Most beautiful insertion with escape

[eluser]Theis[/eluser]
Hi everyone.
Im new to CI, and I'm really loving how db->insert() can insert to the database by getting the data as a array, such as $_POST.

So my model looks simply like this:

Code:

function save(){
  $this->db->insert("page",$_POST);
  return $this->db->insert_id();
}

But I just that problem that i would like to escape all elements to avoid SQL-injection.
I know that there is some escape method in IC, but are there some easy way to escape $_POST in a way that i dont need do it for each variable in my array.

I just want my code clean and simple
Hope you can help me. Thanks

[eluser]Theis[/eluser]
For instanse I definitely dont want to do this for all variable in $_POST:

Code:

$title = $this->db->escape($_POST['title']);
$body = $this->db->escape($_POST['body']);
$param3 = $this->db->escape($_POST['param3']);
...

[eluser]Rok Biderman[/eluser]
It says here:

"Beyond simplicity, a major benefit to using the Active Record features is that it allows you to create database independent applications, since the query syntax is generated by each database adapter. It also allows for safer queries, since the values are escaped automatically by the system."

[eluser]Theis[/eluser]
Aha. So you say that I dont need to do escapes?

[eluser]Rok Biderman[/eluser]
That is correct, but consider if dumping post variable right into the db is the right for you, since escaping isn't the only thing you're likely to do from security/efficiency standpoint. You're probably going to want to validate the input and perform some kind of transformations.

[eluser]Theis[/eluser]
Thanks.
Of coarse that might be the case..