|
|
Posted by Oli Filth on 11/19/21 11:45
Oli Filth said the following on 19/04/2006 16:01:
> MaXX said the following on 19/04/2006 15:54:
>> Good Man wrote:
>>> MaXX <bs139412@skynet.be> wrote in
>>> news:e258nf$pbt$1@talisker.lacave.net:
>>>> The problem is if I'm a nasty guy I just write my own form and delete
>>>> any record I want (since I'm auth'd) by just sending another id.
>>> in your database, add a column called "keystring" and index it.
>>> populate
>>> it with 18 characters or so (write a PHP function that does this at the
>>> same time you enter the info in the database). So, this 'keystring' for
>>> record 1 might be '9jfhdsufs8ywre' while record 2 might be
>>> 'agsadgiwqegiqw'.
>> It's the idea I have, but I need a to find a way to do this with an
>> absolutly unique "keystring" (md5*/sha1??) to avoid duplicate (may be
>> extremely rare, but this is the kind of bug you don't want to hunt one
>> day ;-) ...)
>>
>
> You could define the keystring column as a unique index. If on your
> first insert you get back an error (implying a duplicate), then you can
> just modify the keystring and insert again. Repeat until success!
>
> Of course, if this is the method you go for, then using some sort of
> hash is redundant; you might as well just generate random integers or
> strings of a suitable length.
>
Integers are probably better, because it will take less work for the DB
to index them.
--
Oli
Navigation:
[Reply to this message]
|