One aspect of PHP that you need to be careful of, is that ?> will drop you out of PHP code and into HTML even if it appears inside a // comment. (This does not apply to /* */ comments.) This can lead to unexpected results. For example, take this line:
<?php
$file_contents = '<?php die(); ?>' . "
";
?>
If you try to remove it by turning it into a comment, you get this:
<?php
// $file_contents = '<?php die(); ?>' . "
";
?>
Which results in ' . "
"; (and whatever is in the lines following it) to be output to your HTML page.
The cure is to either comment it out using /* */ tags, or re-write the line as:
<?php
$file_contents = '<' . '?php die(); ?' . '>' . "
";
?>