For example, one day you might want to produce PDFs from your database instead of HTML, and I suspect PDF has a completely different escaping mode.

When you escape for the shell you have to insert a backslash before a single quote to escape it.

Very silly example: You want to use grep (the command) to search for a substring in a large text file. If you search for the numeric entity, while the text file contains the literal character.

File names have a completely different syntax. If you escape a file name under unix, you have to escape whitespaces - but surely you don't wan to escape all whitespaces in your database? (it would kill a word based full text index, for example). Even when you do HTML escape only, you have to very careful: there's more than one way to escape most characters. Many characters have names, so you can use ä, and numeric Ӓ (and I think also a hexadecimal escape as well). So if your comparisons for text equality should really work, you have to define a canonical form and translate everything into that form. D'oh.