- $sql="INSERT INTO project_task (project_task_id,group_project_id,created_by,summary,
- details,start_date,end_date,status_id,category_id,priority,percent_complete,hours,duration,parent_id)
- VALUES ('$project_task_id','". $this->ProjectGroup->getID() ."', '".user_getid()."', '". htmlspecialchars($summary) ."',
- '". htmlspecialchars($details) ."','$start_date','$end_date','1','$category_id','$priority','$percent_complete','$hours','$duration','$parent_id')";
+ $result = db_query_params ('INSERT INTO project_task (project_task_id,group_project_id,created_by,summary,details,start_date,end_date,status_id,category_id,priority,percent_complete,hours,duration,parent_id) VALUES ($1,$2,$3,$4,$5,$6,$7,8,$9,$10,$11,$12,$13,$14)',
+ array ($project_task_id,
+ $this->ProjectGroup->getID(),
+ user_getid(),
+ htmlspecialchars($summary),
+ htmlspecialchars($details),
+ $start_date,
+ $end_date,
+ 1,
+ $category_id,
+ $priority,
+ $percent_complete,
+ $hours,
+ $duration,
+ $parent_id)) ;