Thread:Project:Support desk/ON DUPLICATE KEY UPDATE in a query/reply (3)

YIKES

Yes you need to escape the userId, page and userKarma values using