PHP:生成唯一和随机的数字/ID [英] PHP: generate unique and random numbers/ IDs

问题描述

我想生成唯一的随机数字或 ID，我可以将它们用于电子邮件验证、帐户重置、会员邀请等目的

I want to generate unique and random numbers or IDs which I can use them for email verification, account reset, member invitation purposes, etc

例如

http://mywebsite.com/member/9a5af103cd540aa 
http://mywebsite.com/invite/regitration/eef0dd2e0199640 
http://mywebsite.com/reset/account/eef0dd2e0199640 

这里是我打算使用的代码，您认为它安全且防弹"吗?

Here I the code I plan to use, do you think it is safe and 'bullet proof'?

$rand = substr(hash('sha512',uniqid(rand(), true)), 0, 15);
echo $rand;

或者有更好的选择吗?

谢谢.

从这里得到建议后，我研究了几个选项:

I have looked into a couple of options after getting the suggestions from here:

com_create_guid

function create_guid()
{
    if (function_exists('com_create_guid') === true)
    {
        return trim(com_create_guid(), '{}');
    }

    # fallback to mt_rand if php < 5 or no com_create_guid available
    return sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));

    //return substr(hash('sha512',uniqid(rand(), true)), 0, 15);
}

openssl_random_pseudo_bytes

function generate_password($length = 24) {

    if(function_exists('openssl_random_pseudo_bytes')) {
        $password = base64_encode(openssl_random_pseudo_bytes($length, $strong));
        if($strong == TRUE)
            return substr($password, 0, $length); //base64 is about 33% longer, so we need to truncate the result
    }

    # fallback to mt_rand if php < 5.3 or no openssl available
    $characters = '0123456789';
    $characters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz/+'; 
    $charactersLength = strlen($characters)-1;
    $password = '';

    # select some random characters
    for ($i = 0; $i < $length; $i++) {
        $password .= $characters[mt_rand(0, $charactersLength)];
    }        

    return $password;
}

我从 php.net 上找到了这两个函数.

I found these two functions from php.net.

但我主要关心的是 - 这两个函数生成的数字/ID 是唯一的吗?

But my main concern is - are the numbers/ IDs generated by these two functions unique?

mt_rand - 据我所知，这会产生随机性，但不会产生唯一性 - 对吗?

mt_rand - this generate randomness but not uniqueness as far as I understand - am I right?

推荐答案

您可以使用 openssl_random_pseudo_bytes() 函数生成任意数量的随机字节.

You can use openssl_random_pseudo_bytes () function to generate as many random bytes as you like.

这篇关于PHP:生成唯一和随机的数字/ID的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！