[eluser]BravoAlpha[/eluser]
[quote author="walesmd" date="1187724029"]I guess my point was simply: you can access the input a variety of methods. $this->input->post is not the only way, especially if using $_POST is going to save you 6 lines of typing. In the end, they all come out to exactly the same thing.[/quote]
I don't think you should dump $_POST into the database; You don't know what's in there.
Let's say you have a user table that contains ids, name, email addresses, passwords, and some kind of permission field. If you have an update form that allows users to change their email and password (etc.), then dumping $_POST in should work fine. However, if a user also managed to include $_POST['permission'] in their form (e.g. they made their own form, or used curl locally, etc.), then that user's permission field would also be updated when you dump $_POST into the database, and that user would now have permission on your site that he shouldn't have.
