From: bernard dot fouche at kuantic dot com Operating system: Any PHP version: 5.2.9 PHP Bug Type: Feature/Change Request Bug description: Function 'uniqid()' has a design flaw
Description: ------------ IMHO 'uniqid()' does not provide any warranty about the returned id being really 'uniq': - uniqid() just calls 'gettimeofday()' (from php-5.2.9/ext/standard/uniqid.c): there is no warranty that the underlying operating system is able to really count microseconds. May be it counts by chunks of 10us, or 1ms, etc.. - With multi-core CPU and since AFAIK gettimeofday() is not a 'real' system call any more (on Linux) but reads from shared memory updated by the kernel, chances to have more than one process or thread being able to get the same value are much higher than with older hardware and OS implementations. - NTP may update the system time and whack the microsecond counter at any time. I think that uniqid() should rely on other information, like the process ID, thread ID, and an internal counter... Sure the programmer can use the 'prefix', but then what is the purpose of this function if the programmer has to take care about these details? Reproduce code: --------------- --- >From manual page: function.uniqid --- -- Edit bug report at http://bugs.php.net/?id=47890&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=47890&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=47890&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=47890&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=47890&r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=47890&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=47890&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=47890&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=47890&r=needscript Try newer version: http://bugs.php.net/fix.php?id=47890&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=47890&r=support Expected behavior: http://bugs.php.net/fix.php?id=47890&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=47890&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=47890&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=47890&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47890&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=47890&r=dst IIS Stability: http://bugs.php.net/fix.php?id=47890&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=47890&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=47890&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=47890&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=47890&r=mysqlcfg
