On the SitePoint PHP Blog today, there's this new post with a sort of response to Alan Knowles' lastest post about PHP "gotchas" to avoid.

New today is a post on Smoking toooooo much PHP entitled Six deadly PHP sins, this week…. The article gives a quick list of tips for PHP developers on why they definitely should avoid in their code.

One of the entries is titled Every variable should start somewhere. In a previous blog post, I mentioned how frustrating it was to be trying to read some code and asking yourself, ‘Where does this variable come from?!’.

He advocates the same avoidance that Alan mentions towards things like globals, and the extract/eval functions. He also states something that I don't think could be said enough - always comment code. Even when it's a 10 line script and you think you'll never use it again, a note at the top of when it was written and what it was written for could save your life down the road.

Unfortunately a lot of hard-to-understand code is, understandably, a result of laziness or unrealistic deadlines. Keep in mind that regardless of the current specification of the project, it is likely to change in future and when that happens, somebody is going to go through your mess of code and try to change its direction and purpose. If the code is self-explanatory, it will be a lot easier to modify it and doing so will be less likely to introduce new security problems.