// Store the unescaped version
$unescaped = $arr;
- dbesc_array($arr);
+ dbm::esc_array($arr, true);
logger('item_store: ' . print_r($arr,true), LOGGER_DATA);
$r = dbq("INSERT INTO `item` (`"
. implode("`, `", array_keys($arr))
- . "`) VALUES ('"
- . implode("', '", array_values($arr))
- . "')");
+ . "`) VALUES ("
+ . implode(", ", array_values($arr))
+ . ")");
// And restore it
$arr = $unescaped;