How to prevent hijacking in PHP?

 Make Error_reporting to E_ALL so that all variables will be intialized before using them.
 Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php
 Make practice of using mysql_escape_string() in mysql.