ISO guidelines/strategies to guard injection attacks

I have a Perl CGI script (using DBD::Pg) that interfaces with a server-side Pg database.  I'm looking for general guidelines/tools/strategies that will help me guard against SQL injection attacks.