// Some basics of writing #secure #code from Nathan Good at IBM
1) Validate input
2) Guard your file system
3) Guard your database
4) Guard your session data
5) Guard against Cross-Site Scripting (XSS) vulnerabilities
6) Verify form posts
7) Protect against Cross-Site Request Forgeries (CSRF)
Kind of seem obvious, but they are not to a lot of people. The full read, "Seven habits for writing secure PHP applications", here: http://ibm.co/X0jCyP
any chance of sharing the non shorten link I never follow them as I have no idea where they lead.
As you can see from the domain (ibm.co) it's a page on the IBM site. Here is the full url http://www.ibm.com/developerworks/opensource/library/os-php-secure-apps/index.html