The Perl DBI module supports executing a prepared statement that includes parameter markers for variable input. To include a parameter marker in an SQL statement, use the question mark (?) character or a colon followed by a name (:name).
The Perl code example creates a statement handle that accepts a parameter marker for the WHERE clause of a SELECT statement. The code then executes the statement twice using the input values 25000 and 35000 to replace the parameter marker.
my $sth = $dbhandle->prepare(
'SELECT firstnme, lastname
FROM employee
WHERE salary > ?'
);
my $rc = $sth->execute(25000);
·
·
·
my $rc = $sth->execute(35000);