my $sql = "INSERT INTO table (foo, bar) VALUES (?,?)";
my $sth = $dbh->prepare($sql);
$sth->execute($new_foo, $new_bar);