embedding one language (SQL) into another (Perl) is awkward:
dealing with placeholders and bind values:
$sth = 'UPDATE Account SET balance = ? WHERE accno = ?' # ... later ... $sth->execute($balance, $account);