multi users uploading an image to a table
View Single Post
06-18-2008, 03:30 PM
Join Date: Sep 2007
Don't store files in the database, it will be a really bad thing if you get even remotely high traffic. Let the filesystem handle files and the database handle data. Store the files in a folder below the webroot and pull them up only if they have the proper credentials.
Also, don't track users by username. It is best to use a unique ID assigned to each user (primary keys+auto_increment is a good way to do this). That way you can change any user credential and things wont go different.
Lastly, verify your data. Besides being open to SQL injection, anything the user places on the cookie will be accepted. You will want to verify that the user in question is actually that user before displaying anything.
View Public Profile
Send a private message to Village Idiot
Find More Posts by Village Idiot