Am 10.03.2011 21:56, schrieb Claudio Nanni: > On Mar 10, 2011 9:23 PM, "Reindl Harald" <h.rei...@thelounge.net> wrote:
>>> So hashing or encrypting the id column will make the id's non-contiguous > and impossible to guess. >> >> sorry but this is foolish >> leave the id in peace and add a colum with some checksum > > Wordpress guys are also foolish? of course they are look at their awful code you will not really tell me that quality looks like wordpress? > And what's the difference between passing in a GET an encrypted Id or > passing another column with a checksum deriving from the Id? what exactly do you not understand? fecth the record by its primary key is pretty fast decide the data-output by a checksum which is independent to the key how will you do this any other way? you can not use hash functions because you can not revert them for fetch the record, so you have to use obfusction you can revert to the key and if you can do this anybody will sooner or later
signature.asc
Description: OpenPGP digital signature
