string Laravel str_random() 还是自定义函数?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/23015874/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-09-09 02:15:58  来源:igfitidea点击:

Laravel str_random() or custom function?

stringfunctionrandomlaraveluuid

提问by Mike

Is the Laravel str_random() function random enough so that I can use it for IDs?

Laravel str_random() 函数是否足够随机,以便我可以将其用于 ID?

For example:

例如:

str_random(32);

This produces a random string of length 32 made up of alphanumeric characters [a-zA-z0-9] (62 characters in total).

这会产生一个长度为 32 的随机字符串,由字母数字字符 [a-zA-z0-9](总共 62 个字符)组成。

Which equates to 2272657884496751345355241563627544170162852933518655225856 possibilities.

这相当于 2272657884496751345355241563627544170162852933518655225856 种可能性。

However, my question is, is this going to be good enough? Or should I consider using UUIDs or another custom function.

但是,我的问题是,这是否足够好?或者我应该考虑使用 UUID 或其他自定义函数。

回答by Antonio Carlos Ribeiro

str_random(Str::random()) tries to use openssl_random_pseudo_byteswhich is a pseudo random number generator optimized for cryptography, not uniqueness. If openssl_random_pseudo_bytesis not available, it falls back to quickRandom():

str_random( Str::random()) 尝试使用openssl_random_pseudo_bytes哪个是针对密码术优化的伪随机数生成器,而不是唯一性。如果openssl_random_pseudo_bytes不可用,则回退到quickRandom()

public static function quickRandom($length = 16)
{
    $pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';

    return substr(str_shuffle(str_repeat($pool, 5)), 0, $length);
}

In my opinion quickRandomcode is notreliable for uniqueness nor cryptography.

在我看来,quickRandom代码的唯一性和密码学都不可靠。

Yes, having openssl_random_pseudo_bytesand using 32 bytes is almost impossible to see a collision, but it's still possible. If you want to make sure your strings/numbers will be unique (99.99%), you better use a UUID function. This is what I normally use:

是的,拥有openssl_random_pseudo_bytes和使用 32 个字节几乎不可能看到冲突,但它仍然是可能的。如果您想确保您的字符串/数字是唯一的 (99.99%),您最好使用 UUID 函数。这是我通常使用的:

/**
 * 
 * Generate v4 UUID
 * 
 * Version 4 UUIDs are pseudo-random.
 */
public static function v4() 
{
    return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',

    // 32 bits for "time_low"
    mt_rand(0, 0xffff), mt_rand(0, 0xffff),

    // 16 bits for "time_mid"
    mt_rand(0, 0xffff),

    // 16 bits for "time_hi_and_version",
    // four most significant bits holds version number 4
    mt_rand(0, 0x0fff) | 0x4000,

    // 16 bits, 8 bits for "clk_seq_hi_res",
    // 8 bits for "clk_seq_low",
    // two most significant bits holds zero and one for variant DCE1.1
    mt_rand(0, 0x3fff) | 0x8000,

    // 48 bits for "node"
    mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
    );
}

It generates a VALID RFC 4211 COMPLIANT version 4 UUID.

它生成一个 VALID RFC 4211 COMPLIANT version 4 UUID。

Check this: http://en.wikipedia.org/wiki/UUID#Random%5FUUID%5Fprobability%5Fof%5Fduplicates

检查这个:http: //en.wikipedia.org/wiki/UUID#Random%5FUUID%5Fprobability%5Fof%5Fduplicates

回答by hashem sheikhypour

you can use this

你可以用这个

use Illuminate\Support\Str;

$random = Str::random(40);

回答by hosein azimi

You can use thispackage.

你可以使用这个包。

For example:

例如:

Uuid::generate()