Security for uploading images?


I am working on a website hosted at dreamhost where the user can upload images. They will be stored in a folder with a url to the image stored in an SQL database so that the pictures can be displayed on the website. Besides limiting file size and type, are there other security strategies I should use to keep infected images out? Are there ways to scan the image during the upload process so that the user can be immediately told that the upload was unsuccessful?




I’ve never played with this myself, but the DH wiki has an interesting notion in ClamAV.