Writing directly to you html/php documents is extremely bad practice. As your comment said you need to validate the input and if you make a mistake you could screw up your whole website.
There are a couple of options you could use:
- localstorage: This saves the changes to the browser of the user. This means that the changes wont be on the server. Very easy solution.
- Add a database: With PHP it is very easy to add a SQL databse. Write some functions that write the data to the database and read the data from there. Safer than writing directly to HTML/PHP but still needs validation
- Do some extreme reading into all the PHP IO functions. You need some extreme good handling if you want this site live.
I think that with the DB you`ll manage, just be safe and build in some security