Re: Re: PHP Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





Yeah, with any luck at all, your binary file will corrupt itself, and then
make your entire database unreadable by anybody, even you.
really? Then my companies database should be corrupt by now...right? Haven't had any problems yet. Well, its only been running for 2 years now.

I l wrote:
> the best security practice is to store the jpg file or any other uploaded
> file in your mySql database. This way you never have to worry about
> someone
> executing php by the url like www.example.com/pic.jpg. To view the file,
> the
> user would type www.example.com/veiw.php?fileID=3425433345.
>
> You can also keep information about the file uploaded in your mysql such
> as
> IP address.
>
> I cann't really see any security problems here.


Yeah, with any luck at all, your binary file will corrupt itself, and then
make your entire database unreadable by anybody, even you.

Now *THAT'S* secure!

:-)

Secret Tip:

There is a little-known feature of an incredibly-efficient high-volume
thoroughly-tested software base that makes it very very very good at
storing  and retrieving large binary files such as JPEGs and other rich
media with very small chance of file corruption, and even less chance of
file corruption affecting other data or applications.

I'm not really sure I should tell you about this great secret feature, but
I guess I might as well...

It's called the "File System" and it's packaged with your Operating System.

:-)

Storing JPEGs in your database instead of the file system is like keeping
your groceries in the trunk of your car outside in the winter instead of
in the fridge.  It will work, but it's not really the best idea.

YMMV

--
Like Music?
http://l-i-e.com/artists.htm


-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux