nothing stops you from making the UUID the ID field in the database. most databases support such behavior.
GAE even provides a way to name a record though i don't think we have built that in to web2py yet.....but GAE's default ID generation is across the entire database so i have never been able to guess the next ID of a table. On Saturday, April 14, 2012 2:40:25 PM UTC-7, Anthony wrote: > > Well, it's probably best to use access control on the server rather than > relying on someone not guessing an ID, but if you really need to enable > access solely via the URL, then you probably want a long ID (like a UUID). > > Anthony > > On Saturday, April 14, 2012 5:16:53 PM UTC-4, pbreit wrote: >> >> How do people usually do this? Obviously it's easiest just to use IDs and >> prety easy to avoid any problems with guessing IDs. >> >> But if you do want to obfuscate IDs I suppose you could either add the >> column (not ideal since better to work with IDs) or do the encryption each >> time you create and retrieve an ID (for example, via virtual fields). >> >> Here's an article with several implementations: >> >> http://kevin.vanzonneveld.net/techblog/article/create_short_ids_with_php_like_youtube_or_tinyurl/ >> >> >>
