PHP Security for Architects

Introduction
Application security isn't just a feature or an add-on. Security is directly linked to how an application has been coded: bad designed applications have bad security. Good software architecture and design is therefore the foundation for secure code. Security also depends on how it's been incorporated in the software development life cycle and software maintenance processes. Summarized: architecture, design and process are the 3 pillars for secure code:

Architecture

 * Don’t glue your application together with code snippets from the Internet
 * Structure & Organize your code by using an architectural pattern and/or application framework

Design

 * Don’t re-invent the wheel
 * Follow proven software design principles to avoid common pitfalls

Process

 * The proof of the pudding is in the testing, before and after going live.
 * Maintain and improve your code till the end its life by continuous bug fixing, patching, refactoring, etc.