comment, changeby, newsid,
  keywords, description, flag) VALUES ( ?, ?, ?, ?, ?,
        ?, ?, ?, ?, ?, ?, ?, ?, ?)";
sql_query( $cmd_ins, $arid, $file, $pub{title}, $pub{aid},
  $pub{teaser}, $pub{text}, $pub{links}, $comment, $aid, 
  $pub{newsid}, $pub{keywords}, $pub{description}, 1 )
or die("Failed to insert new changed sql data :( \n");

##</code><code>##


sub sql_query {

        my $cmd = shift;
        my @place_holders;

        if ( defined $_[0] ) {
                foreach my $i ( 0 .. $_ ) {
                        $place_holders[$i] = "$_[$i]";
                }
        }

       die("Received no sql cmd for database query") unless ( defined $cmd);

        my $dbh = DBI->connect("DBI:mysql:$dbname","$username","$passwd");
        die "ERR: Couldn't open connection: ".$DBI::errstr."\n" unless $dbh;

        my $sth = $dbh->prepare( $cmd );
        die "Couldn't prepare statement: $DBI::errstr stopped\n" unless $sth;

        $sth->execute( @place_holders )
        or die "Couldn't execute statement: $DBI::errstr\n";

        my @row = $sth->fetchrow_array() if ( $cmd =~ /SELECT/i );
        $sth->finish;
        $dbh->disconnect;

        return @row if ( $cmd =~ /SELECT/i);
        return 1;
}