Community Auth Learning... |
@Brian
Should I create register_form.php too? (08-21-2015, 04:38 AM)solidcodes Wrote: Okay I just modified the codes, It could be that the max value available to mt_rand is 2147483647 and not 4294967295 You might try changing the number there and see if it works. I'll have to investigate, but try that and let me know. (08-21-2015, 05:04 AM)solidcodes Wrote: @Brian CodeIgniter and Community Auth will not limit you in your ability to create a registration form, but that functionality has not been included in Community Auth because Community Auth is not trying to be your application. You be the dev! (08-21-2015, 02:05 PM)skunkbad Wrote:(08-21-2015, 04:38 AM)solidcodes Wrote: Okay I just modified the codes, It is, no matter if you're on a 32 or 64-bit system. But either way - there's mt_getrandmax().
@Narf
Copy that. Is this a good UUID? https://gist.github.com/dahnielson/508447 @Brian Why randomize it? Why not just let MySQL auto-increment it?
OK, I just updated the repo. I'm now using this:
PHP Code: $random_unique_int = 2147483648 + mt_rand( -2147482447, 2147483647 ); This gives a semi random integer between 1200 and 4294967295, which was my original intention. Please keep in mind that the examples controller is really just for simple examples. It's not meant to build off of. You may not want to randomize your user IDs, and perhaps instead auto increment them. You may also want to create blocks of user IDs for different user types. Whatever you decide to do, just keep in mind that because the user ID field in the database is int(10), you are limited to 4294967295 if UNSIGNED, and it is unsigned by default. You may decide that randomizing the user IDs is beneficial for some reason. Although, as Narf points out, mt_rand is not so random, it's been random enough for me. I like the idea of having user IDs that are not auto incremented, because who is always admin? Yeah, #1, right? Another thing to consider is that if you have a user that has a ID that is 10101. They will probably assume that there is a user ID 10102. If you are randomizing IDs, the chances of a user guessing another user's ID is difficult. In the range of 1200 to 4294967295 is A LOT of numbers! Over 4 Billion. I'm a firm believer that security through obscurity is not security at all, but it doesn't hurt to make things harder. Anyways, thanks for using Community Auth and providing feedback. These kinds of things will lead to a better Community Auth.
|
Welcome Guest, Not a member yet? Register Sign In |