Typically it would look a little like this.

my $insert = "insert into table (vol) values (?)";
$dbh->do($insert, $values[8]);
[download]

Generally, the notion is that you never directly put variables into SQL statements.