Saving Images to Folder Best Practices

Question

Please i'll like you to enlighten me how best (folder) to save uploaded user profile pictures. In my previous projects i've usually uploaded into a folder inside the main project folder i.e

   www/projectFolder/upload

would this be good for efficiency and security?

Already, i've disabled folder navigation (from URL) through .htaccess

this question

upload file with php and save path to sql

prompted my question.

Thanks

Yes this is good for efficiency, but for security it is enough. — Vipin Jain, Apr 30 '12 at 06:09
not much but it is the best practice as it will give good performance where as if you insert the images to database it will degrade the performance — Vipin Jain, Apr 30 '12 at 06:18

score 0 · Answer 1 · answered Apr 30 '12 at 06:45

Why you don't use database to save them? I guess this is the best choice.
Anyway, if you can't save them in DB for any reason & you have to save images in a directory on your filesystem, I guess it's better to save them somewhere out of your web server htdoc directory (& sub directories), so access to those files would not be possible directly via web server. of course you'll need enough permission to allow your php scripts to read, write & modify files in target directory.
Also suggest to take a look at usage of .htaccess files on apache.

Saving Images to Folder Best Practices

1 Answers1