• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Generate code without guess

#4
(09-29-2017, 10:43 AM)PaulD Wrote: Here is something I use.

PHP Code:
   public function generate_code() {
 
       // generate a randomish code
 
       $code bin2hex(pack('N'microtime(TRUE))).bin2hex(get_instance()->security->get_random_bytes(4));
 
       return $code;
 
   

It was suggested to me here on these forums somewhere by Narf ages ago but I use it all the time on almost every site I do. It is great for generating unique codes for urls, for all sorts of records, rather than using id. I have it in a functions model that has all my useful functions in. You could use more random bytes if you wanted a longer code.

Generates something like: 59aad953a91644ce

Hope it helps,

Paul

PS This is not for security, this is just to generate a code I can use instead of an ID, i.e.
Code:
Not: www.mysite.co.uk/view/record/4
But: www.mysite.co.uk/view/record/59aad953a91644ce
You still have to check it is unique when storing, and when using to retrieve a record that the user has permission to access it.

PHP Code:
/**
 * Generate a random string
 * 
 * @link https://paragonie.com/b/JvICXzh_jhLyt4y3
 *
 * @param int $length - How long should our random string be?
 * @param string $charset - A string of all possible characters to choose from
 * @return string
 */
function random_str($length 32$charset 'abcdefghijklmnopqrstuvwxyz')
{
    
// Type checks:
    
if (!is_numeric($length)) {
        throw new 
InvalidArgumentException(
            
'random_str - Argument 1 - expected an integer'
        
);
    }
    if (!
is_string($charset)) {
        throw new 
InvalidArgumentException(
            
'random_str - Argument 2 - expected a string'
        
);
    }

    if (
$length 1) {
        
// Just return an empty string. Any value < 1 is meaningless.
        
return '';
    }
    
    
// Remove duplicate characters from $charset
    
$split str_split($charset);
    
$charset implode(''array_unique($split));
    
    
// This is the maximum index for all of the characters in the string $charset
    
$charset_max strlen($charset) - 1;
    if (
$charset_max 1) {
        
// Avoid letting users do: random_str($int, 'a'); -> 'aaaaa...'
        
throw new LogicException(
            
'random_str - Argument 2 - expected a string that contains at least 2 distinct characters'
        
);
    }
    
// Now that we have good data, this is the meat of our function:
    
$random_str '';
    for (
$i 0$i $length; ++$i) {
        
$r random_int(0$charset_max);
        
$random_str .= $charset[$r];
    }
    return 
$random_str;


https://paragonie.com/blog/2015/07/commo...dom-string

https://github.com/paragonie/random_compat

@rtenny, using md5 width a timestamp is not the best idea. Use PaulD code or the random_str from paragonie.
Reply


Messages In This Thread
Generate code without guess - by omid_student - 09-29-2017, 05:27 AM
RE: Generate code without guess - by rtenny - 09-29-2017, 07:05 AM
RE: Generate code without guess - by omid_student - 09-29-2017, 01:06 PM
RE: Generate code without guess - by PaulD - 09-29-2017, 10:43 AM
RE: Generate code without guess - by Paradinight - 09-29-2017, 11:55 AM
RE: Generate code without guess - by omid_student - 09-29-2017, 01:09 PM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.