Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I am using BIGINT in mysql server for id. There are some operation which needs for client side storage of id. So, I can't trust the id coming back from the user brower. I want to validate that data. so the question is
1) what is the exact range of BIGINT(255). The range of the BIGINT(255) is not easy to validate. please let me know how to validate it with regex.
2) should I do this check on id coming back from client, am I just over concerning the issue or should I validate the id to avoid sql injection?
From MySQL doc:
For signed BIGINT: -9223372036854775808 to 9223372036854775807
For unsigned BIGINT: 0 to 18446744073709551615
I think you just need to verify if the ID is a number, and within the range defined by BIGINT
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I have a system, survey form that I have developed.
my problem is how do I Insert or assign the serial key value to the survey table in the database?
I have to two tables one to store the survey answers and the other table that stores the serial keys. After the user fills in the survey/questionnaire, how can I then assign a serial key to each completed survey(in the database), and then display to the user the assigned serial key.
Also How can I make sure that Once a specific serial key is assigned, it won't be assigned again.
I am using php and Jquery mobile and mysql to develope the system
I really need help.
You want a UUID. There are functions to create these in several languages:
http://php.net/manual/en/function.uniqid.php
http://docs.oracle.com/javase/7/docs/api/java/util/UUID.html
etc...
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I'm building a php web app that requires to create an invoice, where its ID must be incremented (e.g: 15235, 15236, 15237,...etc). It all works fine with 1 user creating the invoice. The the issue arise when there are more than 1 users hitting the create button at the same time. Supposedly the next incremented ID is 15230, and having 3 users hitting the create button the same time, the app will return 15232 to all 3 users.
FYI, I store the last used ID in a database and increment it when users create an invoice.
Does anyone has any solution? Your suggestion is much appreciated.
Simply use built-in mechanics and define ID field as AUTO_INCREMENT.
You can read more about that here.
After that just skip ID in your INSERT queries and database will take care about that for you.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I need to create an extra column (using PHP and mysql) in my table that contains a random key. Maybe I could hash data from the row table to have unique values. Please I need suggestions.
using a timestamp as a source for a hash should be enough to get a unique hash. Better to use microtime() instead of time() because there could be 2 requests in the same second.
$hash = sha1(microtime());
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
It may sounds trivial. but I want to know the Secure way of generating user-IDs to be used in MySql table. This is because I feel that using pure Integer IDs can enable hacking?.
Everything can be hacked, the only difference is that if the ID is used as a parameter in the URL or any other input. Then a GUID could be better to use.
Example : url/?id=1.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
Consider this URL http://twitter.com/#!/sravfeyn/status/114003158891634689 , why is the query integer so long, if it's a primary key in MySQL data table, and can be started from zero and be auto-incremented? Why should one implement his/her website's queries cryptic like this?Any security reasons?
It's not for security reasons, it's because there are so many tweets that using an auto increment ID field has reached it's maximum unsigned integer length and may crash some apps built for twitter.
The status ID's are now made up of timestamp and other details.
http://techcrunch.com/2009/06/12/all-hell-may-break-loose-on-twitter-in-2-hours/
http://engineering.twitter.com/2010/06/announcing-snowflake.html
There is no lengthening of the number; it is the actual post number. Twitter has millions of post a days so this isn't much of a surprise,.
As you can see, there are also double-digit posts on twitter. I think this is the first one.