Comments on: Generating a random PHP identifier http://www.webtatic.com/blog/2009/05/generating-a-random-php-identifier/ Just another technical blog Fri, 20 Aug 2010 08:53:52 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Andy http://www.webtatic.com/blog/2009/05/generating-a-random-php-identifier/comment-page-1/#comment-59 Andy Sun, 31 May 2009 17:06:00 +0000 http://www.webtatic.com/?p=187#comment-59 Ah didn't notice that it was the default. The php.net documentation usually says what version the functions and constants are available from. Not sure why it doesn't mentioned it. Ah didn’t notice that it was the default.

The php.net documentation usually says what version the functions and constants are available from. Not sure why it doesn’t mentioned it.

]]> By: Paul Maunders http://www.webtatic.com/blog/2009/05/generating-a-random-php-identifier/comment-page-1/#comment-58 Paul Maunders Sun, 31 May 2009 16:57:22 +0000 http://www.webtatic.com/?p=187#comment-58 FILE_BINARY is only available in php 5.2.7 and above, so you get a PHP Notice: Message: Use of undefined constant FILE_BINARY - assumed 'FILE_BINARY' It looks like you can simple replace that flag with null, as it's the default behaviour anyway, e.g. $uniqueId = str_replace( array('+','/','='), array('-','_',''), base64_encode(file_get_contents('/dev/urandom', null, null, -1, 16))); FILE_BINARY is only available in php 5.2.7 and above, so you get a PHP Notice:

Message: Use of undefined constant FILE_BINARY – assumed ‘FILE_BINARY’

It looks like you can simple replace that flag with null, as it’s the default behaviour anyway, e.g.

$uniqueId = str_replace(
array(‘+’,'/’,'=’),
array(‘-’,'_’,”),
base64_encode(file_get_contents(‘/dev/urandom’, null, null, -1, 16)));

]]> By: Andy http://www.webtatic.com/blog/2009/05/generating-a-random-php-identifier/comment-page-1/#comment-52 Andy Sun, 03 May 2009 14:07:50 +0000 http://www.webtatic.com/?p=187#comment-52 I originally wrote the article thinking PHP integer's were 16 bit, that would have made 88 bits, but obviously they are 32 bits, so is a lot stronger. Either way, md5ing seems a strange way to obfuscate into a 128 bit hash a random string with less randomness than 128 bits of random data. I originally wrote the article thinking PHP integer’s were 16 bit, that would have made 88 bits, but obviously they are 32 bits, so is a lot stronger.

Either way, md5ing seems a strange way to obfuscate into a 128 bit hash a random string with less randomness than 128 bits of random data.

]]> By: Andy http://www.webtatic.com/blog/2009/05/generating-a-random-php-identifier/comment-page-1/#comment-51 Andy Sun, 03 May 2009 13:57:49 +0000 http://www.webtatic.com/?p=187#comment-51 Actually, I guess it would be better not to open a child process to read the file, I was just being lazy. I've updated the post. So it would be: $random_url_string = str_replace( array(’+',’/',’='), array(’-',’_',”), base64_encode(file_get_contents('/dev/urandom', FILE_BINARY, null, -1, 16))); Actually, I guess it would be better not to open a child process to read the file, I was just being lazy. I’ve updated the post.

So it would be:
$random_url_string = str_replace(
array(’+’,’/’,’=’),
array(’-’,’_’,”),
base64_encode(file_get_contents(‘/dev/urandom’, FILE_BINARY, null, -1, 16)));

]]> By: Paul Maunders http://www.webtatic.com/blog/2009/05/generating-a-random-php-identifier/comment-page-1/#comment-50 Paul Maunders Sun, 03 May 2009 10:02:49 +0000 http://www.webtatic.com/?p=187#comment-50 So would you ultimately recommend: $random_url_string = str_replace( array('+','/','='), array('-','_',''), base64_encode(`dd if=/dev/urandom bs=16 count=1`); So would you ultimately recommend:

$random_url_string = str_replace(
array(‘+’,'/’,'=’),
array(‘-’,'_’,”),
base64_encode(`dd if=/dev/urandom bs=16 count=1`);

]]>