Y
Hacker News
new
|
ask
|
show
|
jobs
by
cyphar
3673 days ago
Never use filenames in a database. There's a bottomless well of security vulnerabilities that spring forth when you decide to "just store a path to the asset".
1 comments
unlinker
3673 days ago
Of course, you don't take for granted what the client says. You generate your own file name.
link