I have been reading about the security seals like "HackerSafe"

I an not sure what they check for and how they do it it.

One thing aspect is about PCI compliance, but since I only use Paypal, I dont think that concerns me.

Other things to check ?

Maybe proper processing of forms to avoid
sql injections ?

maybe using sessions to check user credentials on private pages ?

I don't know what else

Can tests for these aresa be written into a php script ?

Any thoughts much appreciated.