siavash1979@xxxxxxxxx wrote:
is that really secure? I just thought if for any reason, someone can get into my database, they can't just add usernames and file ids to my table and have access. I thought if I md5 it, then it'll be more secured. would 1 table for username-fileid really be fine?
If they get that level of access to you database then most bets are off. However, you are correct to a certain extent. If you one-way encrypt (if MD5 can be called encryption) all your data then yes it will be more secure, but to me that security comes at too high a cost from a functionality point of view. You can't, for example, get a list of the files a particular user has purchased. But, as always, it's up to you and what you need for the particular project. If you feel you need that extra security then go for it, but be aware of the side-effects. -Stut -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php