Currently (all Moodle versions) under the moodledata/users directory, one dir with the userid is created to store, basically, the avatar of the user. This system has two big drawbacks:
1) BIG sites are beginning to raise the "Max files per dir" OS limit. And usually, this is one hard limit.
2) The structure under each userid directory is pretty plain and we should start to accommodate it for future personal storage.
So, I would propose to:
1) Create one simple algorithm that, based in one number (userid), will return one unique hash of fixed length.
2) Create one function - create_user_dir($userid) - in order to create the user storage area. Such storage area should be created by creating nested subdirs with parts of the hash calculated in step 1 (nor raising, say, 12 bits, per name = 4096 dirs per dir). This function could have one optional parameter ($migrate = false), to allow migration from old user storage areas to the new ones transparently.
3) Create one function - get_user_dir($userid) - in order to get the path to the user storage area. This function should check for the new areas + the current ones in order to keep compatibility.
4) Inside each user storage area, create one "private" dir, where we'll move the avatars. Such "private" dir is intended to store files that are handled by Moodle but without FileManager access for students in the future.
5) Change all current uses of user storage area to use the functions defined above.
6) Document it to allow developers to know how they must handle files in that zone.
Sounds simple. Ciao