views:

918

answers:

8

In what way is the Windows registry meant to be used? I know it's alright to store a small amount of user preferences, but is it considered bad practice to store all your users data there? I would think it would depend on the data set, so how about for small amounts of data, say, less than 2KB, in 100 or so different key/value pairs. Is this bad practice? Would a flat file or SQLite db be a better practice?

+8  A: 

I think in the past it would have been considered "ok" to store in the registry. But personally I find that I avoid the registry at all costs, simply due to the security and other implications with registry access in Windows Vista and Windows 7.

For me, simple user configuration items and user data is better to be stored in either a simple XML configuration file, a SQLLite db, or a MS SQL Server Compact Db. The exact storage medium depends on the specifics of the implementation.

I only use the registry for things that I need to set infrequenty and that users don't need to be able to change/see. For example i have stored encrypted license information in the registry before to avoid accidental user removal of the data.

Mitchel Sellers
+2  A: 

I think Microsoft is encouraging use of isolated storage instead of the Windows registry.

Here's an article that explains how to use it in .Net.

You can find those files in Windows XP under Documents & Settings\\Local Settings\ App Data\Isolated Storage. The data is in .dat files

DOK
Note that a file in Isolated Storage can only be accessed by one particular assembly, so you can't easily do things like deleting user preferences from IS in an uninstaller. It's also tedious manually finding data files for troubleshooting during development. What is needed is a way of generating a unique key for a company to use (e.g. CompanyName\ProductName or GUID) so that multiple .exes can all share the data files, and developers/users can easy fine them if required. So IS is dead. Long live %AppData%.
Jason Williams
+5  A: 

As each user has directory space in Windows already dedicated to storing application user data, I use it to store the user-level data (preferences, for instance) there.

In C#, I would get it by doing something like this:

Environment.GetFolderPath( Environment.SpecialFolder.ApplicationData);

Typically, I'll store SQLite files there or whatever is appropriate for the application.

itsmatt
+4  A: 

Using the registry to store data has mainly one problem: It's not very user-friendly. Users have virtually no chance of backing up their settings, copying them to another computer, troubleshooting them (or resetting them) if they get corrupted, or generally just see what their software is doing.

My rule of thumb is to use the registry only to communicate with the OS. Filetype associations, uninstaller entries, processes to run at startup, those things obviously have to be in the registry.

But data that is for use in your application only belongs in a file in your App Data folder. (whiever one of the 3+ App Data folders Microsoft currently wants you to use, anyway)

jalf
+1  A: 

To me it seems easier to think of what you should NOT put there. e.g: dynamic data, such as an editor's "last file opened" and per project options. It is really annoying when your app loses sync with the registry (file deletion, system crash, etc) and retrieves information that is not valid anymore, possibly deadlocking the user.

At an earlier job I saw a guy that stored a data transfer completness percentage there, Writing the new values at every 10k or so and having the GUI retrieve this value every second so it could show on the titlebar.

Marcelo MD
Yikes! And I thought some of my uses in the past were bad! (No, not really willing to share!)
Michael Itzoe
Oh, come on! Don't be shy! We won't tell anybody, honestly!
Treb
I don't get it. Why would this guy write to the registry with one part of his app, and then poll-and-read the value from the registry for display? This seems stupid in a way that has nothing to do with the particular mechanism of persistence.
MusiGenesis
That system was used to communicate with a lot of different peripherals and the protocol functions were grouped in DLLs. The problem was that the system wasn't designed to send large blocks of data and it didn't have any provisions for information feedback, so it was going to be a hack one way or the other. Me? I probably would have used a plain text file.
Marcelo MD
A: 

I would differentiate:

On the one hand there is application specific configuration data that is needed for the app to run, e.g. IP addresses to connect to, which folders to use for what sort of files etc, and non trivial per user settings. Those I put in a config file, ini format for simple stuff, xml if it gets more complex.

On the other hand there is trivial per user settings (best example: window positions and layout). To avoid cluttering the config files (which some users will want to edit themselves, so few and clearly arranged entries are a must), I like to put those in the registry (with conservative defaults being set in the app if no settings in the registry can be found).

I mainly do it like istmatt sais: I store config files inside the %APPDATA% folder. Usually in %APPDATA%\ApplicationName, I don't like the .NET default of APPDATA%\CompanyName\ApplicationName\Version, that level of detail and complexity is counterproductive for most small to medium sized applications.

I disagree with the example of Marcelo MD of not storing recently used files in the registry. IMO this is exactly the volatile sort of user specific information that can be stored there. (His example of what not to do is very good, though!)

Treb
+1  A: 

If your app is going to be deployed "in the enterprise", keep in mind that administrators can tweak the registry using group policy tools. For example, if firefox used the registry for things like the proxy server, it would make deployment a snap because an admin can use the standard tools in active directory to set it up. If you use anything else, I dont think such things can be done very easily.

So don't dismiss the registry all together. If there is a chance an admin might want to standardize parts of your configuration across a network, put the setting in the registry.

Cory R. King
Also, if you really want to be enterprise friendly, you can purposefully read settings from the Policies section of the registry and even provide an ADM and/or ADMX template to go along with your application.
Ryan
+3  A: 

I'm going to take a contrarian view.

The registry is a fine place to put configuration data of all types. In general it is faster than most configuration files and more reliable (individual operations on the registry are transacted so if your app crashes during a write the registry isn't corrupted - in general that isn't the case with ini files).

Marcelo MD is totally right: Storing things like operation percentage complete in the registry (or any other non volitile storage) is a horrible idea. On the other hand storing data like the most recently used files is just fine - the registry was built for just that kind of problem.

A number of the other commenters on this post talking about the MRU list have discussed the problem of what happens when the MRU list gets out of sync due to application crashes. I'm wondering why storing the MRU list in a flat file in per-user storage is any better?

I'm also not sure what the "security implications" of storing your data in the registry are. The registry is just as secure as the filesystem - the registry and the filesystem use the same ACL mechanism to protect their data.

If you ARE going to store your user data in a file, you should absolutely put your data in %APPDATA%\CompanyName\ApplicationName at least - that way if two different developers create an application with the same name (how many "Media Manager" applications are there out there?) you won't have collisions.

Larry Osterman