A
Anonymous
Guest
I personally would NOT be saving the image to the database, but rather the path where the image is located on the server and the name of the image to the database table. In my opinion it serves two purposes, one it doesn't bog down the database table and there's less likelihood that the database is going to be hacked or corrupted by users intentionally or unintentionally doing something. As long as the image file is rename and is moved to a subdirectory (not the root directory) you should be ok. Using a standard HTML form to check the name with the path and name stored in the database table you should be all set to go.