Make Error_reporting to E_ALL so that all variables will be intialized before using them.
Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php
Make practice of using mysql_escape_string() in mysql.
Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php
Make practice of using mysql_escape_string() in mysql.