PHP Classes

PHP Secure ID: Generate record IDs that map to real DB record IDs

Recommend this page to a friend!
  Info   View files Example   View files View files (2)   DownloadInstall with Composer Download .zip   Reputation   Support forum (1)   Blog    
Ratings Unique User Downloads Download Rankings
Not enough user ratingsTotal: 245 All time: 7,969 This week: 107Up
Version License PHP version Categories
secure-id 1.2Public Domain5.4PHP 5, Databases, Validation
Description 

Author

This class can generate record IDs that map to real DB record IDs.

It can generate random ID values with number values that start with high values.

The class can check if the ID was already generated before and regenerate it if it is the case.

The class can associate the generated ID to a real ID used to identify real records.

Innovation Award
PHP Programming Innovation award nominee
May 2015
Number 3


Prize: One book of choice by Packt
Many sites use the sequential identifiers used in database records to pass references to information about those records in URLs of the site Web pages.

This fact may help people that scrape information from Web site pages because they can guess what is the next page URL by incrementing the identifier value used in a given page.

This class can generate IDs for records that map to real database records. This way a scraper cannot guess the real ID of a package, and so cannot guess the identifier of the next pages.

Manuel Lemos
Picture of Matthew Knowlton
  Performance   Level  
Name: Matthew Knowlton is available for providing paid consulting. Contact Matthew Knowlton .
Classes: 6 packages by
Country: United States United States
Age: 28
All time rank: 2038291 in United States United States
Week rank: 349 Up41 in United States United States Up
Innovation award
Innovation award
Nominee: 4x

Winner: 1x

Example

<?php
require_once('siteIncludes.php');
require_once(
'secure_ids.class.php');

$sIDs = new secure_ids();

//get list of personal friends who allow me to view info for them
$friends = getFriendList();

//For each of my friends print a link to the view info page for them
foreach($friends as $friend){

   
//Suppose the following was my link and I was using the users record number from the database
    //I could easily increment the url value and get info for someone who had not approved me accessing their data
    //echo '<a href="getInfo.php?ID='.$friend['RecNo'].'">'.$friend['Name'].'</a><br/>';

    //This senario is safe The id is not only unguessable but no id that hasn't been run through the secure_ids class will be accessable
    //In getInfo.php just run $sIDs->displayID($_GET['ID']); to get the real ID back
   
$friendID = $sIDs->displayID($friend['RecNo']);
    echo
'<a href="getInfo.php?ID='.$friendID.'">'.$friend['Name'].'</a><br/>';
}


  Files folder image Files  
File Role Description
Plain text file secure_ids.class.php Class Class Source
Accessible without login Plain text file secure_ids.example.php Example Example Script

Downloadsecure-id-2015-06-23.zip 1KB
Downloadsecure-id-2015-06-23.tar.gz
Install with ComposerInstall with Composer
Needed packages  
Class DownloadWhy it is needed Dependency
Add Module PHP Trait Download .zip .tar.gz For allowing custom encryption method Required
 Version Control Unique User Downloads Download Rankings  
 0%
Total:245
This week:0
All time:7,969
This week:107Up