http://www.perlmonks.org?node_id=1198203


in reply to Getting mysql data into gd

Side point: Using a variable inside a sql statement is known as dynamic sql, and is generally considered to be a bad idea. Instead, use a place holder, that is '?', and prepare the statement.