|
Posted by Kenny on 09/05/05 00:14
Hello,
We're in the midst of creating a high volume transaction platform with
PHP and MySQL. Each transaction ties to a transaction ID that is in turn
an auto_increment, unsigned BIGINT(12).
The problem now is I do not want users to see this running transaction
ID when using the system (such that we can roll out surprises for the
customer of, say, the 10th million transaction).
We plan to convert the id to something like [A-Z0-9]-[checksums], (e.g.
1X2Z0HTDEKS93-C8P), for simple input-error detection, and we can use it
to lookup the relevant id from the database.
Which algorithm(s) in your opinion is the best for the encrypted
transaction ID and checksum such that:
- Transaction ID should always be unique
- Running sequence is not predictable (when you have 2 transactions, you
don't know how many transactions are between them)
- Contains only alphanumeric and case insensitive letters of not more
than 15 characters, excluding checksum
We've thought of using the first 15 characters of a MD5 hash, so we can
kind of SELECT substring(MD5(t_id)... during lookup, and CRC16 for the
checksum. Someone also suggests scrapping the auto_increment field from
db and generate our own using the below method
while (t_id exists in db)
randomize
but i see the 2nd method being quite taxing to the server as you have to
query at least one time per transaction.
I appreciate all inputs. Thanks!
Sincerely,
Kenny
[Back to original message]
|