Essential PHP Security
This book is essential for anyone starting out in PHP, but not only for them. It offers tips for almost any skill level, maybe you know some of the ways to keep your site secure but Chris really goes in depth on some of them.
The code snippets are short, simple, but convey the point exactly as intended… and I also like Chris’s method for validating tainted data, similar to a fisherman. If the fish is bad throw it back and the same goes for user input.
I still have this book for reference and have lent it to a few people which resulted in them picking their own copies… all around a great resource.