will if its mmo, you will do best keeping all the player data server-side, so that the players cannot access their own data. To stop people modifying all of your files, look at using file compresssion. Things like a .pk3 file (google it). These can be opened with programs and edited, but it does put a lot of people off. .p3k files are quite easy to open though, so think about using something else. You can also check if the player has added or removed any files to the game's directory tree. You can open the files that you use for maps, and check that they exactly match a server copy. There are lots more ways.
The most important step (in my opinion, of course) is to create a well-defined protocol for Client->Server communication and STICK TO IT. Sanitize all data that comes in from the client, since there are no guarantees that the player is using an 'official' client. Make sure that whatever data structure you use to receive the data from the client can't be rendered vulnerable to buffer overflows, and there are no logical issues that would result in a null dereference or an infinite loop. Finally, make sure any data that doesn't pass the protocol doesn't make its way to the game - kill it right then and there. When you let undefined behavior into the game and you have a game with persistent data (like an RPG), you won't catch it until your database is already corrupted.
As long as your protocol is sound and well-implemented, you won't have to worry about malicious users crashing the game, lagging the server, or ruining the database. Cheaters can be banned. Damage must be repaired.
Remember the first rule of network game programming: the player is the enemy. :)