CodyMTX
-
Posts
2 -
Joined
-
Last visited
Posts posted by CodyMTX
-
-
I had one quick question. Do you think it is a secure approach to expose the primary key in the URL?(Example: http://www.example.com/user/54).I think it presents to much information to someone interested in data-mining your site. They could easily tell how many objects you have or how many users you have, etc.Is there a way to use a GUID or something that would hide it, or is it worth going down that route?If there is, it may make for a good short entry in the Yii Book. I read the book twice and don't recall seeing any information about that. Thanks!!!
Hiding Parameters Passed In Url Route
in The Yii Book
Posted
Thank you Larry and Edward! I appreciate the responses! I suppose there is no immediate damage done for them knowing the primary keys. I just didn't want to have someone use a program to systematically attack the site by scrolling through numbers associated with users, posts, etc. I hope that makes sense. I was looking at using a GUID, but it may possibly have performance issues as well as making it a pain to code with. Thanks again!