mysql - Encode and decode url message ID using php

Question

I am trying to encode the message id of a php application and I cannot find a clear description on how to do so.

Basically I have a url for example - http://www.mymessager.com?messageID=1234

I want to have the system encode the message id for the url but do not change it in the database, for example - http://www.mymessager.com?messageID=38927648726894762345768

How can I do such a thing so that if someone goes to the encoded url the php will display http://www.mymessager.com?messageID=38927648726894762345768 in the address bar, but the script will pull message 1234 out of the database?

I know there have been similar questions out there, but I have not found one that talks about what I want to do (mostly is to clean the url).

Answer 1

Is this to avoid other users to open up other users private messages with messageID=4321 and so on? Because then this way is no way to go!

You should check that the user that is opening a message is actually allowed to do so.

If the messages is non private, and you just don't wan't people to incrementially view messages by modifying the number. Then you could add a 'messageKey' field to the database and setting random strings of a specified length. Example http://www.mymessager.com?messageKey=jadg23sf34lhs

Now just search in the DB for messages with that messageKey. Just remember to make sure that the messageKey is unique.

In this way you could also set the messageKey to something easy to remember, or SEO perhaps friendly. As long as it's unique.