I have read so many threads where it is evident to me that very few really know the true situation. I am just learning, but AFAICT; I *think*, the topic boils down to these points (in my own words): 1.) Code Igniter, all along, has been using mysql_real_escape_string() to ...