I'm using an html form to add to a list, specifically a flatfile database called demo3.txt. The add.php file is this:
<?php
$name = $_POST['name'];
$nickname = $_POST['nickname'];
$motto = $_POST['motto'];
$fp = fopen("demo3.txt","a");
if(!$fp) {
echo 'Error: Cannot open file.';
exit;
}
fwrite($fp, "\r\n".$name."|".$nickname."|".$motto);
echo 'The data has been added to the database. <a href="form.html">Add more?</a>';
fclose($fp);
?>
The form code looks like this:
<form action="add.php" method="post">
<label>Member name:</label><input type="text" name="name" size="20"><br>
<label>Nickname:</label><input type="text" name="nickname" size="20"><br>
<label>Motto:</label><textarea name="motto" rows="5" cols="50"></textarea><br>
<input type="submit" value="Add to List"> <input type="reset" value="Clear Form">
</form>
I haven't uploaded the codes to the site yet because I was thinking that people might be able to access the form.html page and they might mess up the flatfile database. Is there anything I can do to secure the form.html page so that only people with a password can access it?
For example, if I want to set-up an admin login page, how do I code that with php? Do I need to work with a MySQL database? If there's a way to do it without using MySQL, I'd really appreciate it.
Thanks to people who'll help, if the question isn't clear, please tell me so I could clear things up, I'd really appreciate help on this. Thanks!