Should primary keys of MySQL tables be exposed?

Question

I have a number of MySQL tables describing models such as \"User\", \"Business\" etc. Should the primary keys of these tables ever be exposed to the client-side? I am asking

Answer 1

One could use hashing if looking for another layer of security, if your users don't mind the obfuscated URL. Something like the below in PHP.

$id = 1234;
$url = 'http://domain.com?id='. $id .'&v='. sha1('SALT1'. $id. 'SALT2');

Data on the server end can be double checked as below.

if ( $_GET['v'] == sha1('SALT1'. $_GET['id']. 'SALT2') ){
//run further checks here
}