1 - Sécuriser GET et POST
$_ = array();
foreach($_POST as $key=>$val){
$_[$key]=mysql_escape_string(htmlentities($val));
}
foreach($_GET as $key=>$val){
$_[$key]=mysql_escape_string(htmlentities($val));
}
utilisation:
echo $_['MaVariablePostOuGet'];