ZC 1.5.1


Im adding some data to a new table I created within zencart. Im tring to become better at protecting against injections and just need a quick look over ( Im still newish and solid protection ) .... in the following is zen_db_prepare_input enough protection or do I need to add mysql_real_escape_string like this?

zen_db_prepare_input(mysql_real_escape_string($buildacmeProductID))

Code:
$sql_prods = 'INSERT INTO acme_products(`acme_products_id`,`acme_products_partno`, `acme_products_orderno`, `acme_manus_id`, `acme_model_id`, `acme_products_years`, `acme_products_type`, `acme_products_catid`, `acme_products_catname`, `acme_products_matid`, `acme_products_matname`) VALUES ';
			$sql_prods .= sprintf( "\n('%s','%s', '%s', %d, %d, '%s', %d, %d, '%s', %d, '%s'),",
			zen_db_prepare_input($buildacmeProductID),
			zen_db_prepare_input($resultProduct->attributes()->partNo),
			zen_db_prepare_input($resultProduct->attributes()->orderNo),
			zen_db_prepare_input($resultProduct->Manufacturer->attributes()->id),
			zen_db_prepare_input($resultProduct->Model->attributes()->id),
			zen_db_prepare_input($resultProduct->Years),
			zen_db_prepare_input($resultProduct->ProductType->attributes()->id),
			zen_db_prepare_input($resultProduct->ProductType->attributes()->categoryID),
			zen_db_prepare_input($resultProduct->ProductType),
			zen_db_prepare_input($resultProduct->Material->attributes()->id),
			zen_db_prepare_input($resultProduct->Material));
					
			$sql_prods = rtrim($sql_prods, ',') . ';';

			if(!mysql_query($sql_prods)){
			  echo '<h1 style="color: red;">Error</h1><p>', mysql_error(), '<p>';
			}else{
				$counter_prods++;
				echo "<BR />Successfully entered this product. ".$counter_prods." Product Records have been inserted into the database so far.";
			}