DotGeek.org has a new tutorial posted this morning concerning one of the more infamous issues surrounding PHP - dealing with magic_quotes_gpc.

In magic_quotes_gpc: Bullet-proof code the author shows you hot to avoid "bullets" - client-side inputs that are caused when the user inputs something you weren't expecting (or they might even be up to something malicious). Whatever the reason, this tutorial can help assist you in avoiding bad, bad things such as SQL injections (when a user figures out the form and how it makes a SQL statement and uses that to their advantage).

He gives examples of possible ways that users could abuse your scripts, and how to dodge these bullets. The author also provides a "magic function" that will help you keep your code and your data safe.