| From: | Dan Lyke <danlyke(at)flutterby(dot)com> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Using Random Sequence as Key |
| Date: | 2001-04-16 20:16:29 |
| Message-ID: | 15067.21277.884548.721903@wynand.flutterby.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Bernardo de Barros Franco writes:
> Hello, I was wondering if noone can help me maybe someone could at least
> give me some directions where to look for info or where to ask:
> I wanted to index a table by a random key.
As others have pointed out, making a unique random primary key is
tough. What I do for my cookie on my web based login system is have
two fields in my database, one's the "id SERIAL", the other is a
"magiccookie CHAR(16)" which I populate with 16 random characters on
the initial insert.
My cookie is then of the format "id/magiccookie". In my login
verification code I split on the "/" character and query on "WHERE
id=$id AND magiccookie=$magiccooke". Even though the "id" field is
encoded in the cookie in plain text a cracker can't just guess at the
user id number because that 16 character magiccookie needs to match as
well.
This also lets me be pretty loose about the id information, I can use
it in other public places, because only the magiccookie needs to be
restricted to being known by the logged in user.
Dan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Hoffmann | 2001-04-16 21:36:52 | Re: RTREE on points |
| Previous Message | Bernardo de Barros Franco | 2001-04-16 20:03:18 | Re: Using Random Sequence as Key |