Well the question is self-explanatory. One more thing would be, if it is a security risk then please provide an example of what the user could do. In this case the primary key would be something like : “Product ID”
Thanks!
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Well the question is self-explanatory. One more thing would be, if it is a security risk then please provide an example of what the user could do. In this case the primary key would be something like : “Product ID”
Thanks!
No more than showing any other piece of data. If you’re vulnerable to SQL injection attacks then showing the primary key is probably the least of your concerns.
Think about it this way, if someone can execute arbitrary sql against your db, which is going to cause more harm:
delete from users where id = 100ordelete from users where surname = 'smith'?