use strict;   #  I assume your app already has this somewhere

#####################
# DECLARE VARIABLES #
#####################

my $count = 0;          # Count the number of rows
my @grab_results = ();  # Array containing results
my $statement;          # sql statement
my @error = ();         # Array to store any DB errors
my $connection_status;  # Tells us whether we connected to a DB or not

##################
# CGI PARAMETERS #
##################

my %bb;
my @fldnames = qw(emp_user_name bb_activity_code bb_model  bb_pin
                  bb_phone      bb_imei_esn_doc  bb_status bb_region_code);
my @fldops  =  qw(LIKE          LIKE             =         LIKE
                  LIKE          LIKE             =         =);

$bb{$_} = clean_sql(param($_)) for ( @fldnames );

##########################
# Generate SQL statement #
##########################

my $whereclause = '';
if ( $bb{emp_user_name} ne '*')
{
    my @conditions = ();
    for my $i ( 0 .. $#fldnames )
    {
        my $fname = $fldnames[$i];

        if ( $bb{$fname} ne '' )
        {
            push @conditions, "$fname $fldops[$i] " .
                (( $fldops[$i] eq '=' ) ?  $bb{$fname} : "\%$bb{$fname}\%" );
        }
    }
    exit if ( @conditions == 0 );

    $whereclause = 'WHERE ' . join( ' AND ', @conditions );
}

$statement = 'SELECT ' . join( ',', 'bb_id', @fldnames ) .
        " FROM blackberry $whereclause ORDER BY emp_user_name";


##################################################
# Connect to the database and send sql statement #
##################################################
# ...