Melvin Davidson wrote:
> Aside from Tom Lane's comments, it seems to me you are reinventing the wheel
> by generating random values for keys. Why not just use UUID
> http://www.postgresql.org/docs/9.5/static/datatype-uuid.html
> or serial
> http://www.postgresql.org/docs/9.5/static/datatype-numeric.html#DATATYPE-SERIAL?
> Wouldn't that simplify things by insuring uniqueness?
UUIDs are 36 characters wide; it's too boring and error-prone
for a person to type this on a keyboard or spell it over the phone
to an operator.
For SERIAL, it's too obvious to guess what is the next one,
so malicious people could claim access codes or vouchers
they don't own.
The constraint is that such codes must be reasonably short, but
someone who tries to make up one must have a near-zero chance
of guessing one that actually exists.
Best regards,
--
Daniel Vérité
PostgreSQL-powered mailer: http://www.manitou-mail.org
Twitter: @ManitouMail
