By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
  • Guest, before posting your code please take these rules into consideration:
    • It is required to use our BBCode feature to display your code. While within the editor click < / > or >_ and place your code within the BB Code prompt. This helps others with finding a solution by making it easier to read and easier to copy.
    • You can also use markdown to share your code. When using markdown your code will be automatically converted to BBCode. For help with markdown check out the markdown guide.
    • Don't share a wall of code. All we want is the problem area, the code related to your issue.

    To learn more about how to use our BBCode feature, please click here.

    Thank you, Code Forum.

Current best method for storing uploaded documents (2024)?

Hi all,

What is currently the best method, in terms of security as well as scalability and least complexity, to store user uploaded documents on a shared hosting platform?

Is it to store the uploaded documents in a secure folder(s) location with a reference pointer (file path) in the database?
Or store the documents in the database itself (blob datatype)?
Or use a nosql "document store" version of the database?
The documents uploaded will be:
Mix of sensitive information (ex. containing a living person's date of birth) as well as historical, non-sensitive information​
Varying in size from 1 page or image to several dozen​
Varying in document type, mainly from .pdf, image files (.png, .jpeg, etc), .doc or .txt text files (there will be no audio or video file types)

The number of documents stored in the first year is estimated between 100 and 500, with about 1000 to 1200 additional each of the next couple of years.

If/when the site outgrows a shared hosting environment, other hosted solutions will be explored.

Other info:
PHP version 8.3.2​
MySQL version 8.3.0 (InnoDB type used)

There is billion things to consider when building a system like this. How many users, how many user levels, local hosting or external hosting, knowledge of programming and servers....

I once created a pretty simple server for images. Me or any of my family could upload images easily from their phones to my local server.

Server uploaded the image, it was named by the timestamp + suffix. SQL then had database where was included filename, uploader, date, time and tags.

There was simple folder structure where images was saved. If i remember right, after every 500 images a new folder was created and next 500 images was stored there instead. This way, number of image files in one folder was not increased infinity.

This system handled few tens of thousands images just fine until we got bored and stopped using it. Unfortunately i dont have it any more. I could have give it because editing it to use what ever files would not have been hard task.

You can put pdf to sql, but im not sure why to do that. If someone can hack to your computer and study folders, he/she can propably do so with the sql installed on server just aswell. Organised folder structure does the job well enough.
There is billion things to consider when building a system like this. How many users, how many user levels, local hosting or external hosting, knowledge of programming and servers....

Thanks for the reply.

This will not be for public consumption and will be for authenticated users.

The number of users will be very small. Initially just 1, potentially up to maybe 50 at most, years from now.

Seems like using a filesystem to "store" the files is probably the way to go here.
Seems like you are on a good route. For a tip, think a bit forehead of for what the usage is. Tags, categories and such are much easier create from start than after couple of years start editing whole system for them. Good luck with your project.

Buy us a coffee!

Top Bottom