[eluser]thunder uk[/eluser]
The $_POST array *could* contain something nasty that screws up your database (or worse).
So, instead, get your POSTed values into variables that are nice and clean and free from nasties.
eg
$title = $this->db->escape($this->input->post('newstitle'));
$body = $this->db->escape($this->input->post('newsbody'));
This still isn't foolproof since some of the bad guys know how to use multibyte character encoding to bypass the above, but it's still a good bit safer than passing raw $_POST data