If you have inputs like this in a form:
<input type=hidden name="one[bl's]" value="stuff's" />
<input type=hidden name="bl's" value="val's" />
and you submit it, the NAMES of the variables will ALWAYS be magic-quoted, even if magic_quotes is OFF. However, the VALUES of the variables will be magic-quoted only if magic-quotes is turned on.
In the above case, even if magic quotes is off, your POST data will look something like this:
$_POST = array(
one = array(
bl\'s = stuff's
),
bl\'s = val's
)
Notice how the values of the variables were not magic-quoted, but the NAMES of the variables were quoted.
Tested in PHP 5.0.4, Windows NT 5.1 build 2600