I\'m a PHP/MySQL noob who knows nothing about online security.
Could you point me to some resources that will aid in my knowledge? (Beginner level, please!)
This question is well-answered and covers MySQL injection attacks (one of the more common concerns. This question is also well documented and covers XSS (cross site scripting) attacks well.
Lastly, learn about PHP.INI and how to set it up and what is actually open/closed and on/off. A good host will, for example, never turn on register globals, but you should at least know what it is and why to check it. PHP Security has resources on that and many other PHP security concerns.