In addition to running under -T, you probably want to investigate the Taint attribute of a DBI handle. It's well-documented in the DBI perldoc, but briefly: if -T is on and the Taint attibute of a DBI handle is true, then all data fetched from the database are tainted, and information processed by DBI via method calls are checked for taintedness.

Chris
M-x auto-bs-mode