PHP/SQL Database querying good practice and security

Question

So I\'m a slightly seasoned php developer and have been \'doin the damn thing\' since 2007; however, I am still relatively n00bish when it comes to securing my applications.

Answer 1

Use stored procedures for any activity that involves wrinting to the DB, and use bind parameters for all selects.