Sanitizing your form input is critical to security. Do not simply pass $_GET or $_POST data into your database. This method properly escapes the strings and is generally used when your data comes from some user input other than a form.
$data = Input::sanitize('aRandomStringOfData');
Please note that your data may require other types of security checks before storing into the database, but this method handles the basics.