This project report details the development of a secure web application using PHP and MySQL, addressing common security vulnerabilities. Part I presents a technical essay explaining five security issues associated with PHP applications: SQL injection, Cross-Site Scripting (XSS), Session Hijacking, Directory Traversal, and Remote File Inclusion, referencing external articles. Part II involves creating an HTML form and storing the data in both a file and a MySQL database, including an SQL script to generate 500 contact details. The report also explains the security measures taken, such as input validation using HTML5, prevention of SQL injection using PDO parameterized queries, and avoidance of remote file inclusion by using server-based file systems. Concrete examples are provided to demonstrate how these security measures block potential attacks.