how to avoid sql injection in codeigniter

Question

In CodeIgniter, how can I avoid sql injection? Is there any method to set in config file to avoid sql injection? I am using this code for selecting values:

Answer 1

While accepting value from client side, Better to use this code,

$client = $this->input->post('client',TRUE);

While inserting better to use codeigniter inserting method,

$this->db->insert('tablename',$values);

When using this method codeingniter automatically do all escape so we no need do escape manual.