Is this code SQL injection proof?

I don't see anyway for a SQL attack to happen with its all hard coded.

<?php
        $db = mysql_connect('host', 'user', 'pass') or die('Could not connect: ' . mysql_error());
        mysql_select_db('DBNAME') or die('Could not select database');
        // Strings must be escaped to prevent SQL injection attack. 
        $name      = mysql_real_escape_string($_GET['name'], $db);
        $score     = mysql_real_escape_string($_GET['score'], $db);
        $QuestionN = mysql_real_escape_string($_GET['QuestionN'], $db);
        $hash      = $_GET['hash'];
        $num       = (int)$QuestionN;
        $secretKey = "mykey"; # Change this value to match the value stored in the client javascript below 
        $real_hash = md5($name . $score . $secretKey);
        if ($real_hash == $hash) {
            // Send variables for the MySQL database class. 
            if ($QuestionN == "1") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 1 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 1 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 1 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 1 ";
                }
            }
            if ($QuestionN == "2") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 2 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 2 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 2 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 2 ";
                }
            }
            if ($QuestionN == "3") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 3 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 3 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 3 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 3 ";
                }
            }
            if ($QuestionN == "4") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 4 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 4 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 4 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 4 ";
                }
            }
            if ($QuestionN == "5") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 5 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 5 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 5 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 5 ";
                }
            }
            if ($QuestionN == "6") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 6 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 6 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 6 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 6 ";
                }
            }
            if ($QuestionN == "7") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 7 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 7 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 7 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 7 ";
                }
            }
            if ($QuestionN == "8") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 8 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 8 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 8 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 8 ";
                }
            }
            if ($QuestionN == "9") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 9 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 9 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 9 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 9 ";
                }
            }
            if ($QuestionN == "10") {
                if ($score == "A") {
                    $query = " UPDATE Quiz1 SET A = ( A + 1) WHERE Question = 10 ";
                }
                if ($score == "B") {
                    $query = " UPDATE Quiz1 SET B = ( B + 1) WHERE Question = 10 ";
                }
                if ($score == "C") {
                    $query = " UPDATE Quiz1 SET C = ( C + 1) WHERE Question = 10 ";
                }
                if ($score == "D") {
                    $query = " UPDATE Quiz1 SET D = ( D + 1) WHERE Question = 10 ";
                }
            }
            $result = mysql_query($query) or die('Query failed: ' . mysql_error());
        }
    ?>