Hello Merlin, Wednesday, November 3, 2004, 2:50:48 PM, you wrote: M> The system will send out emails to customers with a link where they can change M> their details. To identify the record, the link has to carry the client id. But M> if it is obvious that this is the id, manipulation of the id can lead to change M> any record they like. I don't want to get as far as passwords, in order to keep M> it simple for the customer. You could always not rely on the auto inc'd ID for this. Have an ID column, sure, but you could also have a "LinkID" column (or similar) which can hold a short random hash of characters. For example the first 8 characters of an MD5. You send this to the user in their emails, etc. Then a simple look-up in the DB to see what real ID matches the Link ID would suffice and you can continue as normal. Someone could still possibly guess a Link ID, but the longer it is, the harder it'll be to guess successfully. This is a technique I use currently and haven't encountered any problems with it. I have a "UserID" which is the auto-inc MySQL value for the user, and a "SiteUserID" which is a 32-char MD5 and that is what I use everywhere on the site - in emails, links, view/profile pages, etc. Best regards, Richard Davey -- http://www.launchcode.co.uk - PHP Development Services "I am not young enough to know everything." - Oscar Wilde -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
