How to prevent form hijacking in PHP?

1. Make register_globals to off to prevent Form Injection with malicious data.
2. Make Error_reporting to E_ALL so that all variables will be intialized before using them.
3. Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php
4. Make practice of using mysql_escape_string() in mysql.