Good day everyone! There is a need to uniquely identify the user, moreover, without using the registration. Those. An anonymous user has come - and you need to write to him in the session some kind of identifier. There is an idea to write a random line, but suddenly these lines will coincide with different users (there is a chance, but a miserable one)?
Hence the question, what unique data can be obtained from the user, so that later they can be encrypted and recorded in the session? All sensible considerations are welcome, thanks :)
metazet metazet
2,598 2 gold marks 13 silver marks 26 bronze marks
|
7 answers
- Build a hash from IP + timestamp + random number.
- Use UUID
Ilya Pirogov Ilya Pirogov
10.4k 1 golden mark 14 silver marks 25 bronze marks
- one3. Shove hash information from HTTP headers. The same User-agent. As a pleasant side effect, the user will not be able to clone cookies to other browsers on his own machine. - gecube
- It seems we got to the bottom of the truth :) - metazet
|
If you take a hash from something, then a collision is possible in any case. And what is not an option to issue just consecutive numbers?
panda panda
184 4 bronze marks
- In order to issue consecutive numbers, you must at least keep the number of users in the database - and this is an extra amount of haemorrhoids. - metazet
- the main thing is not to explicitly transmit them to the user, otherwise there will be a temptation to modify them and try to reach other sessions. On the other hand, it is worth counting how many users there will be, maybe it is worth using 64 bits or two 64-bit numbers. - KoVadim
|
http://javascript.ru/unsorted/id - ideas were. True, not in relation to the python.
ling ling
14k 1 golden mark 18 silver marks 45 bronze marks
- Thank you, read! - metazet
|
You can on arrival of the user, remember Unix time, in seconds. And encode it either in base64 or in md5 =)
systemiv systemiv
286 1 golden mark 4 silver marks 17 bronze marks
- oneAnd if 2 users come at the same time? The project is assumed to be highly loaded. Maybe some kind of IP data, etc. available? As an option - “glue” the time of arrival with something random and take a hash from it. What do you think about this? - metazet 2011
- Why not. This is called "salt" =) You can simply generate a number from 1 to 10 and add two hashes. Uniqueness is nearing 100% - systemiv
- I thought about it, but I still want to achieve complete uniqueness at the expense of some additional technical parameters of the user, or something. Let's wait for more ideas. - metazet 2011
|
In the database, create a field that will contain a number. The visitor came to the site, UPDATE to +1 and return the number. We glue the resulting number of IP and time (), encrypt it in md5. Better yet, encrypt in base64 and then md5.
Palmervan palmervan
8.536 3 gold marks 19 silver marks 39 bronze marks
- I already wrote here in the comments that storing this number in the database is an extra hemorrhoid. Additional requests are not good - therefore it is better to do without them. - metazet
|
For God's sake, invent yourself. There are millions of options for a unique identifier. Know one thing, md5 does not repeat. Take the unix time parish, as mentioned above, hash it, but when you cram into the database, check if there is such an ID, if there is, just make the md5 (uid + time) uid of the one that already exists and voila.
Nicolas Chabanovsky ♦
38.1k 54 gold marks 222 silver marks 438 bronze marks
nikotm nikotm
51 4 bronze marks
|
What about those who go from work, they will often have the same IP in the same orgonization. The only thing that is unique in almost all PCs is mac and if you add one of the above options to it, then everything will be ok.
papai papai
one
|