Need advice on a secure way to let users upload a profile picture.

[w1zzerd]

I am working on a project, that lets users register, upload a photo and have that photo as a profile image which then other users can view.

 

I am not sure how to structure this.

 

Here is how I would imagine the process goes.

 

1-During user registration, user mkdir to create a a new directory that uses the users email address for the name of this new directory.

2-Take users to a upload image page, if users dont upload one, then use a default image.

3-User uploads image.

4-Image gets stored into the directory, and the image name is sent to mysql database.

5-Echo image in users profile by using a SELECT query.

6-using an image tag, select directory name by echoing out the users email from the db, and echo the image name from the db at appropriate areas.

 

Step 6 would kinda look like this:

//Grab user email from db and set it to a variable, do the same for image name
$user_email = $email_from_db;
$user_image = $image_from_db;

<img src="image/<?php echo=$user_email; ?>/<?php $user_image; ?> />

Not sure if this is how its done, or if this is a secure way, also I have no idea how I would let users upload an image.

 

Can anyone give me some advice?

Edited January 20, 2014 by w1zzerd

[Psycho]

You should not create files/folders based upon user input. That could lead to problems from malicious input. Here is one possible solution. There's no reason to create folders anyway. Just put all images into one folder and name them according to the user ID or something unique to the user that is not directly input by the user. For example, you could use the hash value of the username.

 

Then, when the user uploads their image save it named per one of the methods above. You don't even need to save the image name/path in the database. You could save a boolean to state whether the user had uploaded an image or not, but you could also determine that without a DB query by checking if an image exists for the user by the naming format.

[w1zzerd]

Thank yes I realize using id rather than email or any info that the user enter to identify them is a bad idea. 

 

when the users register I am going to write code to create a directory with their id as the directory name,

then when the user uploads a file, I will check to see if the file has dimensions using getimagesize to make sure it indeed is an image,

if the file checks out I will put the file into the users directory and change the name of the image to the users id (33.jpg or 33.gif).

 

then when calling the image I can do 

<img src="images/<?php echo $id; ?>/<?php echo $id; ?>.<?php echo $extension; ?>"/>

How does that sound? 

[Psycho]

Why are you going to create a directory? Just have one directory and put all user profile images in there.

[DenRomano]

If you are going to only need the directory for just 1 image I agree with @guru but in the app I am working on for a dog rescue we store up to 10 pictures, all scanned documents for the dog such as rabies/adoption contracts so creating a directory for each dog made since.  I used the unique ID of the record not user input for the directory name (5 digits)

[Psycho]

If you are going to only need the directory for just 1 image I agree with @guru but in the app I am working on for a dog rescue we store up to 10 pictures, all scanned documents for the dog such as rabies/adoption contracts so creating a directory for each dog made since.  I used the unique ID of the record not user input for the directory name (5 digits)

Even then you don't need separate folders. But, it at least has some reason for doing so. You can just as easily store all the uploads in a single folder with a unique name.

[happypete]

You will need to resize the images and validate them as well. Here is something I was working on a while back: http://forums.phpfreaks.com/topic/268852-image-upload-validation-not-working/page-2?do=findComment&comment=1381699