It is one of those good practice things because there are times when you need it. The
addslashes() function will insert the backslash character ("\") where it is needed in a string to be able to safely insert that value in the database. This is to make sure you could insert, say, a user comment into a database like
So I'm like, "No way!" and he's all like "Tru dat."
If you try and insert such a string into a database, it will have a hard time dealing with the quotes. Passing that string through the
addslashes() function before you insert it into your database will make sure the quotes are handled correctly.
When you read the value from the database, you will need to use the
stripslashes() function to restore the string back to its original form before writing it to the browser.