How can I protect against SQL injection attacks using Perl's DBI?

Question

Is there a function i can use in Perl to sanitize input before putting it into a MySQL db? I don\'t know regex very well so before I make my own function i was wondering if

Answer 1

Answer: Use SQL placeholders (?).

Why: The structure of the SQL statement and the data values represented by the placeholders are sent to the database completely separately. so there is absolutely no way that the data values can be interpreted as SQL commands.