What is the uniquid in user_user good for

Technical discussion for developers and service providers

What is the uniquid in user_user good for

Postby tpk » 9:14pm, Wed 26 Jan, 2011

Hi,

just don't understand why the id in user_user is not already unique enough? :D
tpk
phpLister
 
Posts: 8
Joined: 8:09pm, Thu 25 Feb, 2010

Re: What is the uniquid in user_user good for

Postby duncanc » 9:17am, Thu 27 Jan, 2011

The unique id is incorporated into the URLs for preferences and unsubscribing to identify the user, as an alternative to using a user id / password.

If a simple sequence number was used to identify a user then that could easily be guessed by a hacker. If my id is 234 then I can guess that there is also a user for id 233 so could unsubscribe him.

The unique id is a message digest of the system timestamp that someone else could not recreate.

The sequence number id is used internally within the phplist code to identify the user.
duncanc
Moderator
 
Posts: 2440
Joined: 6:34am, Sat 08 May, 2010
Location: London

Re: What is the uniquid in user_user good for

Postby tpk » 10:37am, Fri 28 Jan, 2011

Ah, thanks for the effort, now I can sleep in peace :-)
tpk
phpLister
 
Posts: 8
Joined: 8:09pm, Thu 25 Feb, 2010


Return to Developers Space

Who is online

Users browsing this forum: No registered users and 1 guest

cron