On Wed, Feb 27, 2008 at 9:52 AM, Tobias Franzén <lists.zxinn@xxxxxxxxxx> wrote:
> Consider this, if you have not already:
> What if two users happen to have the same password?
>
> It is wrong to assume that no two users will never have the same
> password. Doing an update like that, just based on the password column,
> is an accident waiting to happen.
>
> You should have a uniquely distinguished name or designation for each
> user, and validate the user and password combination. Also, such a
> designation should be unique, and keeping entries in a column unique can
> be enforced with MySQL.
It's also safe to presume, however, that - since the OP said,
"Basically, what I'm trying to do is give a load of users an
individual password...." - by "individual password" he means that the
password *will* be the unique key.
Just a thought. ;-P
For all other intents and purposes, however, you're 100% correct.
Using a unique auto_increment key would be your best bet.
--
</Dan>
Daniel P. Brown
Senior Unix Geek
<? while(1) { $me = $mind--; sleep(86400); } ?>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
