4

I have a text file for english word dictionary with over 450,000 words. Before i had it saved in a text file and it worked good. But now i uploaded new dictionary with same number of words but with their meanings also. I just want to ask some experienced person what would be the best way to save this without slowing down the site? Should i still save it in text file on server or should this be saved in database now? What are advantages of saving in database vs. saving in text file or vice versa?

Gurnor
  • 339
  • 2
  • 9
  • 20

3 Answers3

1

Anytime you're referencing large amounts of information, your best bet is going to be to interface with a database. The DB will help reduce your bandwidth for one, you are not requiring users to access a large text file.

Robert
  • 8,717
  • 2
  • 27
  • 34
1

Definitely use a database. It's:

  • easier to query (just use a PHP MySQL library instead of trying to parse text)
  • easier to maintain (there are lots of great database management tools)
  • faster[1]

[1] In your situation, a database may be significantly faster because it seems like you'll be doing many reads. Some database systems cache frequent read queries for quick responses.

A text file does have its advantages (eg. arguably easier to back up, looking up words in a text file isn't prone to SQL injection attacks). However, if implemented correctly, a database is far more suitable for something like this.

Jared Ng
  • 4,891
  • 2
  • 19
  • 18
  • can you please explain little more how can i avoid sql injection attacks on database? And why did you say text file is prone to it?? Sorry in advance as i am new to all this if this a stupid question. – Gurnor Aug 12 '11 at 17:14
  • Actually I said that querying a text file is NOT prone to injection attacks, as that is a database-specific threat. Have a look at using PDO: http://php.net/manual/en/book.pdo.php If implemented correctly, it's safe against injection attacks. – Jared Ng Aug 12 '11 at 17:18
  • SQL injection only applies if users are able to insert or modify the data in your database. It doesn't sound like that's the situation here, but anyway there's plenty of information about SQL injection here: http://stackoverflow.com/questions/60174/best-way-to-stop-sql-injection-in-php – EdoDodo Aug 12 '11 at 17:19
  • @EdoDodo Not exactly. What if he has a page where users can enter a word to look up its definition? `"SELECT * FROM wordslookup WHERE word=" . $POST['word']` is very, very much vulnerable. **Do not use this method. Use PDO.** – Jared Ng Aug 12 '11 at 17:26
  • Yeah, you're right. What I meant to say was if user input is used in the query, at any point. – EdoDodo Aug 12 '11 at 17:29
0

Gurnor,

can you please explain little more how can i avoid sql injection attacks on database? And why did you say text file is prone to it?

Well if you use a text file, there is no database, so there's no way to do sql injection attacks. Here's a good link showing simple examples of sql injection and how to prevent them:

http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php

Landon
  • 4,088
  • 3
  • 28
  • 42