$sth->prepare("SELECT * FROM companies WHERE name = '$name'"); #### $sth->prepare("SELECT * FROM companies WHERE name = ?"); #### $sth->prepare("SELECT name, url FROM table WHERE name LIKE '$name%'); #### $sth->prepare("SELECT name, url FROM table WHERE name LIKE ?"); $sth->execute($name . '%');