Whether you save them in a flat file or a database doesn't really matter security wise. What's important is how you secure the data - in any case you should encrypt the data with an encryption scheme that is strong enough for the type of data you are protecting.
If you only protect trivial things like for instance a high score in a game, then a less strong encryption would probably be good enough. However if you are providing access to more sensitive data, eg. personal information, then you should select a stronger encryption scheme.
Regarding HTTPS then it will only be able to help you out with the transfer of the data across the internet. It will most likely be good enough for you purpose since it is good enough for applications like online banking, etc.