![]() YOU SHOULD NOT BE USING THIS FUNCTION. Throw new Exception('Random number generator failure') * Let's turn $randomByteString into an integer ![]() $randomByteString = random_bytes($bytes) * Let's grab the necessary number of random bytes 'random_int: RNG is broken - too many rejections' * $bits is effectively ceil(log($range, 2)) without dealing with * We use ~0 as a mask in this case because it generates all 1s * a float and we will lose some precision. * overflow, however, if $max - $min > PHP_INT_MAX. * At this point, $range is a positive number greater than 0. $attempts = $bits = $bytes = $mask = $valueShift = 0 * so we can minimize the number of discards * $mask => an integer bitmask (for use with the &) operator * $bytes => the number of random bytes we need ![]() 'Minimum value must be less than or equal to the maximum value' * Windows with PHP GetRandom($bytes, 0)) Decrease the number of bytes returned from remaining $streamset = stream_set_read_buffer($fp, 0) $buf = mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM) If you're using libsodium (which we highly recommend), you can use Sodium::randombytes_uniform() like so: function random_str($length, $keyspace = 'abcdefghijklmnopqrstuvwxyz234567') ![]() $password = $generator->generateString(26, 'abcdefghijklmnopqrstuvwxyz234567') Alternatively, Anthony Ferrara's RandomLib is a good choice. Quick Answer: If you're developing a web application and your project needs a simple and safe solution for generating random integers or strings, just use random_bytes() (PHP 7 only, or available through our random_compat library). ![]()
0 Comments
Leave a Reply. |