This post is over a year old, some of this information may be out of date.
The Paragon Initiative Blog has a new post with their tips and tricks, things to avoid on building secure PHP applications.
As they mention, This guide should serve as a complement to the e-book, PHP: The Right Way, with a strong emphasis on security and not general PHP programmer topics (e.g. code style).
Here you can read the full blog post https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software