| From: | Brook Milligan <brook(at)biology(dot)nmsu(dot)edu> |
|---|---|
| To: | electric_csf(at)hotmail(dot)com |
| Cc: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: Re: Using Random Sequence as Key |
| Date: | 2001-04-17 16:07:24 |
| Message-ID: | 200104171607.KAA08777@biology.nmsu.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
It is a good way to solve it but since I don't want/can't use cookies in my
application I could use only the random key but it would have to be unique
or the where key=$key could refer to multiple lines or I would have to ask
for the user to input both the random and the serial number wich wouldn't be
very good either. That's the reason I've being trying to make a random key
wich would be unique so I could ask for the user to type his order code and
then select info from orders where ordercode=$ordercode and not have the
risk of getting multiple answers (more then one line with that ordercode) or
someone typing his ordercode-1 and accessing someone elses form.
Do you have users logging in so that you know who is requesting the
data? If so, just make a view that includes WHERE name = current_user
to filter out all irrelevant (i.e., other people's) rows (inserts
should set name to the appropriate user, of course). In that case a
SERIAL will work fine, since there is no chance of seeing anyone
else's information and the SERIAL is unique. More secure, also.
Cheers,
Brook
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Hoffmann | 2001-04-17 16:11:09 | Re: RTREE on points |
| Previous Message | Vivek Khera | 2001-04-17 15:45:08 | Re: DB porting questions... |