my $stringQ = $dbh->quote($string);
my $sql = "SELECT * FROM table WHERE x=$stringQ";
...