$SQL = "SELECT * FROM st WHERE st_name=".$dbh->quote($name);