473,324 Members | 2,179 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Secure a unique ID before inserting into DB

Hello,
I am writing an application to handle support requests, and the user
needs to have his request number printed out in front of him even before
he hits the "submit" button. I have no idea how to secure a unique
number without relying on a database.
How could this be done ?

thanks.

--
luc wastiaux - email: du*******@airpost.net

Jul 17 '05 #1
4 2686
> I am writing an application to handle support requests, and the user
needs to have his request number printed out in front of him even before
he hits the "submit" button. I have no idea how to secure a unique
number without relying on a database.
How could this be done ?


how about inserting a record before submit? In other words, you have php
file that displays form to enter request. Before you do anything in that
file insert a record, and put in some column of it something like
"finalized='F' ,and then display form now that you know the Id.

Then when you process submit, just update the existing record, and turn
"finalized='T'".

rush
--
http://www.templatetamer.com/

Jul 17 '05 #2
or you can store a number in a file and everytime you need to display the
page read it, increment it and save the file. Its something like doing page
view counters.

sanjay
"rush" <pi**@rush.avalon.hr> wrote in message
news:bn**********@ls219.htnet.hr...
| > I am writing an application to handle support requests, and the user
| > needs to have his request number printed out in front of him even before
| > he hits the "submit" button. I have no idea how to secure a unique
| > number without relying on a database.
| > How could this be done ?
|
| how about inserting a record before submit? In other words, you have php
| file that displays form to enter request. Before you do anything in that
| file insert a record, and put in some column of it something like
| "finalized='F' ,and then display form now that you know the Id.
|
| Then when you process submit, just update the existing record, and turn
| "finalized='T'".
|
| rush
| --
| http://www.templatetamer.com/
|
|
|
Jul 17 '05 #3
Rob
You could base the number on the Unix time stamp. That would always be
unique (since it's just one long string of seconds since 1970). Then append
that number with some other identifier (IP address, User ID, etc) Then,
when they hit "submit", just save it.

Using that method would also automatically give you the date/time that the
request ticket was created; all you'd have to do is parse and decode the
first part of the request ticket.

Here's a base reference. Look at all the date/time references in the PHP
manual as well.

http://www.phpfreaks.com/quickcode/H...Numbers/17.php


Rob
"luc wastiaux" <du*******@airpost.net> wrote in message
news:bn********@enews4.newsguy.com...
Hello,
I am writing an application to handle support requests, and the user
needs to have his request number printed out in front of him even before
he hits the "submit" button. I have no idea how to secure a unique
number without relying on a database.
How could this be done ?

thanks.

--
luc wastiaux - email: du*******@airpost.net

Jul 17 '05 #4
Rob wrote on Wednesday 22 October 2003 10:07:
You could base the number on the Unix time stamp. That would always be
unique (since it's just one long string of seconds since 1970). Then
append
that number with some other identifier (IP address, User ID, etc) Then,
when they hit "submit", just save it.

Using that method would also automatically give you the date/time that the
request ticket was created; all you'd have to do is parse and decode the
first part of the request ticket.


That wouldn't work for simultaneous users who are using a proxy server.
i.e., if at any point that app was used by 2 or more users simultaneously
under the same proxy, it would have to use a different logic for generating
unique IDs.

One that I've seen and used a lot is similar to (or expanding of) what
Sanjay suggested with the difference that there's many numbers and they are
all stored in a database table.

So, you have a table:
uniqueid
----------
id

and a few number records (depending on user load) like:

150, 151, 152, 153, 154, 155

When you want a new ID, you grab the lowest ID (150), delete it, and insert
a new one at the end (156). Sometimes, and depending on database platform,
it is recommended to use transactions, as well as row-level, page, or table
locking to handle [rare, depending on the user load] truly simultaneous
requests.

This is a brief comment. There are some views and papers published on this
by experts. I'm sure if the OP searches, he will find some nice ways to
accomplish this.

--
Business Web Solutions
ActiveLink, LLC
www.active-link.com/intranet/
Jul 17 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: Tony Clarke | last post by:
Hi, I'm trying to write a system thats used for about 50 clients that uses html forms and php to log details. The problem is that when a client loads the form page it's given a value which is...
6
by: Poul Møller Hansen | last post by:
I have made a stored procedure, containing this part for generating a unique reference number. SET i = 0; REPEAT SET i = i + 1; SELECT RAND() INTO reference FROM SYSIBM.SYSDUMMY1; SET...
24
by: pristo | last post by:
hello All, how can i insert unique ID into binary file (that created by compiler)? (so after compiling i can to identify the src that i use) thx
10
by: Jerry LeVan | last post by:
Hi, I am futzing around with Andrew Stuarts "Catchmail" program that stores emails into a postgresql database. I want to avoid inserting the same email more than once... (pieces of the email...
7
by: Robert Seacord | last post by:
The CERT/CC has just deployed a new web site dedicated to developing secure coding standards for the C programming language, C++, and eventually other programming language. We have already...
3
by: Will | last post by:
Is there a good article - or maybe a good chapter in a book - that someone can recommend on the topic of how to make cookie handling secure? I'm interested in common techniques for: -...
10
by: Phil Latio | last post by:
I am inserting data into user table which contains 5 fields, sounds simple enough normally but 2 of the fields are designated as UNIQUE. If someone does enter a value which already exists, how do I...
1
by: rdsandy | last post by:
Hi, I have a table Risk, a table Mitigation and a table RiskArchive. I am taking the RiskID, Criticality and MitigationPlan fields from Risk, and MitigationActionID from Mitigation and inserting...
8
by: Harris Kosmidhs | last post by:
Hello, while I'm developing sites for some time I never coded a login form with security in mind. I was wondering what guidelines there are. For my point of view I'm thinking of using md5...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.