This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
I have a doubt about which is the best approach to store image [ whether to store image in web server directory or in the database]...Any ans is appreciative....
please concern the efficiency and security issues..
It depends on the website load ie: the number of users accessing the website daily. Well, concerning about the security, the best way would be storing image as a blob inside a database (if your website load is minimum). If you have maximum load on website like those of yahoo/orkut then the best way would be clustering the database server & store image in a distributed way.
Ujjwal B Soni
Ujjwal B Soni <baroda, gujarat, india> <+919909981973>
"Helping hands are better than praying lips......"
Load is certainly not an issue, in both cases it's just streaming some bytes from the one to the other side. Security is also not an issue, in both cases you can just configure security levels yourself.
Portability, shareability and searchability are more an issue. Storing images in a DB improves portability, but decreases shareability. Storing only raw binary data in a DB without any additional information decreases searchability. Side-storing file attributes like content type, file length, last modification time, etcetera in the database improves searchability, but that could better be done if you store the files in filesystem and only the path and/or filename in the database. You could use java.io.File to obtain file attributes.
In general I'd keep files out of the database, unless there are numerous attributes that you need to store and retrieve with them.
Using the file system raises issues of concurrency, though, so if the files are updated frequently (as opposed to read-only), it may not be easy to guard against that. That's be much simpler using a DB.
I wouldn't say that security is not an issue. Access control on the server is a matter of configuration, but the application logic that deals with who gets to access which files needs to be coded, and that may well be simpler for one approach compared the other. I agree that it likely is not the deciding factor, though.