in reply to encoding to prevent sql injection in both perl and php
Given that you seem to be talking about binary values, what are you storing?
The sqlite_escape_string() function probably does much the same as the quote method in DBI, which of course is really surplanted by using placeholders.
If you need true binary capability then MIME::Base64 is probably as good as anything. But it seems you really only want escaped values. Try writing the escaped version into SQLite and see what DBI reads back!
In Section
Seekers of Perl Wisdom