Well, I’ll be blunt here. No. There is no known method that you can put code through that will tell you if it’s “secure enough”… That’s a very difficult problem (After all, even the big software companies get things massively wrong from time to time).

There are a number of automated testing tools available. I don’t really have anything positive to say about any of them. Some are better than others I’m sure. But the bunch (about 5) that I’ve tried personally were horribly inaccurate (one found over 20,000 vulnerabilities. Each and every one was a false positive). And the problem is that you need to know what you’re doing to accurately determine if it’s a false positive, or how to fix it if it is not.

The best method if you can afford it is to hire a professional PHP security expert to review the code base. Note, I’m talking about an actual expert, not just some company that claims to do the service (since -again in my experience- more often than not they are just trying to capitalize on the market).

With that said, if you really want someone to take a look, hire any reputable security company. It’s better than nothing if you feel that strongly that you need the help…

Try reading up on some security resources so that you can try to check for yourself (or at least start writing more secure code)… In no particular order:

1. PHP Security at PHPFreaks.com
2. The security section of PHP.net’s documentation
3. The PHP Security Consortium
4. Chris Shiflett’s book on PHP Security
5. OWASP

There are tons more, just look…