How about something like
http://www.whatever.com/file.cfm?CustomerID=459&CustLastName=Lastmane&CustEmail=email
Some customer must know all three to access some else's account.
At 10:19 AM 10/16/00 -0400, you wrote:
> > I second that. Mike - I'd be very interested in hearing your reasons as to
> > why you think it is bad practice to use Autonumbers. Have you had some bad
> > experiences with them?
> >
> > ------------------------------------------------------------------
> > Andrew Ewings
>
>
>It depends where you use them. A customer could, for instance, look at a URL
>and see CustomerID=459 and then change this to bring up someone elses
>account. .
>.Or go into a cookie and change a number, or a hidden form field. If you
>use a
>GUID or some sort of algorithm to create a unique ID you're much safer. I use
>Identity columns all the time, but only with non-critical data.
>
>tom
>
>------------------------------------------------------------------------------
>Archives: http://www.mail-archive.com/[email protected]/
>To Unsubscribe visit
>http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
>send a message to [EMAIL PROTECTED] with 'unsubscribe' in
>the body.
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
