It's easy to overlook security when we write PHP code, yet failure to write code with security in mind can result in catastrophe.
Rather than write the book myself, this is one of those cases where we should just reference some good material written by others.
- Sitepoint.com: Top 7 Security Blunders