my $q = CGI->new(); # stuff $string = $q->escape($string); #### use CGI; # stuff $string= CGI::escape($string);