Web Analytics Made Easy -
StatCounter XML or traditional MySQL databases? - CodingForum

Announcement

Collapse
No announcement yet.

XML or traditional MySQL databases?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • XML or traditional MySQL databases?

    I'm wondering if there are any big security risks (e.g. passwords) if I were to use XML files rather than MySQL databases and tables. This isn't anything big like a company's Web site, but I would like to know if there are any drawbacks anyway if anybody knows.

    Thank you in advance,
    rpgfan3233
    PHP Code:
    $hello file_get_contents('hello.txt'); echo $hello
    hello

  • #2
    *bump*

    I figured this was a rather unusual question. It is either that, or the differences are minimal enough to not worry about.

    Thanks to those who read this thread.
    PHP Code:
    $hello file_get_contents('hello.txt'); echo $hello
    hello

    Comment


    • #3
      XML isn't a particularly good way to store information, it's not particularly efficient. It's strength comes when you're wanting to pass data between different systems.

      Why are you considering XML? You presumably have a reason...

      SQLite is an extremely small database system if you think mysql is too big...

      As for security, then done properly there's no reason why using XML files would be any less secure.
      If you leave them readable, inside a web-accessible directory, then that would be silly, but in a 'safe' part of the filesystem, then not a problem.
      A mysql database can be setup with a password, which would perhaps seem to add a layer of security not present with files, but you have to remember that as the web-server/php/whatever needs to be able to access the database, then the connection details are going to have to be included somewhere- so someone who has file-system access to be able to read your XML files is going to be able to find your mysql password with very little effort.


      Your first post is a little unclear, but I hope you're not saying that you'd be storing passwords in either the database or a file in plaintext?
      My thoughts on some things: http://codemeetsmusic.com
      And my scrapbook of cool things: http://gjones.tumblr.com

      Comment


      • #4
        Originally posted by GJay View Post
        XML isn't a particularly good way to store information, it's not particularly efficient. It's strength comes when you're wanting to pass data between different systems.

        Why are you considering XML? You presumably have a reason...

        SQLite is an extremely small database system if you think mysql is too big...

        As for security, then done properly there's no reason why using XML files would be any less secure.
        If you leave them readable, inside a web-accessible directory, then that would be silly, but in a 'safe' part of the filesystem, then not a problem.
        A mysql database can be setup with a password, which would perhaps seem to add a layer of security not present with files, but you have to remember that as the web-server/php/whatever needs to be able to access the database, then the connection details are going to have to be included somewhere- so someone who has file-system access to be able to read your XML files is going to be able to find your mysql password with very little effort.


        Your first post is a little unclear, but I hope you're not saying that you'd be storing passwords in either the database or a file in plaintext?
        No, the passwords would most definitely be hashed, probably using MD5 then perhaps SHA-1 or something. I haven't decided yet, but I would think that XML would be faster than SQLite or MySQL with regard to page load times. After all, XML is just text, right?
        PHP Code:
        $hello file_get_contents('hello.txt'); echo $hello
        hello

        Comment


        • #5
          it is just text, and text isn't inherently fast. XML is a format designed for being sufficiently verbose that it can be passed between different systems, and can be read and edited directly by people.
          As soon as you need to do any kind of searching, file-system access times will rocket, unless you implement some kind of file-based indexing system and query-language...which is pretty much what SQLite is :|
          My thoughts on some things: http://codemeetsmusic.com
          And my scrapbook of cool things: http://gjones.tumblr.com

          Comment


          • #6
            Okay, thank you for responding. I shall reconsider further before making my decision.
            PHP Code:
            $hello file_get_contents('hello.txt'); echo $hello
            hello

            Comment

            Working...
            X