Zde je návod, jak by to mělo být provedeno pomocí PDO
$dbh = new PDO('mysql:dbname=cs301;host=localhost', $username, $password);
$stmt = $dbh->prepare('INSERT INTO `galleryscores` (`player_name`, `player_score`) VALUES (:player_name, :player_score)');
$stmt->execute( array('player_name' => $_POST['name'], 'player_score' => $_POST['score']) );