I want to know what could be the potential risk with the displaying part of this behavior.
For the upload part :
1- A form with a file upload for image.
2- Image content is save into Mysql "longBlob" type
For the display :
loadImage.php
1- A script loadImage.php will receive as parameter the record id.
2- It Will set the proper image header
3- It will echo the longBlog content
The image will be load like this: src="loadImage.php?id=%i"