PHP Codeigniter + Sparks + php-activerecord how to escape before insert or update data

Question

I'm very new php-activerecord. Is there a way auto escape all of my post/get data before update or insert records?

class User extends ActiveRecord\Model {...}

class Blog extends MY_Controller
{
    function test()
    {
        $user = User::find('last');
        $user->first_name = 'test"quot' . "es'zzz";
        $user->save();
    }
}

// inserted data
// first_name = test"quotes'zzz

Answer 1

Have a look at Query Bindings

The secondary benefit of using binds is that the values are automatically escaped, producing safer queries. You don't have to remember to manually escape data; the engine does it automatically for you.

Answer 2

Did you encounter any trouble? PHP-ActiveRecord is using PDO prepared statements(source). So you shouldn't encounter any escaping problem, if so, feel free to open n issue on the github project page: https://github.com/kla/php-activerecord