Am I safe using only $this->input->post() ? in the case I use just this way and in queries in the database I use just something like:
$this->db->query("SELECT * FROM 'usuario' WHERE 'id_usuario' = $id_usuario");
In this case, I pass $this->input->post() to a function and pass this data directly to the query, as shown above. I'm protected against
XSS and SQL Injection ?