Laravel image gallery logic

Question

I recently started to develop a pretty huge site. On the site i would like to allow users to upload their sample works. We are pretty limited at the moment so the images will be stored on our server.

I am a bit stuck with the logic. So my logic would be this.

User creates a folder with a name that is stored in the database with the users id attached to it

folder table

Rows

id | folder        | user_id 
1  | Some folder   | 1
2  | New folder    | 4
3  | Nother folder | 7

Images table

Rows

id | image_name        | folder_id |
1  | image1.jpg        | 1
2  | image2.jpg        | 1
3  | image3.jpg        | 1
4  | image4.jpg        | 2
5  | image5.jpg        | 2
6  | image6.jpg        | 2

Relations

class Folder extends Eloquent 
{
    public function images()
    {
        return static::has_many('Images');
    }
}

class Image extends Eloquent 
{
    public function folder()
    {
        return static::belongs_to('Folder');
    }
}

folder structure on server

- samples
  -user_id
   - folder_id
     - image1
     - image2
     - image3

so as you can see, user creates a folder, after the folder is created, user uploades the image name in to the database with the folders id, and showing the images would be the way describe above with the realation.

So my questions.

• Is this a good logic in your opinion
• can this lead problems in the future
• what woud you offer for this functionality

And what i am most sacred of are 2 things.

I think this will lead to a huge database, second are the id's, after x time when there will be more users, the id's will increase, and i know this will sound strange, but since lot of users will upload images will lead to huge id's, what i mean by this it will maybe reach millions, is there a way to solve this problem?

Thank you for the help

Answer 1

Ok - lets break this down into a few sub-answers;

Question:

- Is this a good logic in your opinion
- Can this lead problems in the future
- What would you offer for this functionality

Answer:

The logic seems sounds - but I'm curious where you will store the images? Inside public_html - or outside the web root? If you have the images inside public_html - and allow the browser to access them directly, it will allow users to 'guess' other user folders and access those. You need to store the data securely.

To make images outside the webroot, and make sure only authorized users can access them - you should use readfile(). Something like this will do the trick

function user_file($file_name = "")
{
    if ($file_name)
    {
         // Ensure no funny business names to prevent directory transversal etc.
         $file_name = str_replace ('..', '', $file_name);
         $file_name = str_replace ('/', '', $file_name);

         // now do the logic to check user is logged in
         if (Auth::check())
         {
                // Serve file via readfile() - we hard code the user_ID - so they
                // can only get to their own images
               readfile('../your_app/samples/'.Auth::user()->id.'/'.$file);
         }
    }
}

Question:

I think this will lead to a huge database, second are the id's, after x time when there will be more users, the id's will increase, and i know this will sound strange, but since lot of users will upload images will lead to huge id's, what i mean by this it will maybe reach millions

Answer:

According to the mySQL features page:

We use MySQL Server with databases that contain 50 million records. We also know of users who use MySQL Server with 200,000 tables and about 5,000,000,000 rows.

So thats 5 billion rows. You will maybe get to a few million. So you are safe here (depending upon your hardware).

Question:

...but since lot of users will upload images will lead to huge id's, what i mean by this it will maybe reach millions, is there a way to solve this problem?

Answer:

If you dont want to store millions of records, and your worried about performance, one option is to keep the folder table, but drop the image table. Instead you can use scandir() on the folder - and get PHP to retrieve the file names from the directory itself. Then you dont have as much overhead.

<?php
    $list_of_user_files = scandir("$user_id/$folder_id");
    foreach ($list_of_user_files as $file) {
          echo "File: $file <br>";
    }
?>

Answer 2

The metode of Storing the folder table and using the scandir function is a standared procedure. And allow php to retrive the file names from the folder. If you have a number of files then try categorizing them with year and month order like in wordpress. Like

2012
  01
  02
  03
2013
  01
  02
  03 

etc inside the folder id. So the total number of images in a folder will be comparatively less.