NYCPHP Meetup

[Jerry B. Altzman]

on 1/31/2014 12:11 PM Anthony Ferrara said the following:
> Chris,
>     Not only are they not evil, they're necessary for a lot of Don't
>     Repeat Yourself optimizations.
> Variable-variables as put here are not necessary in any situation. In
> general they are dangerous, and a potential security hole. If you MUST
> break down to native variables, use an array, and then extract() with
> the "overwrite" flag as false (to prevent potential issues).
> http://us2.php.net/extract

Better said than I could have. Any time you have the program 
nondeterministically take code paths or branches, you introduce possibly 
subtle bugs that make reasoning about your program that much more 
difficult to do.

Like I said, you can do the same badness in Python (by messing with 
internal object parts) or any other interpreted language (by messing 
with the interpreter). Any time you have effectively an 'eval' going on, 
you have the possibility of subtle logic errors, and security holes as 
well.

> Yes, and that's significantly worse than:
> $container = array();
> foreach( array('pages', 'posts', 'comments') AS $collection ) {
>    $container[$collection] = $model->load( $collection );
>    // do more stuff with $container[$collection] here
>    $template->assign( $container[$collection], $collection );
> }
> It's even more clear, since it shows outright where the data is. You can
> tell instantly with any read where a variable was set.

It's clearer, and doesn't pollute a namespace with spurious names 
created by mention.

> Using variable-variables, you have literally no idea until runtime
> (stepping through with a debugger) what area of code touches what variable.

What's this PHP debugger you talk of? :-)

>     It's a little bit harder to read until you get used to it, but
>     because it's DRY it's much easier to manage over time.
> Many a great evil in programs have been done in the name of DRY. DRY !=
> easier to manage. Clean coding with a focus on readability improve
> maintainability in the long term. Hacks to save a few characters of
> writing at the expense of cognitive load do not.

Repeat after me: "Premature optimization is the root of all evil."
Or better yet: "Code as if the person who has to support this code in 6 
months is a homicidal psychopath who knows where you live."

> In short, the only form of variable-variables that I believe should
> **ever** be used are variable object property/method references:
> $obj->$property = blah;
> $obj->$method();

And even here, we get the same nondeterminism; $obj->$property isn't 
morally different from $obj[$property]

Dynamic dispatch is hard!

> Anthony

//jbaltz
-- 
jerry b. altzman | jbaltz at altzman.com | www.jbaltz.com | twitter:@lorvax
thank you for contributing to the heat death of the universe.