Hi, >> The uniqid() manual explicitly say, >> >> - default value of more_entropy is false >> >> - the returned string will be 13 characters long. If more_entropy is >> TRUE, it will be 23 characters. >> >> - if more_entropy is set to TRUE, uniqid() will add additional entropy >> (using the combined linear congruential generator) at the end of the >> return value >> >> http://php.net/manual/en/function.uniqid.php .... > It's legacy design. > > php_combined_lcg() must not be used, especially functions like > uniqid(). i.e. It's supposed to generate unique ID based on time, but > php_combined_lcg() generates pseudo random from current time. > > It's more than obvious it's legacy and obsolete today.
I agree that uniqid() is legacy design API. And, > Current implementation is good enough for most cases, but it can be better. I agree this legacy design API works good enough for most cases. So, I think it should not be changed in BC break way. -- Kazuo Oishi -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
