Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re: Safe for SQL

by Anonymous Monk
on Dec 10, 2002 at 18:48 UTC ( [id://218860]=note: print w/replies, xml ) Need Help??


in reply to Safe for SQL

I found it easier to use MS SQL's generated GUID using the following:

use DBI;
use DBD::ODBC;

my $dsn = "driver={SQL Server};Server=$dbserver;database=$database;uid
+=$username;pwd=$password;";

my $cnn = DBConnect($dsn);
my $SQL = "SELECT NEWID()";
my $rs_guid = $cnn->prepare("$SQL");
$rs_guid->execute;

[download]

Get the actual GUID from the obtained $rs_guid and the guid will be inserted back to SQL without any problem


Regards,
Nathan

Replies are listed 'Best First'.
Re: Re: Safe for SQL
by jk2addict (Chaplain) on Dec 11, 2002 at 21:00 UTC

    This brings up something I've been pondering for a while with regards to the predictability of using UUIDs.

    Back in early versions of MSSQL7, the newid() function would return predictable results when called consecutively. It appears that Data::UUID also does the same.

    Here's a quick run using create/to_string: 

    #!/usr/bin/perl -w -T

use Data::UUID;
use strict;

my $uuidgen = Data::UUID->new;

for (1..5) {
    my $uuid = $uuidgen->create();

    print $uuidgen->to_string($uuid) . "\n";
};

    [download]
    yields 
    1D888068-1DD2-11B2-AD1E-F3DCB6356242
1D8899D6-1DD2-11B2-AD1E-F3DCB6356242
1D88A142-1DD2-11B2-AD1E-F3DCB6356242
1D88A5F2-1DD2-11B2-AD1E-F3DCB6356242
1D88A994-1DD2-11B2-AD1E-F3DCB6356242

    [download]

    I usually use UUID to guarantee uniqueness, and sometimes in things like ecommerce, you don't want these things to be predictable in a basic effort to prevent end user guessing games. Yes, I know securiyy is much larger than that, but preventing predictable sequential keys for some things help. :-P

    If I know the first line above, it's pretty easy to start generating the next 4 through trial and error.

    Somewhere along the line, MSSQL7 SP3+ and MSSQL 2K made the output non predictable when running a series 

    select newid(), newid(), newid(), newid(), newid()

    [download]
    yields 
    F52C627C-E150-44AB-8CE9-4A4CBFF2C8EE
5E3190A5-670F-491A-A9E4-18E15B0129FD
227533E0-65A2-4668-B7F0-97F7BCC8625F
7C85C050-4956-4E1E-BFFB-2FE6E6378267
AAF3F967-30C3-418B-BD6F-2CC8B8440DD9

    [download]

    So, what changed I wonder, and how can I make Data::UUID behave more like MSSQL2K when generating consecutive uuids?

    I tried feeding the previous uuid into the namespace/name of the new uuid during creation and it appears to work. 

    #!/usr/bin/perl -w -T

use Data::UUID (NameSpace_X500);
use strict;

my $uuidgen = Data::UUID->new;

# Get first random seed uuid
my $uuid = $uuidgen->create();
my $prevuuid = $uuidgen->to_string($uuid);

for (1..5) {
    my $uuid = $uuidgen->create_from_name(NameSpace_X500, $prevuuid);

    $prevuuid = $uuidgen->to_string($uuid);

    print $prevuuid . "\n";
};

    [download]
    yields 
    997737A7-8390-360A-A356-92B94CC4F6BC
3CA5C37D-B2B7-343F-B1F5-A0F3DAED46F2
21CBBF52-8C16-3AFE-9F40-DCD60825842D
741F2107-D4C1-322C-AEFE-638F63502407
1D47E49F-7568-30D2-9E27-5AF90D407F58

    [download]
    Certainly less predictable.

    So, the question becomes: have I sacrificed any randomness or uniqueness by doing this?

    -=Chris

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://218860]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (8)
As of 2024-04-18 17:48 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found