- $result = SQL_QUERY("INSERT INTO `{!MYSQL_PREFIX!}_optimize_gain` (gain) VALUES ('".$total_gain."')", __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_optimize_gain` (`gain`) VALUES (%s)",
+ array($total_gain), __FUNCTION__, __LINE__);