At 4:45 PM -0700 24/4/02, PHP List wrote: >I was wondering about the following: >Should I store a picture directly in a MySQL table? Or just store the link >to a file on the system somewhere?
This should be a FAQ. If you allow people to upload files via a web form, your only secure option is to store the images in a database. In order to allow uploaded files to be stored in the file system the upload directory must be writable by the web server process. Anyone with access to PHP on the system can upload a script which alters or deletes the files in this directory. If the server is an ISP's server, you're giving access to these files to every other client of the ISP. If you are the only person with access to the PHP server, this may be a valid option. And if you are 100% sure the code will never be required to run under different circumstances. Personally I think databases these days (MySQL in my experience at least) are more than reliable enough and fast enough to serve up binary data in quite large quantities. If you run into performance issues, implement a caching solution run from a crontab. ...R. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php