On 13/01/15 04:20, Sammy Powers wrote: > Anyways. Hi! I'm Sammy! After the security discussion today on the PHP > Roundtable (http://www.phproundtable.com/) I wanted to submit an RFC to > make uniqid() return a cryptographically secure psudo-random string in PHP > 7.
Why do people think that because a function does not do what they want it needs changing? There is no reason to break applications that use uniqid for it's intended function, which is simply to produce a consistent indexable ID not a random number! As stated in the manual, if you want a cryptographically secure value use openssl_random_pseudo_bytes or alternately one of the uuid libraries. -- Lester Caine - G8HFL ----------------------------- Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk Rainbow Digital Media - http://rainbowdigitalmedia.co.uk -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
