Hey, i am making a user managment system (login/register) and was woundering if there is a way to allow new user registration when using .txt files instead of a database? Thanks for the help

Sure you can!

Just use fopen() to get the file, than fread() to go through the file line-by-line until you match the key that identifies said user.

Just be sure to encrypt your passwords... including a private seed... as it's a hell of a lot eaiser to get access to a flat-file than it is to break into a sql database!

Sure you can!

Just use fopen() to get the file, than fread() to go through the file line-by-line until you match the key that identifies said user.

Just be sure to encrypt your passwords... including a private seed... as it's a hell of a lot eaiser to get access to a flat-file than it is to break into a sql database!Sweet, what would the fread() look like? Thanks man

what would that flat-file you are dealing with look like?

what would that flat-file you are dealing with look like?Yeah, like what the fread() function look like that gets the strand of code from the file. Also, i have been playing with this a bit and am not sure how the new registration script should input into the .txt file that contains the users.

Also, i have been playing with this a bit and am not sure how the new registration script should input into the .txt file that contains the users.


For that you would use fwrite()

Its a lot more secure to use a db rather than a txt file. Trust me.

A database has many more options, but isn't neccessarily more secure.

Either way, a hacker would need to access the database or the text file, both on the server.... neither is easier to get to, really.

However, someone can view a txt file just by going to it's url.... a database can't be reached like this.

It depends if the info in the txt file needs to be secure, or if only changing it needs to be secure.

for a user registration system a text file is not a must ... you can easily place contents in a .php file something like this:



<?php
exit();
?>
data here ...


when using fread() or file() i will read everything. it has a flaw though that anyone can use file() or fread() to read that file unless he finds out the URL of the file, you can also place that file outside of the root directory(home or something) where only the script can access the file.

Just a suggesstion though, but I agree that databases are a lot more easy to handle and are a lot less trouble causing than flat-files.

Ah, that's a good point.
Yes, using a php file that blocks access is a good idea.

Actually, no, you can't access that. PHP code is only available locally.... if you try to access from an outside domain, the code would execute. As is, that should be totally secure, as long as you do remember to keep the php code at the top... replace it each time you edit the file.

What I usually do is use Twey's newfile() function(must be somewhere in this forum). Just read the file with newfile()(the file must have a separator like | or :) and it will read your file as an array(with the value before the separator as a key and the value after the separator as a value and then I simply use if()...else to compare the values.

I don't get how that's related.
If you mean the file doesn't change the text of the file except for the specific line, then, yes, that would work fine.

I don't rewrite the whole content again. I just append the new data.

Sure. That's fine.

I just mentioned that because you would be using the actual data from the text file and if you didn't replace the php code (if it was removed), the security would be lost.

If you're just adding (or even replacing sections), then it's fine. Only if your'd, for some reason, remove the php at the start would that be a concern.

I don't really "like" flat-files so to say because it gives a lot of pain when you've got to edit it. I am still struggling against flat-files to find out a simple way to edit them.

Thanks for the help guys, especialy the info on securing a .txt file. I actually decided to use a database and got it all running :)

great!!

I think a database is the best solution. Secure, versatile, and easier, once it's going.