dereuromark / cakephp-hashid
A CakePHP plugin to allow using hashids instead of numeric primary keys.
Installs: 9 781
Dependents: 0
Suggesters: 0
Security: 0
Stars: 36
Watchers: 6
Forks: 13
Open Issues: 0
Type:cakephp-plugin
Requires
- php: >=5.6
- cakephp/cakephp: ^3.6
- hashids/hashids: ^1.0|^2.0|^3.0|^4.0
Requires (Dev)
- fig-r/psr2r-sniffer: dev-master
README
Exposes hashids as drop-in replacement for your numeric primary keys.
DEPRECATED This plugin is deprecated in favor of the more robust and future proof solution through exposing a dedicated field. See Expose plugin.
A CakePHP plugin to
- cloak the actual numeric primary key behind the record (assuming you use a non public salt) for URLs, APIs and alike
- build short unique IDs (Even PHP_INT_MAX
2.147.483.647
becomeslXQAALg
for example, solength <= 7
for the hashid)
This branch is for use with CakePHP 3.6+. See version map for details.
Why hashids?
- They are super short, especially for the URL
- They are lightweight and fast. They work on the fly and require no table fields, no code changes. No overhead involved except for enabling the behavior.
- You do not lose sorting capability as with UUIDs.
- You can use hashids if you do not want to expose your database ids to the user - while not compromising speed - as a balance trait-off.
Why not UUIDS?
- UUIDs can be up to 200x slower with growing DB tables, complex or heavy joins and especially with CakePHP default char(36). But even with the recommended binary(16) it would not be ideal.
- UUIDS often times completely replace the primary key, making it impossible to sort anymore on those records. This is especially problematic with data that gets inserted at the same time (same datetime for created).
- UUIDS are often used to just cloak the numeric primary keys visibility of how much gets inserted over time. But that is not what they should be used for. If you want to synch data across DBs, then they are useful. But they should not be abused for other things.
UPDATE This is actually not true if you combine both AIID and UUIDs and use UUIDs only for external lookup but keep AIID for all internal joins and operations. As such the Expose plugin fully replaces this now.
Demo
See https://sandbox3.dereuromark.de/sandbox/hashids
Setup
composer require dereuromark/cakephp-hashid
and
bin/cake plugin load Hashid
Usage
See Documentation.
Alternatives
See this nice article on a different approach that would use both -allowing "int" for internal and "uuid" for external reference.