Managing User's Uploaded Files

Hi Guys,
I’m going to be allowing users to upload their own files as part of their profile for my web application.
My questions is, what’s the best way of storing these files (let’s assume that they’re just images for now, if it makes a difference).

Should some sort of folder structure be created, like 1 folder per user?
Or all files in a single location?

If we assume that millions of files will be uploaded, storing them in a single folder probably isn’t an option, but if creating a folder structure is the answer, how can this easily be achieved?

What are the most common methods employed?

Yep. phpBB for example, renames the files to something like a md5 hash, and removes the extension, saves the file to /files/ and stores the original filename, path to the uploaded file and other meta-data (eg file size, date, etc) in the database.

Good advice, thanks.
I suppose that the structure the files are in and what they’re called so long as they information is stored in a database and can be related to human readable information.

From a security point of view, don’t upload the files to anywhere they user has direct access to. eg, dont upload them your-website.com/users/files/ otherwise if a user manages to upload an executable file (php , or asp, etc depending on your server) they could compromise your website. Outside of the web folder is best, or protecting the folder with a deny from all htaccess file if it is accessible from the web is ok. Use a script to read the file and output the data if the file needs to be displayed.

As for directories and storage, Wikipedia (mediawiki) do something along these lines.:
generate a random, string from the filename (eg md5(fliename) )
create a directory from the first character eg: e
create a subdirectory from the first 2 characters. eg: e7
put the file in that directory.
store the file name, and file path in a database.