Posted by MaXX on 11/19/78 11:45

Good Man wrote:

> MaXX <bs139412@skynet.be> wrote in
> news:e25ivo$17vf$1@talisker.lacave.net:
>
>> Good Man wrote:
>>> MaXX <bs139412@skynet.be> wrote in
>>> news:e258nf$pbt$1@talisker.lacave.net:
>>>> The problem is if I'm a nasty guy I just write my own form and
>>>> delete any record I want (since I'm auth'd) by just sending another
>>>> id.
>>> in your database, add a column called "keystring" and index it.
>>> populate it with 18 characters or so (write a PHP function that does
>>> this at the same time you enter the info in the database). So, this
>>> 'keystring' for record 1 might be '9jfhdsufs8ywre' while record 2
>>> might be 'agsadgiwqegiqw'.
>> It's the idea I have, but I need a to find a way to do this with an
>> absolutly unique "keystring" (md5*/sha1??) to avoid duplicate (may be
>> extremely rare, but this is the kind of bug you don't want to hunt one
>> day ;-) ...)
> to make a unique keystring, you could always md5 the current unix
> timestamp.
to be sure I've md5'd a concat of the timestamp (2005-11-12
19:11:14.043195+01) and the message and it seem to work at least with a few
hundreds of rows and I don't see how I can get any duplicates. Even if that
(unique constraint violation) the message will be logged again but a
slightly different timestamp...

Now I have a 32 chars unique identifier for each row, a bit too long but it
is doing the job fine.

[...]

Thanks again,
--
MaXX

[Back to original message]