OK, it may sound ridiculous but this is what happened :
"Use PDO"
(I've also checked the db table, from phpMyAdmin, and the specific field seems to have been altered :S).And I'm thinking : "Somebody has hacked the site". Something like a bad (though educational) joke, maybe?
Am I right? (I feel a bit stupid asking that, but whatever...)
If so, what should I do in order to prevent such a thing happening in the future?
Hint : ALL my db access is done using CodeIgniter's db function, so I suppose everything should have been properly escaped. Any ideas?
The issue has been resolved, thanks to @raina77ow.
The Db access had been in a really bad shape, and the (quasi obvious) solution was to start using Prepared statements and Query bindings.
Reference : http://codeigniter.com/user_guide/database/queries.html