I am a Zend PHP 5.3 Certified Engineer and OCA MySQL 5.5. I have more than 3 years experience of web application development using PHP and PHP frameworks.
I love to learn about web application security, finding security issues/bugs/flaws in websites . So... I read and read a lot... read books... read over internet... watch videos and learn. I try to implement whatever I read. I search for security issues in web sites, report the website owner. But I have not found any security issue in high profile sites yet. It does not mean that there is not any issue in those sites. I will surely find one day.
I believe you need to know two points if you want to be a successful.
1 - never tell all your secret.
2 -