Use the ? placeholder with PEAR DB
$sth = $dbh->query('INSERT INTO songs (title,artist) VALUES (?,?)', array($title, $artist));
Use strtr() to escape % and _ before escaping '
$title = $dbh->quote($title);
$title = strtr($title, array('_' => '\_', '%' => '\%'));
$sth = $dbh->query("DELETE FROM songs WHERE title LIKE $title");
You can also use mysql_real_escape_string() or addslashes()