I have a users
table with an auto-increment id
and also a unique alphanumeric pid
. Only pid
is publicly exposed, since I dont want hackers gaming the system by running a for
loop over id
and extracting all users data.
Question is, do I even need to store auto-increment id
in the first place? I need to choose a foreign key for other user related tables like user_details
, user_orders
etc. Should I use pid
or numeric id
as fk?
Some concerns:
- Joins - Will joins using
id
be more efficient thanpid
? - Indexes - Will indexing
id
be faster than indexingpid
? - Transactions - Are transactions, involving multiple atomic inserts, feasible when
pid
is used asforeign_key
?