Re: [PHP] uniqid function
* Thus wrote Michael Gale: Hello, I have a question about the uniqid function ... on a loaded system ... lets say 60 people connected with each person making 2-3 web request per second. Each request running the following php command: $token_name=md5(uniqid(rand(), true)); What would the odds be of the $token_name being repeated ? Is this something I would have to worry about ?. The odds are very low. uniqid() by itself is based of of time to the microsecond. The lcg paremater randomized a psudo number to avoid collisions at the same microsecond. And the rand(), depending on you're system, defaults to seeding itself with including the PID. So the seed to rand() should, in theory, be different for each differnt request. The md5() is rather pointless in the uniqness of the token, it will basically prevent intruders from predicting a token. Nonetheless, it's probably still desired in your token generation. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] uniqid function
Thanks for the reply. Michael. On Tue, 6 Jul 2004 06:38:57 + Curt Zirzow [EMAIL PROTECTED] wrote: * Thus wrote Michael Gale: Hello, I have a question about the uniqid function ... on a loaded system ... lets say 60 people connected with each person making 2-3 web request per second. Each request running the following php command: $token_name=md5(uniqid(rand(), true)); What would the odds be of the $token_name being repeated ? Is this something I would have to worry about ?. The odds are very low. uniqid() by itself is based of of time to the microsecond. The lcg paremater randomized a psudo number to avoid collisions at the same microsecond. And the rand(), depending on you're system, defaults to seeding itself with including the PID. So the seed to rand() should, in theory, be different for each differnt request. The md5() is rather pointless in the uniqness of the token, it will basically prevent intruders from predicting a token. Nonetheless, it's probably still desired in your token generation. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] uniqid function
Hello, I have a question about the uniqid function ... on a loaded system ... lets say 60 people connected with each person making 2-3 web request per second. Each request running the following php command: $token_name=md5(uniqid(rand(), true)); What would the odds be of the $token_name being repeated ? Is this something I would have to worry about ?. Michael. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
