http://www.owasp.org/index.php/PHP_Top_5

That site has tips on security vulnerabilities, here is a quick list of pointers from that article.

• Remote Code Execution
  • Don’t Use user input in Include, Require or Eval
• Cross-site scripting
  • Don’t use register_globals
  • If outputting User Submitted Values, sanitize first using htmlentities
  • Avoid $_REQUEST use $_GET or $_POST
  • Validate Values ie use is_numeric or check string length
  • use urlencode when adding variables to a query string
• SQL Injection
  • Validate Data prior to use in SQL Statements - ie is_numeric
  • When possible use PDO or another Database Abstraction Layer combined with prepared statements at the very least use escape strings ( Avoid addslashes() as it isn’t adequate )
•  File system attacks
  • Ensure that all variables are properly initialized prior to first use
  • Ensure that the users can only affect file operations to the degree you had in mind
  • Try to move secrets and logs out of the web root if at all possible – see the references on “Shared Hosting” by Chris Shiflett

Here is a link for a Smashing Magazine Post with 75 Different Javascript Tips/Techniques

http://www.smashingmagazine.com/2008/09/11/75-really-useful-javascript-techniques/

Here are ones that i found might be handy at a later date:

• Coda popup bubbles (Info Bubbles)
• addSizes.js (File Size Display)
• LiveValidation (Form Validation)
• AmberJack (Site Tour)
• jQuery virtual tour (Fancy Virtual Tour for Photos)
• FancyZoom meets jQuery // Ordered List // We Make The Web Beautifully Simple (Thumbnail to Image script)
• Starbox (Rating System)
• Newsticker (Vertical Scrolling News Headlines)
• Toggling Announcement Slider (Top Down Popup Slider)
• Creating a Slick Auto-Playing Featured Content Slider (Home Page Content/Headline Slider)
• Creating a Dynamic Poll with jQuery and PHP (Poll System)