# this works, but don't do it... The "correct" way is bind-vars
$value = $dbh->quote("sneaky text with posessives' in it");  $sql = "update set column = $value";