in reply to
Remote ptkdb behind firewall
Since you have root on the server, try running the script as the same user that owns the server processes ('www-data', 'apache', or 'nobody' are common) and see if you can still connect. If not, then that's where the problem lies. Since you're able to connect when running it from the CLI, the firewall probably doesn't have much to do with it.
It's also quite likely that your DISPLAY setting is coming too late in the process to matter.
Update: I just tried it out, for curiosity's sake, and it seems that you -can- set it in a BEGIN block - but you don't have a BEGIN block, you have a subroutine called BEGIN, which isn't the same thing at all. And yes, it's a permissions problem: the 'www-data' user on my machine can't connect to localhost:0.0 either. I'm not going to chase it down, but this seems like it would be a productive avenue for you to follow. :)
I hate storms, but calms undermine my spirits.
-- Bernard Moitessier, "The Long Way"