Fernando, It would be better to protect you application in an other way: e.g. create the ids with random, fixed-length postfixes. My practice is to create 4-length postfix with 0-9a-zA-Z random pattern. This is 62^4 possibility for each id in the sequence, e.g. 1aiP7, and 2pN63 is valid, but 1aiP6 is not (because it does not exists in the database). And if you strip the 4-length postfix, you can get a normal sequence (1, 2, ..., 9, a, ..., z, A, ..., Z, 10, 11, ...)
Looking it in other way, if you create a hash for each id and accept only request knowing the hash, you are a bit safer (until a hacker decodes the hash algorithm). Hope it helps, Istvan --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
