[geeklog-cvs] Geeklog-2/sql create.sql,1.6,1.7
tony at iowaoutdoors.org
tony at iowaoutdoors.org
Sun Feb 20 22:28:57 EST 2005
Update of /var/cvs/Geeklog-2/sql
In directory www:/tmp/cvs-serv13786
Modified Files:
create.sql
Log Message:
Added rewrite_id and make it a UNIQUE field. This field is our attempt to maintain a bit of security by obscurity as we will not be using the item_id in URL get strings. Instead we will use the rewrite_id which can be either user specified or, in the default case, we will assign a somewhat random number to it. The main reason we are doing this is item_id's are auto_incremented so it if we used them in the URL it'd be easier for hackers to try and access things they may not need to.
Index: create.sql
===================================================================
RCS file: /var/cvs/Geeklog-2/sql/create.sql,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** create.sql 22 Dec 2004 00:02:32 -0000 1.6
--- create.sql 21 Feb 2005 03:28:54 -0000 1.7
***************
*** 130,133 ****
--- 130,134 ----
CREATE TABLE gl2_item (
item_id int unsigned NOT NULL auto_increment,
+ rewrite_id varchar(30) NOT NULL,
type_id int unsigned NOT NULL,
user_id int unsigned NOT NULL,
***************
*** 145,148 ****
--- 146,150 ----
INDEX (right_index),
PRIMARY KEY(item_id),
+ UNIQUE(rewrite_id),
INDEX (type_id),
FOREIGN KEY(type_id) REFERENCES gl2_list_of_values ( lov_id),
More information about the geeklog-cvs
mailing list