Codeigniter escape() function
This function will determine the data type so that it can properly escape only string data. It will automatically add single quotes around the data so you don’t have to.
Here’s how you would use it:
$sql = " INSERT INTO table (name) VALUES(" . $this->db->escape($name) . ") "; $this->db- >query($sql) ;
