Code

Opened 4 years ago

Closed 4 years ago

#15031 closed (invalid)

I need an alternate ID field with built in validation.

Reported by: rcfeldmann Owned by: nobody
Component: Uncategorized Version: 1.2
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

I need users to enter an ID to access other users accounts. I do not want to rely only on the default sequential ID as it would be too easy for an incorrect entry to bring up a different user. Also malicious users can just sit and keep adding/subtacting one to every number to determine my entire user directory.

I would like to add two digits to the end of the ID to make an extended ID. The first part will be the core (django's default sequential number), concatenated with a digit that is calculated from the core's digits, concatenated again with a digit that is calculated from the previous two digits.

Example would be user 00000435 would become user 0000043527. (4+3+5=12 so just use the last digit of 2, 5+2=7 again using last digit if it were > 9)

I was thinking I just need to have an extra field in my database. So I would have ID and ID-Ext and make it appear to users as just one big ID. But here is the trouble.

1) How do I get this to be calculated automatically when a new user is added?
2) How do I get the URLs looking nice? Without the extension, it would be "site/users/00000435/", but I want them to enter "site/users/0000043527/".

Another benefit of this is that my site looks a little more professional without the problem of convincing people to add them to my site seeing their user ID as 00000005 letting them know I only have 4 other users at that point. Instead they see 0000000550.

Attachments (0)

Change History (1)

comment:1 Changed 4 years ago by russellm

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to invalid
  • Status changed from new to closed

Trac is for logging known bugs in Django. If you have a "how do I" question, please ask on django-users.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.