So, I have a website where I have let users to upload files. After the users upload the file to a directory, I store the file name, type, size in a DB and when the users request for the files, I fread the file and echo the file contents along with the appropriate header information.
This way I am trying to avoid running any scripts the user might have uploaded.
Now, are there any performance or security issues associated with this method?
Thanks in advance