超越PHP - Exceed PHP: uniqid

Description

string uniqid ( [string prefix [, bool more_entropy]])

uniqid() returns a prefixed unique identifier based on the current time in microseconds. prefix is optional but can be useful, for instance, if you generate identifiers simultaneously on several hosts that might happen to generate the identifier at the same microsecond. Up until PHP 4.3.1, prefix could only be a maximum of 114 characters long.

If the optional more_entropy parameter is TRUE, uniqid() will add additional entropy (using the combined linear congruential generator) at the end of the return value, which should make the results more unique.

With an empty prefix, the returned string will be 13 characters long. If more_entropy is TRUE, it will be 23 characters.

注: The more_entropy parameter was introduced in PHP 3.0.13.

If you need a unique identifier or token and you intend to give out that token to the user via the network (i.e. session cookies), it is recommended that you use something along these lines:


<?php

// no prefix

$token = md5(uniqid());



// better, difficult to guess

$better_token = md5(uniqid(rand(), true));

?>

This will create a 32 character identifier (a 128 bit hex number) that is extremely difficult to predict.

add a note User Contributed Notes
uniqid

17-Jan-2003 10:06

A more random (and thus better) prefix can be achieved with
mt_rand():

list($usec, $sec) = explode(' ',
microtime());
mt_srand((float) $sec + ((float) $usec *
100000));
$rand_string = md5(uniqid(mt_rand(), true));

add a note