tags:

views:

95

answers:

1
Q: 

Where to store uploaded files in PHP & MySQL?

I'm solving problem of storing files in my web app.

I've already done some applications where files were stored in filesystem (simple upload of a file via PHP) and I wasn't sure how to solve the security issues correctly (I have the webapp on a shared webhosting). Is there any "manual" or book which target these issues in detail?

Recently, I've done an webapp where files are stored in MySQL database and it seems to be very easy for usage and I don't need to solve the permissions for the files. The disadvantage is that there's additional overhead of the system.

What is better according to you? (I have small files ~ 100kB)

Thank you!

+1  A: 

Each solution has its pros and cons.

Storing files in the DB is great for small files. Just remember to keep the files themselves and any metadata about those files in two different tables. This will prevent your queries from being slowed down by the binary data. Also keep in mind that, overtime, this can lead to very large DB tables.

File system storage is great, but keep in mind that you're going to have to keep file permissions / security in mind moreso than you would if you stored them in the DB.

I hope this steers you in the right direction. Post a comment if you have questions.

Levi Hackwith  2009-10-08 17:30:42
Why should I keep file content and metadata in two tables? I thought the table is composed of columns and a blob column is just a "pointer" for mysql where data actually are - so I'm not sure why it should be slower. But thank you for the tip!I was thinking: The size of table with files may be splitted in a number of smaller tables (for example table_1, table_2, .. ) and thus preventing of a crash of one big table.
MartyIX  2009-10-08 18:02:06
And all those pros and cons are covered in depth @ http://stackoverflow.com/questions/3748/storing-images-in-db-yea-or-nay
derobert  2009-10-08 18:02:27
@MartyIX: It'll be slower if you use a stupid ORM that does `SELECT * …`.
derobert  2009-10-08 18:03:48
The reason you want to keep the data in two tables is because if you do "select size from image_table" the db is still going to run through all the table columns including the field containing the binary data in order to compile your result set. By keeping the data separate, you keep the db from querying unnecessary data, thus increasing performance.
Levi Hackwith  2009-10-11 02:36:15

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL