I didn't know that it was possible... isn't the ID created by web2py ? On Sun, Apr 15, 2012 at 12:28 AM, howesc <how...@umich.edu> wrote:
> nothing stops you from making the UUID the ID field in the database. most > databases support such behavior. > > GAE even provides a way to name a record though i don't think we have > built that in to web2py yet.....but GAE's default ID generation is across > the entire database so i have never been able to guess the next ID of a > table. > > > On Saturday, April 14, 2012 2:40:25 PM UTC-7, Anthony wrote: >> >> Well, it's probably best to use access control on the server rather than >> relying on someone not guessing an ID, but if you really need to enable >> access solely via the URL, then you probably want a long ID (like a UUID). >> >> Anthony >> >> On Saturday, April 14, 2012 5:16:53 PM UTC-4, pbreit wrote: >>> >>> How do people usually do this? Obviously it's easiest just to use IDs >>> and prety easy to avoid any problems with guessing IDs. >>> >>> But if you do want to obfuscate IDs I suppose you could either add the >>> column (not ideal since better to work with IDs) or do the encryption each >>> time you create and retrieve an ID (for example, via virtual fields). >>> >>> Here's an article with several implementations: >>> http://kevin.vanzonneveld.net/**techblog/article/create_short_** >>> ids_with_php_like_youtube_or_**tinyurl/<http://kevin.vanzonneveld.net/techblog/article/create_short_ids_with_php_like_youtube_or_tinyurl/> >>> >>> >>> -- Sebastian E. Ovide
