in reply to Escaping user input for MySQL queries

$dbi->quote($user_input);

This should remain tainted (-Taint=>1) . The DBI quote mechanism only protects the database.

After Compline,
Zaxo

In Section Seekers of Perl Wisdom