the best security practice is to store the jpg file or any other uploaded
file in your mySql database. This way you never have to worry about someone
executing php by the url like www.example.com/pic.jpg. To view the file, the
user would type www.example.com/veiw.php?fileID=3425433345.
You can
I never said that this method wouldn't cause you overhead. With all respect,
I am simply stating that this method is much simpler. Sometimes you must
choose simplicity over processing costs. What if there was another
programmer editing your code? Or, you came back to the same code after one
yea
Yeah, with any luck at all, your binary file will corrupt itself, and then
make your entire database unreadable by anybody, even you.
really? Then my companies database should be corrupt by now...right? Haven't
had any problems yet. Well, its only been running for 2 years now.
I l wrote:
e and execute it on the server.
And finally, file management is much much easier when you store the files in
a database.
From: Chris Shiflett <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: I l <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: [PHP] Re: PHP Security
Date: Thu, 9
Lets say you want to store someones picture.
In the database, you would insert the picture, who owns that picture, maybe
the ip address and request headers of where that picture came from, the
category, sub-category, sub-sub-category in which the picture belongs to,
etc. You can gather and store
ad of time....
M i l e s.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi,
Figured it out:
Apple wiped out the location of the socket.
they wanted '/var/mysql/mysql.sock'
it should be: '/tmp/mysql.sock'
Problem solved.
M i l e s.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
7 matches
Mail list logo
