OK, I just updated the repo. I'm now using this:
PHP Code:
$random_unique_int = 2147483648 + mt_rand( -2147482447, 2147483647 );
This gives a semi random integer between 1200 and 4294967295, which was my original intention.
Please keep in mind that the examples controller is really just for simple examples. It's not meant to build off of. You may not want to randomize your user IDs, and perhaps instead auto increment them. You may also want to create blocks of user IDs for different user types. Whatever you decide to do, just keep in mind that because the user ID field in the database is int(10), you are limited to 4294967295 if UNSIGNED, and it is unsigned by default.
You may decide that randomizing the user IDs is beneficial for some reason. Although, as Narf points out, mt_rand is not so random, it's been random enough for me. I like the idea of having user IDs that are not auto incremented, because who is always admin? Yeah, #1, right? Another thing to consider is that if you have a user that has a ID that is 10101. They will probably assume that there is a user ID 10102. If you are randomizing IDs, the chances of a user guessing another user's ID is difficult. In the range of 1200 to 4294967295 is A LOT of numbers! Over 4 Billion.
I'm a firm believer that security through obscurity is not security at all, but it doesn't hurt to make things harder. Anyways, thanks for using Community Auth and providing feedback. These kinds of things will lead to a better Community Auth.
