Reading previous comments, I have following ideas:
1/ Dump structure of your pg database and create another instance with equal structure, but without data.

pg_dump -s dbname > dbname.dump
createdb dbname_fake
psql dbname_fake
\i dbname.dump
[download]

2/ Test the queries against this mockup database instance. It gives you ability to check the semantically wrong queries - relation xyz does not exist, for instance, not only syntactically erroneous queries.
3/ I think that the tested queries would have the structure similar to

<sql>select * from xyz where col1 = ?;</sql>
<params>
  <param>123.5</param>
</params>
[download]

...and you will not have any problem with escaping, I hope :)

---

update: The commands of point 1/ ignore potential changes of database instance ownership and/or access rights, it is up to you to set these ...