User Registration

[Titan85]

Hey, i am making a user managment system (login/register) and was woundering if there is a way to allow new user registration when using .txt files instead of a database? Thanks for the help

[AbelaJohnB]

Sure you can!

Just use fopen() to get the file, than fread() to go through the file line-by-line until you match the key that identifies said user.

Just be sure to encrypt your passwords... including a private seed... as it's a hell of a lot eaiser to get access to a flat-file than it is to break into a sql database!

[Titan85]

Sure you can!

Just use fopen() to get the file, than fread() to go through the file line-by-line until you match the key that identifies said user.

Just be sure to encrypt your passwords... including a private seed... as it's a hell of a lot eaiser to get access to a flat-file than it is to break into a sql database!

Sweet, what would the fread() look like? Thanks man

[AbelaJohnB]

what would that flat-file you are dealing with look like?

[Titan85]

what would that flat-file you are dealing with look like?

Yeah, like what the fread() function look like that gets the strand of code from the file. Also, i have been playing with this a bit and am not sure how the new registration script should input into the .txt file that contains the users.

[alexjewell]

Also, i have been playing with this a bit and am not sure how the new registration script should input into the .txt file that contains the users.

For that you would use fwrite()

[ak7861]

Its a lot more secure to use a db rather than a txt file. Trust me.

[djr33]

A database has many more options, but isn't neccessarily more secure.

Either way, a hacker would need to access the database or the text file, both on the server.... neither is easier to get to, really.

However, someone can view a txt file just by going to it's url.... a database can't be reached like this.

It depends if the info in the txt file needs to be secure, or if only changing it needs to be secure.

[shachi]

for a user registration system a text file is not a must ... you can easily place contents in a .php file something like this:

PHP Code:

<?php
exit();
?>
data here ...

when using fread() or file() i will read everything. it has a flaw though that anyone can use file() or fread() to read that file unless he finds out the URL of the file, you can also place that file outside of the root directory(home or something) where only the script can access the file.

Just a suggesstion though, but I agree that databases are a lot more easy to handle and are a lot less trouble causing than flat-files.

[djr33]

Ah, that's a good point.
Yes, using a php file that blocks access is a good idea.

Actually, no, you can't access that. PHP code is only available locally.... if you try to access from an outside domain, the code would execute. As is, that should be totally secure, as long as you do remember to keep the php code at the top... replace it each time you edit the file.