my $str = shift; my $sql = "SELECT *.... where blablabla = ?"; my $sth = $dbh->prepare($sql) or die 'Fehler: $DBI::errstr\n"; $sth->execute();