CodyMTX

Thank you Larry and Edward! I appreciate the responses! I suppose there is no immediate damage done for them knowing the primary keys. I just didn't want to have someone use a program to systematically attack the site by scrolling through numbers associated with users, posts, etc. I hope that makes sense. I was looking at using a GUID, but it may possibly have performance issues as well as making it a pain to code with. Thanks again!

I had one quick question. Do you think it is a secure approach to expose the primary key in the URL? (Example: http://www.example.com/user/54). I think it presents to much information to someone interested in data-mining your site. They could easily tell how many objects you have or how many users you have, etc. Is there a way to use a GUID or something that would hide it, or is it worth going down that route?​ If there is, it may make for a good short entry in the Yii Book. I read the book twice and don't recall seeing any information about that. Thanks!!!