Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Can the users get to the pages via the Website? If the answer is yes then you should ask yourself if this is really a problem or not.</p> <p>If not then the problem is that you're not securing your pages or to put it another way: you're relying on obscurity for security, which is never a good move.</p> <p>My advice? Either secure your pages so only the right users can access them or don't worry about it.</p> <p>If you really must worry about it, just pass an extra field that must be correct for the given page. I wouldn't construct this from the ID. Perhaps generate another number or a GUID when you create the page entry in the database. If both fields aren't correct then don't display the page.</p> <p>Forget the simple character substitution and other naive obfuscation techniques. They're a waste of your time.</p> <p><strong>Edit:</strong> if you're after non-sequential IDs that are the same length, consider using UUIDs instead of auto-increment primary keys. Basically this is done at application level:</p> <ul> <li>Change your primary key to char(36);</li> <li>In your insert statement you have to set the key and populate it with the MySQL UUID() function.</li> </ul> <p>Take a look at <a href="http://www.mysqlperformanceblog.com/2007/03/13/to-uuid-or-not-to-uuid/" rel="nofollow noreferrer">To UUID or not to UUID ?</a> and <a href="http://forums.mysql.com/read.php?24,263462,263462" rel="nofollow noreferrer">UUID as a primary key</a>. There is performance degradation from this (specifically because you're using characters rather than integers for lookups) but unless you have a large (1 million+ rows) or data it probably won't be an issue in practice.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload