> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Friday, June 07, 2002 9:03 AM > To: CF-Talk > Subject: RE: Hacking" a shared SQL server > > > I personally always use uniqueidentifiers for primary keys, it's just a > perference of mine. are they harder to work with? in my opinion, no, they > are just as easy to work with as integers. do they add some > "extra overhead" > and "extra access time" to the application? if they do, i have > never seen it > and the day you can, I'll start calling you The Flash. UID, in my opinion, > add little layer of extra security to your app. Anyone with a pea for a > brain can edit the url or form fields that are passed and change the value > of your variables. if you're using integers, you could easily > start "poking" > around in the app by change the variables. with UID it's a little more > complex to guess.
Using GUIDs as security through obscurity might buy you some more time than using sequential numbers, but in the end it is never a a substitute for error and variable checking in your apps. One reason I do not use them for my primary keys is for testing. What if I want to call up ProductID 956? How do I do it if the product has a GUID? What if I just want to plug that ProductID into the URL? Now I have to go and query my database based on some other product identifier -- possibly the product name -- and then cut and paste my GUID into the browser location field. It's an extra step that I'd rather do without. I am not saying NOT to use GUIDs as primary keys, but I'd have to have a damn good reason for it, most likely a business rule that would require it. --Andy ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
