A similar guide can be found at https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines.
OWASP provides good information about many web application security issues, with a large list of vulnerabilities to learn about and avoid.
Main book page | Introduction | Checklist
Miscellaneous points | File inclusion and disclosure | File upload vulnerabilities | SQL injection | Cross-site scripting (XSS) | XML and internal data escaping | XML, JSON and general API security | (Un)trusted input | Cross-site request forgery (CSRF) | Clickjacking | Insecure data transfer | Session fixation | Session stealing | Truncation attacks, trimming attacks | Password security | Comparison issues | PHP-specific issues | Prefetching and Spiders | Special files | SSL, TLS and HTTPS basics
Further reading | Authors | Print version