How to secure CodeIgniter URI segments when allowing all Characters with Oracle DB

I am getting URI segments from CodeIgniter and using them in query to an Oracle database. What is the way to secure these segments? As I cannot find a Oracle escape method for php (MySQL escape method in php is mysql_real_escape_string()).

And on a side note, is the security in CodeIgniter really as insan开发者_如何学Cely dangerous as they try to tell you in the config file. I am of the thinking it is safe so long as you escape these URI segments appropriately in any query with the database system you are using, but I don't know if I am correct.

Thanks.

I recommend using CI query bindings

$sql = "SELECT * FROM some_table WHERE id = ? AND status = ? AND author = ?"; 

$this->db->query($sql, array($yourSegment1, $yourSegment2, $yourSegment3));