Don't put variables into your SQL statement directly, use placeholders (see DBI for the many reasons why).

...
$sql = qq { insert into my_table (update_1) values (?) };
$sth = $dbh->prepare($sql);
$sth->execute($sometext);
...
[download]