I had one quick question. Do you think it is a secure approach to expose the primary key in the URL?
(Example: http://www.example.com/user/54).
I think it presents to much information to someone interested in data-mining your site. They could easily tell how many objects you have or how many users you have, etc.
Is there a way to use a GUID or something that would hide it, or is it worth going down that route?
If there is, it may make for a good short entry in the Yii Book. I read the book twice and don't recall seeing any information about that. Thanks!!!