There's only one module you should use for database work in Perl: DBI. I suggest you pick up a copy of Programming the Perl DBI. That should give you everything you need to know, including information about avoiding SQL injection attacks (use placeholders).

-sam