Storing images
in [Databases]
|
From: Richard Quadling on 3 Feb 2010 11:14 On 3 February 2010 16:07, Karl DeSaulniers <karl(a)designdrumm.com> wrote: > Thank you all for your numerous responses. > > I hear you loud and clear. I was wanting to see if it would be less of a > burden on the server and secure my images better to put the images inside a > database, but > as you all have almost uniformly stated, this would not be the best > situation. > I currently have all my images referenced by url in my database and stored > in a folder/s and I think I will keep it that way... > > Thanks for your 2 cents, > > :) > > Karl > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > If you put the images OUTSIDE of the webroot/docroot/public_html folder (whatever you have), then a user cannot directly navigate to the file. e.g. /home/sites/your_site/public_html/images/image1.jpg http://www.yoursite.com/images/image1.jpg would probably work. But ... /home/sites/your_site/public_html/getImage.php /home/sites/your_site/hidden_images/image1.jpg Now, there is no way I can load image1.jpg from my browser. I have to use getImage.php, which I assume would require me to login or authenticate myself in some way. -- ----- Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling
From: Karl DeSaulniers on 3 Feb 2010 11:22 Ahhhh.. Very nice. I did not think of that. But lets say its a whole bunch of images and multiple people may be accessing them. Is it safe to have them accessing a directory outside the public_html directory? Thanks, Karl On Feb 3, 2010, at 10:14 AM, Richard Quadling wrote: > On 3 February 2010 16:07, Karl DeSaulniers <karl(a)designdrumm.com> > wrote: >> Thank you all for your numerous responses. >> >> I hear you loud and clear. I was wanting to see if it would be >> less of a >> burden on the server and secure my images better to put the images >> inside a >> database, but >> as you all have almost uniformly stated, this would not be the best >> situation. >> I currently have all my images referenced by url in my database >> and stored >> in a folder/s and I think I will keep it that way... >> >> Thanks for your 2 cents, >> >> :) >> >> Karl >> >> -- >> PHP Database Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > > If you put the images OUTSIDE of the webroot/docroot/public_html > folder (whatever you have), then a user cannot directly navigate to > the file. > > e.g. > /home/sites/your_site/public_html/images/image1.jpg > > http://www.yoursite.com/images/image1.jpg would probably work. > > But ... > > /home/sites/your_site/public_html/getImage.php > /home/sites/your_site/hidden_images/image1.jpg > > Now, there is no way I can load image1.jpg from my browser. I have to > use getImage.php, which I assume would require me to login or > authenticate myself in some way. > > > -- > ----- > Richard Quadling > "Standing on the shoulders of some very clever giants!" > EE : http://www.experts-exchange.com/M_248814.html > EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp > Zend Certified Engineer : http://zend.com/zce.php? > c=ZEND002498&r=213474731 > ZOPA : http://uk.zopa.com/member/RQuadling Karl DeSaulniers Design Drumm http://designdrumm.com
From: Richard Quadling on 3 Feb 2010 11:31 On 3 February 2010 16:22, Karl DeSaulniers <karl(a)designdrumm.com> wrote: > Ahhhh.. > Very nice. I did not think of that. > But lets say its a whole bunch of images and multiple people may be > accessing them. > Is it safe to have them accessing a directory outside the public_html > directory? > Thanks, > > Karl > > On Feb 3, 2010, at 10:14 AM, Richard Quadling wrote: > >> On 3 February 2010 16:07, Karl DeSaulniers <karl(a)designdrumm.com> wrote: >>> >>> Thank you all for your numerous responses. >>> >>> I hear you loud and clear. I was wanting to see if it would be less of a >>> burden on the server and secure my images better to put the images inside >>> a >>> database, but >>> as you all have almost uniformly stated, this would not be the best >>> situation. >>> I currently have all my images referenced by url in my database and >>> stored >>> in a folder/s and I think I will keep it that way... >>> >>> Thanks for your 2 cents, >>> >>> :) >>> >>> Karl >>> >>> -- >>> PHP Database Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >> >> If you put the images OUTSIDE of the webroot/docroot/public_html >> folder (whatever you have), then a user cannot directly navigate to >> the file. >> >> e.g. >> /home/sites/your_site/public_html/images/image1.jpg >> >> http://www.yoursite.com/images/image1.jpg would probably work. >> >> But ... >> >> /home/sites/your_site/public_html/getImage.php >> /home/sites/your_site/hidden_images/image1.jpg >> >> Now, there is no way I can load image1.jpg from my browser. I have to >> use getImage.php, which I assume would require me to login or >> authenticate myself in some way. >> >> >> -- >> ----- >> Richard Quadling >> "Standing on the shoulders of some very clever giants!" >> EE : http://www.experts-exchange.com/M_248814.html >> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp >> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 >> ZOPA : http://uk.zopa.com/member/RQuadling > > Karl DeSaulniers > Design Drumm > http://designdrumm.com > > If the file is outside of the docroot, then they _CANNOT_ access them. There is no url to the image! So, a script which examines the session to make sure the request is valid is normally enough to restrict feeding the images to valid users. Multiple simultaneous readers are not a problem. If you have any writers, then you need to introduce a locking mechanism or some other protection. -- ----- Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling
From: Karl DeSaulniers on 3 Feb 2010 11:35
Any pointers on where I can find a sample locking script. I may have artists editing files and that would be great to have a locking of the file while an artist is working on it so no one over writes each other. LMK, Thanks, Karl On Feb 3, 2010, at 10:31 AM, Richard Quadling wrote: > If you have any writers, then you need to introduce a locking > mechanism or some other protection. Karl DeSaulniers Design Drumm http://designdrumm.com |