Storing user uploaded files

Question

I am making something where users can upload files, specifically images (jpg, gif and png). I have done the obvious things like cleaning the file names and allowing only letters, numbers and some symbols, but the more I think about it the more problems I think of.

For instance, what if a user uploads a file with the same name as one that is already stored? It's going to overwrite it, so I thought about appending a time-stamp to the end of the files name, but isn't this going to impact negatively on SEO?

What is standard practise when it comes to storing files that are uploaded by users in terms of actually storing the file on the file system, adding an entry into the database and optimising, in this case, images for SEO?

---

Images can be uploaded anonymously.

Answer 1

My advice is that you store the files into for example "uploads" directory. Put an ".htaccess" file inside this directory with:

deny from all

The stored files can be named only by a timestamp and a random number for example, or the first letters of the origin name. Then, you store the file information in the database.

Now, a PHP file to read the requested file, and some rewrite rules to redirect to this PHP file on the long name of the file.

Does that make sense?

Answer 2

Would it not be expected that to upload a file with the same name would overwrite the old one?

If this is not required behaviour (say you are doing backups) then if file_exists() then rename the old file and then write the new upload to the old address.

bulldog.jpg

On duplicate becomes:

bulldog.jpg
1bulldog.jpg

Or similar.

Answer 3

In general, search engines won't care much, as long as the meta data is fine and the file name contains relevant information as close to the left as possible.

For example, eiffel-tower.jpg, eiffel-tower-01.jpg and eiffel-tower-02736293.jpg won't get all that different SEO scores.

In your particular case, appending "-xx" to the file name where xx is the number of current images of the same name +1 would do just fine. Timestamp will be easier to implement, but the fewer digits there are, the prettier it looks to both search engines and people.

Another option is storing them into subfolders by date, as in, /2014/03/eiffel-tower.jpg. Again, if someone uploads an image of the same name, you can append "-xx" as above.

Answer 4

Generally this method is in use;

1) Check if the file exist

2) if exist, prefix or suffix to the file name...

for example in wordpress, if a file exist, wp adds width x height to the end of image... like image_name_250x300.jpg and image_name_500x600.jpg etc...

Update: prefix or suffix is not important for seo. Google stop to pay attention to something which can be manipulate by site owners, long time ago.

Answer 5

You can store the image using a unique key like 9ajk298.jpg. Store the original name , unique key ,extension in the database.

Add some rewrite rule and server side scripting to mock it as

www.example.com/images/9ajk298/bulldog.jpg