Quote Originally Posted by visualAd
Storing large files in a database is not a good idea s retrieving them is a lot slower than just opening a file on the server file system. My suggestion is storing the files in a directory outside the document root and assigning each one a unique ID and a virtual path in the database and saving the file with a name that corresponds with its unique ID.
that is exactly what i am doing.

My script uploaded file 'mendhak.txt' and generates a new random name and stores it in /uploads/ directory which has forbidden access. The user never sees the generated name so they can never see the actual file.

when they go to download the file, i read from file, but i read it as 'downloadfile.txt' and not as the random name.