Re: Re: PHP Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I l wrote:
> Lets say you want to store someones picture.

Okay.

> In the database, you would insert the picture, who owns that picture,
> maybe
> the ip address and request headers of where that picture came from, the
> category, sub-category, sub-sub-category in which the picture belongs to,
> etc. You can gather and store as much information about that picture as
> you
> want with ease.

Except I can't just insert the picture.

I need to store it as a BLOB, which requires a lot more code.

> When you want to access that file and its attributes, you only have to do
> one database query.

Plus another chunk of code for the BLOB.

> Wouldn't you agree that this structure is much easier to manage than
> storing
> the file in a directory, then storing that extra information in a
> database?

No, I would not agree at all.

> Then to retrieve, you must do a database query and find the file in the
> FILESYSTEM (hoping it is still there). The code is much more complex

Actually, it's a whole lot simpler.

If I use some kind of key (such as the auto_increment field) in my
filename, I might not even need to query the database to find the image I
want -- I already know the filename just from the key.

Depends on the application, of course, and the privacy/security of the
image and its related data.

>> > And finally, file management is much much easier when you store the
>>files in
>> > a database.

What have you been smoking?
unlink is that much harder than a destroying a BLOB?

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux