12

this question is confusing me so i thought i should listen to an expert voice !.

is it better to upload images to a folder and just save link to mysql, or better upload img itself into a blob mysql field ?

thank you very much

Zalaboza
  • 8,899
  • 16
  • 77
  • 142

3 Answers3

24

I have often built systems to store images in the database, there are pros and cons to doing this.

Pros:

  • All your data is kept in one place, if you migrate your website/database the images will just be there
  • Its easier to sort/delete/etc...
  • Since you have to serve it via a PHP script, you can perform additional things such as security if required, or image processing (obviously you can do this with flat file too, but you have to make sure the security cant be bypassed by leaving the images in a public directory).

Cons:

  • Its slower then serving a flat file from the webserver as a PHP script needs to retrieve it, and MySQL needs to return the data.
  • Your database will become large very fast and not all web hosts take too kindly to this.
  • The file system is faster for flat file storage and retrieval as thats exactly what a file system is designed for.
Geoffrey
  • 10,843
  • 3
  • 33
  • 46
2

Bad. Your webserver does a much better job managing expiry headers and directly loading files from the filesystem. Throughput will be much higher using the filesystem. It's what it's designed for, utilize it.

SQL databases are designed for relational data, not images. You're just loading your database unnecessarily. Store the path/image name instead.

Xorlev
  • 8,561
  • 3
  • 34
  • 36
  • What you say is right my friend but how do you plan to secure the image files in filesystem ? – Floccinaucinihilipilification. Aug 26 '11 at 10:14
  • Secure them? I assume that your server wouldn't be compromised, or you have much more difficult issues at hand than your images. Directory permissions can give your application access to the directory but not other users on a shared host. – Xorlev Aug 26 '11 at 16:12
  • @Xorlev - That is not true, if the site is on a shared server with PHP running as the webuser, without chroots, which is fairly common, then any other user's PHP scripts would be able to access the files in the path. If this is the case, it doesnt matter how the data is stored, as the mysql user & password could be pulled out of your scripts by the malicious user. In short, if security is required, don't use a shared server. – Geoffrey Aug 27 '11 at 06:35
  • Any shared host worth their salt uses PHP suExec. If they aren't, you probably shouldn't be using them. – Xorlev Aug 27 '11 at 15:36
  • Also, what if you end up with a directory with way too many images? - say billions of images? – ina Jan 21 '12 at 21:56
  • If you have billions of images, you need a different solution. :P Everything falls apart at scale. – Xorlev Mar 19 '12 at 04:41
  • @Xorlev suExec... are you kidding me? 1) most use suPHP as it provides better protection and is simpler to setup, 2) have you any idea how many webservers get compromised by exploits such as the apache symlink ownership bug? suPHP/suExec can not save you there. – Geoffrey Jul 24 '13 at 15:50
0

If your application is large i.e you have to display a large number/size of images repeatedly then you should go for first method (storing only image path in database and actual images on file system). This will reduce the processing time to display images moreover consumes less resources. Secondly, if your application requires less number of images then you can store them directly in database . This way it becomes easy to take backups and port application to another OS.

JAB
  • 3,546
  • 9
  • 36
  • 39