php secure and scalable file management

Question

I have a PHP website developed with UserCake and PHPMyEdit and my data stored in MySQL. Now i want to have PDF file uploads too in a way that i can control access permissions for different users and also the solution must work for large number of files uploads.

I want to know that is storing PDF files in MySQL a good solution for my purposes?

if not what is the best and ready solution?

Thx,

Answer 1

Storing binaries on your database are usually not a very good idea.

Advantages of storing in the database:

• It allows you to take advantage of the DB's security mechanisms
• Storing blobs on the database also means you will never have to worry about duplicate file names.
• Also means that when an upload goes wrong, you can just rollback a transaction, you don't have to go around looking for broken files and erasing them from the disk.

Disadvantages of storing in the database:

• You have to serialize the files to write and unserialize to read them, which is much slower than just writing/reading the file;
• Higher memory usage (imagine loading a resultset with many rows, all of them with blobs)
• Will make your database backups very, very heavy and slow.
• Blobs are usually transferred to the database in chunks of 4kb, which will get you an awful lot of overhead for files bigger than that.

It's usually faster to retrieve the file path from the database and stream the file directly to the user.

EDIT: I thought it through, and came up with two more advantages of storing on your database. Just editing to play devil's advocate, give you all the information and let you decide by yourself which approach is better for your case.

Answer 2

You can keep the relative path to the pdf in the database. This way, you can avoid all the overheads on DB.

If you are storing the PDF itself, that must be justified by very strong reasons.