The simplest solution, after all, is to recursively call stripslashes() on all superglobal arrays (it's not just GPC, it's EGPCSR.) However, this runs into hard to diagnose bugs regarding escaping of array keys in the request.
It appears no one is really sure how combinations of operating systems, PHP versions, and PHP configuration affects escaping of data. So, I'd like to make a call for people to compile a comprehensive table of all possible relevant variables and the escaping of data.
I've already run into trouble trying to implement systems based off of the comments in the PHP manual, mainly because the comments are property of the PHP Documentation group, and are licensed under the Open Publication License, which is not a code license. This puts us in murky license/copyright lawyers, and does not seem to be worth the trouble. The final result of this work, then, will be Public Domain.
Switching PHP configurations as I go down the 4.x series is probably going to be the biggest bugger, but if we can get a comprehensive solution out there, well, we can let this issue lie. Unless someone has already comprehensively solved it.