Funny no-one mentioned it so far: You should consider to develop the habit to always use prepared statements, passing in such things as parameters:

[...]
my $queryStatementHandler = $dbh->prepare("SELECT field1,field2 FROM m
+y_table WHERE LEFT(field3, ?) = ?");
$query->bind_param(1, $value_1);
$query->bind_param(2, $var);
$query->execute();
[...]
[download]

Not only is this (and the shorter forms DBI allows for) usually considered good style, but usually the safest form to talk to a DB.

regards,
tomte