The data file I call with my PHP was mysteriously changed. Did a user overwrite it?

The data file I call with my PHP was mysteriously changed. Did a user
overwrite it?

I'm having a blast with PHP functionality, but I know very little about
PHP security -- which, of course, is a major bad thing. I'm self-teaching
myself this language but the resources are sometimes a little less
cut-and-dried than is helpful.
I just made this dumb little site:
http://www.ineedaprompt.com/
You can see that right below the "Again!" button is a counter. It shows
how many times the button has been clicked. Every time the button is
clicked, my JS makes an Ajax call to a PHP file (counter.php) which
updates this file:
http://www.ineedaprompt.com/counter.txt
Every 100ms, I use an Ajax call to update the value of that counter field
with the contents of the counter file.
The counter was well over 100 recently, but then suddenly dropped back to
0 and started all over. How easy would it be for someone external to
overwrite that counter.txt file? How can I prevent it?
Note: There's nothing in my .htaccess file having to do with PHP because
I'm not sure what to put in there.
Pardon my ignorance and TMI, and thank you!