Have I made form function secure enough

I would like to know if I have made my form function secure enough.

So if user try's to access form with out a id it redirects etc but also trying make it protected as well.

I have not enabled CSRF should I?

PHP Code:

<?php

class Banners extends CI_Controller {

    public $error = array();

    public function __construct() {
        parent::__construct();
    }

    public function edit() {
        if ($this->input->server('REQUEST_METHOD') == 'POST') {

        }

        $this->get_form_edit();

    }

    public function index() {
        $this->get_list();
    }

    protected function get_list() {
        $data['template'] = 'template/banners/banner_list_view';
        $this->load->view('template/common/template_view', $data);
    }

    protected function get_form_edit() {
        $banner_form_id = isset($_GET['banner_form_id']) ? $_GET['banner_form_id'] : "";

        if ($banner_form_id) {

            $data['banner_form_id'] = $banner_form_id;

            $data['placeholder'] = 'holder.js/100%x75';

            $data['template'] = 'template/banners/banner_form_edit_view';
            $this->load->view('template/common/template_view', $data);

        } else {

            redirect('c=banners');

        }
    }
} 


Is there any thing need to add in view?

PHP Code:

<div class="container">

<div class="row">

<div class="col-lg-3 col-md-3 col-sm-12 col-xs-12">

</div>

<div class="col-lg-9 col-md-9 col-sm-12 col-xs-12">

<?php echo form_open_multipart('c=banners&f=edit&banner_form_id=' . $banner_form_id);?>

<table id="banners-table" class="table">

<thead></thead>

<tbody></tbody>
    
</table>

<?php echo form_close();?>

</div>

</div>

</div> 


There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!