my $pet = '5" Stuffed Camel';
my $sql = 'SELECT id,name FROM users WHERE has_pet = ?'; 
# '?' signifies a placeholder

my $sth_sel = $dbh->prepare($sql);
$sth_sel->execute($pet);
# Now $pet is properly quoted