What are some security measures that you take while coding? Especially in PHP. Mine I do the following, yet for some reason I feel its not enough. mysql_real_escape_string() htmlspecialchars() Predefined set of tags. Check amount of queries executed per operation. Validation of data types. And md5+salt for sensitive data. I'd like to know what other things can be done for protection.