$table = param("table");
$column = param("column");
$value = param("value");

$rows = $dbh->selectall_arrayref( "select $column from $table where key = '$value'" );


##</code><code>##

my %table_cols = ( foo_table => 'foo_column',
                   bar_table => 'bar_column',
                  # ... 
                 );
my $table = param( "table" );
my $column;
if ( defined( $table ) and $table =~ /^(\w+)$/ and
     exists( $table_cols{$1} )
   my $sth = $dbh->prepare( "select $table_cols{$1} from $1 where key = ?" );
   $sth->execute( $param('value'));
   my $rows = $sth->fetchall_arrayref;
}