Since "drain cleaner" is two words, it should be quoted. An easy way to solve this and similar problems is to use placeholders. Something like:

my $sth =$dbh ->prepare("UPDATE products set pname=? and  unit=? and q
+ty=? and cost=? WHERE id = ?");
$sth->execute($pname, $unit, $qty, $cost, $id);
[download]

should do the trick. The question marks are replaced by the values passed to execute. For more information, see DBI.