I have been working on a library which enable a website to add a ment section to their website.

The idea was to keep it as lightweight as possible thus I preferred to use JSON for basic data storage like ment's message, website and username. All of these data is public and can be access directly via JSON. I don't mind this since ments are going to get display publicly anyway.

However, the problem arises when I want a user to be notified when someone replies to their ment. Email is there in input field but I don't want it to be stored in the public JSON file. Is there any other server side data storage schema where I can store the email privately and at the same time use those emails from server side scripts to send email?

MySQL and others will make the library clunky, so that's out of the list.

Or even beside these conditions is there any other possible way to do this?

I have been working on a library which enable a website to add a ment section to their website.

The idea was to keep it as lightweight as possible thus I preferred to use JSON for basic data storage like ment's message, website and username. All of these data is public and can be access directly via JSON. I don't mind this since ments are going to get display publicly anyway.

However, the problem arises when I want a user to be notified when someone replies to their ment. Email is there in input field but I don't want it to be stored in the public JSON file. Is there any other server side data storage schema where I can store the email privately and at the same time use those emails from server side scripts to send email?

MySQL and others will make the library clunky, so that's out of the list.

Or even beside these conditions is there any other possible way to do this?

• javascript
• json
• database
• server-side
• data-storage

• 1 Firebase may work for you. (You can use the Realtime Database to store your JSON and Cloud Functions to send the emails) – Sub 6 Resources Commented Oct 21, 2017 at 17:53
• 1 What I am creating is actually a library that can be used by anyone on their webpage. In this situation using Firebase is quite plex. – ghost Commented Oct 22, 2017 at 4:25
• 1 LevelDb looks promising. From the readme, the raw size is around 110.6 MB. – TheChetan Commented Oct 22, 2017 at 17:43
• 1 If you don't want to use a database and you prefer just simple json files, create 2 json files. One is public and doesn't include emails. You will need to add a ment id to each of the ments. Then, in a different json file, that will be private, you will have a list of ids related to emails. And thats it. – user8811940 Commented Oct 22, 2017 at 21:25
• 1 @RomanCortes I do want to create a separate JSON for emails, that was the plan from beginning. Although now you said about making this JSON a "private" I did some readings and found that this indeed is achievable with php.ini and .htaccess etc. There are several ways but can you suggest any ideal way which might suit a library? – ghost Commented Oct 23, 2017 at 9:11

5 Answers 5

What you need is APIs and not a data source. A data source is a truth where all data lives. Like in your example, if you have email in your data, it will always be there. Unless you keep email field separately.

1. The way is to create api that will output required data from JSON files (or database). You can choose to hide the data that you don't want to show. This way, you only expose the api, instead of the file name directly, which has risks of being modified or altered or hacked very easily.

2. Other way without using API is to have multiple JSON files. One file will have basic data, and other will have confidential data, along with a foreign key like unique key that'd map the confidential or other data with the main record.

Example: Comments.json:

{
  "ments": [{userId: 1, ...},{...}]
}

CommentDetails.json

{...}

Users:

[
  1: {"username": "", "email": "[email protected]",...}
]

You can use a database like MongoDB, that stores JSON documents, to keep the data of users and ments.

Then, the users collection will not be sent pletely to the user, filterint the emails and other sensitive data.

Create a second JSON file, or CSV file for that matter, which is kept private, that maps users to their emailIDs.

Interesting project you are attempting, btw. Good luck!! :)

Why not just use a .htaccess in a directory where the data is stored and use something like "Deny from All"?

Your scripts could access then, but no user's browser.

Assuming there will be a mail server involved, can you host a web service with two endpoints?

Endpoints:

1. sends emails; takes an sender guid instead of an email address
2. stores an email; takes an email address and returns a sender guid

This web service could then be used by your library from any www accessible server. At the web service host the emails could be stored in the format of your choice. You will also want to secure you web service to prevent others from triggering mail notifications.