I know that I have to escape single quotes with a single quote, but do I still need to escape a text field with backslashes when inserting the data or is this done by the db? MySQL, SQLite and PgSQL have specific functions in PHP to do this.

What is a "text field"?

I'm glad you know what in the world you are talking about, but I certainly don't.
You mention four different s/w products, none of which are Oracle.
You provided NO example of what you have tried or what you really want to do,
what OS, which version of Oracle or what s/w client you are attempting to use.
You're On Your Own (YOYO)!

I should have said a text column. A text field is a form input that receives text data and may have special chars. I mentioned that I knew that single quotes had to escaped with a single quote. I simply wanted to know if any other escaping was required for special chars in a string such as ampersands, backslashes, etc., that will be inserted. I found that SQL Server only requires that single quotes be escaped, so I am gonna assume that Oracle only requires that. The reason I need to know this is that I have a PHP class to access multi db types and each has its own quirks on how it handles gpc text data.

No escaping is needed in Oracle if you are using BIND VARIABLES. That is, you dont do stuff like (if using ado in php): $db->execute("insert into table ( field ) values ('".$_POST['formfield']."')") .. you, instead, do: $db->execute("insert into table ( field ) values ( ? )", array($_POST['formfield']) ). And this not only applies to oracle, but for every other db out there (including SQL Server!).

Actually, I am using prepared statements/binding and I rolled my own generic bind method to handle gpc data. The prob with PHP is that the "magic_quotes_gpc" setting may or may not be enabled on any given install and I wanted to be sure to remove all escaping (backslashes) from prepared queries if the db doesn't require it.

I believe it would really depends on the char set encoding type your DB is in (being it single or multi-byte) and of course, the operation you're about to apply. For inserts, I believe escaping just ' is *ok*. For selects and like operations, there.. ' and _ has both especial meaning and so on. Also, you might want to have a matching between the content-type encoding your forms uses and the db's one. But I still insist that if you use properly binding with your statements, that *shouln't* be a problem.