$escaped = CGI::escape($string);

$escaped = CGI->escape($string);

$escaped = $cgi->escape($string);  # if $cgi is your CGI object