Sanitizing your form input is critical to database security. Do not simply pass $_GET or $_POST data into your database. This method properly escapes the strings.
$username = Input::get('username');
Please note that your data may require other types of security checks before storing into the database, but this method handles the basics.