What you probably need to do is to prepare() a query with placeholders in (i.e. '?') for each of the columns that might have the dodgy data in and then provide execute() with a list of those variables. e.g:

   my $sth = $dbh->prepare('insert into foo values (?,?)');

   my $dodgy_one = q%some stuff with ' and " in%;
   my $dodgy_two = q%more dodgy ' $ "£SS%;

   $sth->execute($dodgy_one, $dodgy_two);
[download]

You will almost certainly need to read more about this in the DBI manpage.

/J\