in reply to Avoid SQL injection
my $from = shift || ''; my $select = shift || ''; my $where = shift || ''; .... $sql.="FROM $where "; $sql.="WHERE $other ";
Are you sure this is your code? It reads as though you are creating sql with a from containing the where clause. Regardless, it's messy. Bobby-tables.com has hints on placeholders/bind variables and the use of quote_identifier for identifiers etc. As a side note, what do you have against printing $!? previously among others.
In Section
Seekers of Perl Wisdom