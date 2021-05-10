Adding onto what Sam said, if you’re going to use a text based storage system, you’re going to have to understand a lot of things. You can’t just half guess what to do. There’s a lot of looping that goes into a system like this. A lot more logic would have to go into building such a system. Lastly, you would also have to take into consideration security. You have to keep those files safe from hackers.
Don’t the tutorials explain how to set up and use the database? Or do they assume prior knowledge of databases?
I would also advise that if there is a tutorial you had in mind, post here first for a review. It’s just that we see a lot of them teaching how to do it the wrong way. Anything using mysql, as opposed to mysqli or PDO, leave well alone. Anything using MD5 hashes, or even no hashing, stay away from it.
As Martyr2 says, you need to understand the considerations necessary to support multiple users of the data. You might be able to write something that manages the text file and all the online sessions communicate with that but that is probably more advanced than using a database that already has that.
There are some databases, especially SQLite and Microsoft Access, that also are not designed for multiple users.
Pretty much what everyone including myself is telling you here, just use a database. It’ll be so much easier for you.
If you insist on making such a system, you’ll need to know Linux or any *Nix system because majority of websites are hosted on them. You’ll have to know how permissions and file system works because you’ll want to know what the 3 numbers for file permissions represent. This will help prevent unauthorized access outside of the web root directory. You should also store your sensitive files above the web root as well with proper file permissions assigned.
Then you’ll want to learn about which is the best approach to storing data. Would you prefer CSV, JSON, or XML? JSON is the easier approach in this kind of environment. Then you’ll want to learn about how to read, write and access data from those files. And so much more.
So tl;dr?
Just use a database.
Using a database for this is exceedingly easy. All you will need to know how to do is make the database connection, and how to build and execute an INSERT query (in the signup form processing) and a SELECT query (in the login form processing.) The following shows the database specific logic, after you have detected if the form has been submitted, trimmed, and validated all the inputs, using the PDO extension -
Signup/insert query:
// if no errors, use the submitted data
if(empty($errors))
{
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
$stmt = $pdo->prepare($sql);
try { // a 'local' try/catch to handle a specific error type
$stmt->execute([
$post['username'],
password_hash($post['password'], PASSWORD_DEFAULT)
]);
} catch (PDOException $e) {
if($e->errorInfo[1] == 1062) // duplicate key error number
{
$errors['username'] = "Username is already in use.";
} else {
throw $e; // re-throw the pdoexception if not handled by this logic
}
}
}
Login/select query:
// if no errors, use the submitted data
if(empty($errors))
{
$sql = "SELECT id, password from users WHERE username = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([
$post['username']
]);
if(!$row = $stmt->fetch())
{
// username was not found
$errors['login'] = "Invalid Username/Password.";
} else {
// username found, verify the password hash
if(!password_verify($post['password'],$row['password']))
{
// password doesn't match
$errors['login'] = "Invalid Username/Password.";
} else {
// password matches
$_SESSION['user_id'] = $row['id'];
}
}
}
This post may be of interest:
I wouldn’t know about Access, by SQLite certainly is multi-user, although it locks the entire database, so is not suited for some applications.
When there are differences of understandings, as in here, it helps to provide an authoritive source. So first see SQLite Is Serverless. Then see Appropriate Uses For SQLite. It says SQLite works great as the database engine for most low to medium traffic websites. It does however say that file locking logic is buggy in many network filesystem implementations. It is not clear to me if that is relevant to website hosts and probably not.
I suppose the first question I would ask you is how many users are you going to have? Is this for 1 or 2 users or multiple users? If it’s for 1 or 2 and you don’t want to mess with a DB then you could use an if/then statement.
In order to avoid those complexities, it seems you’ll inherit other complexities. If you aren’t interested in learning to use databases, you might consider learning to consume APIs. Auth0 and firebase abstract the login away for you, but there is a learning curve.
This is what it boils down to.
Whatever method you use, be it a database, or some workaround to avoid using a database, it will involve learning something.
If you are not prepared to put the effort in to learn things that may be a bit of a challenge, my honest advice is to find another hobby.
My point was not so much to be discouraging, more to suggest that there are alternatives… But that none of them are easy.
It takes quite a lot to understand relational databases, and to get the idea of db libraries and their idiosyncrasies… Learning T-SQL is no joke, and it’s a never ending rabbit hole.
So am option to consider might be something like firebase - the auth interface is clean, document database structures might be easier to understand,
You still have to store the user’s data somewhere. Otherwise, if there is some kind of “save” state the OP wants without a database (whether that’s an actual database or flat files), that would be virtually impossible without losing the user’s progress. Sure, you can push it up to the cloud whenever the user is done, but how many requests per user does any kind of API really want to give you?
No one really want to discourage anyone. It’s more about pointing out the harsh realities, that learning difficult and complex things is an integral part of coding, like it or not.
As has been shown, there are alternatives to using a database, but these are not likely to be any simpler to do, or achieve better results.
Yes, relational databases is a very big subject that can get very complex. But like anything, it can be taken in baby steps, taking just the basics to begin with.
I believe the objective could be achieved with just a simple, single table, (with scope for future expansion).
The OP would need to learn a few basics.
How to create a database and tables.
How to establish a PDO connection.
How to run some basic queries, Insert, Select, Edit…
And how to use prepared statements for those queries.
This would cover the database side of things, putting aside the logic of the sign-up, login process.
Information on how to do these things is readily available, and help is at hand if stuck.
So it is a case of learn it, or don’t learn it.
I’m reminded of a common quest clients of a landscaping business would pursue: how to have a beautiful, zero-maintenance property? Lush full lawns, glorious planting areas, verdant gardens to enjoy but not slave in?
It’s an impossibility, of course. We can achieve the look, but it takes work to get there and to maintain it. We can relax and change our expectation, appreciate the “natural” uncontrolled look. Or we can pay someone else to do the work for us.
This is that. Firebase (and other API-based db structures) may allow a decent number of calls and interactions, but ultimately, the ease of consumption will come at another cost. Skull-sweat, or wallet. It’s simply about choices.
I think this thread may be getting too far away from the OP’s actual question.
The OP is clearly a novice, and I believe also very young. The fact he has not returned to the thread suggests the discussion is going over his head, rather than helping. Perhaps some clearer explanations for a novice would help.
yes it is going over my head can you provide any links to working with a database? or a actual visul video to help me see what is going on? And where do you create a database?
I saw in another topic you were installing XAMPP. Did you get it up and running?
That includes PhpMyAdmin, which will probably be the easiest way for you to create a database and tables, as it gives you a GUI to manage your databases.
yes but I do not know where you should create one in XAMPP
You’d have to be viewing the GUI in the browser as phpMyAdmin is a GUI based interface. Should just be
localhost/phpmyadmin.