Thread: Prevent PHP from Hijacking

I want to improve my knowledge about PHP. Can anyone give me suggestion how can I prevent my PHP form from Hijacking?

1) You can avert you PHP Form from hijack follow the given steps below:

• You must to off the register_globals which will prevent insertion of malicious code.

• Error reporting must be set to E_ALL so before with any variable it is required to initialize it.

• You can make use of the htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering Unwanted data.

• Use mysql_escape_string() in mysql.

2) Follow the given stepladder below to stop PHP form from Hijacking:

• Turn off the register_globals.

• Make E_ALL for Error_reporting.

• Make scripts for data validation and data verification.

• Destroy use of htmlentities (), strip tags (), utf8_decode () and adds lashes () as filter.