Magic quotes is a controversial feature of the PHP scripting language, wherein special characters are prefixed with a backslash before being passed on. It was introduced to help newcomers write functioning SQL commands without requiring manual escaping. It was later described and widely misinterpreted as intended to prevent inexperienced developers from writing code that was vulnerable to SQL injection attacks.
