Back in PHP 2, the 'magic quotes' setting seemed like a great idea. It would automatically escape all of your input so you didn't have to worry about those pesky SQL injections. Any dodgy characters entered by the user would be automatically escaped by a backslash.
