Re: Extending uniqid() or not?

From:	Yasuo Ohgaki	Date:	Sun, 02 Feb 2014 23:07:09 +0000
Subject:	Re: Extending uniqid() or not?
References:	1 2 3 4	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

Hi Stas,

On Mon, Feb 3, 2014 at 8:02 AM, Stas Malyshev <[email protected]>wrote:

>
> > My question is if we should extend uniqid() or add new function that
> > actually
> > generates safe ID string. We may add more description to uniqid() page,
>
> How mcrypt_create_iv is not safe? It generates a random string, you need
> a random string, what's unsafe in it?


It's safe as long as users do not use RAND as random source.

There are many use cases that users need secure random string and
there are many mistakes out there. I'm questioning if we should have
easy to use and easy to find function for it or not.

Better documentation is valid option rather than have a function.
Do you suggest documentation as a solution?

Regards,

--
Yasuo Ohgaki
[email protected]


   

Thread (29 messages)

• Yasuo OhgakiSun, 02 Feb 2014 04:32:21 +0000
  • Martin JansenSun, 02 Feb 2014 07:35:46 +0000
    • Yasuo OhgakiSun, 02 Feb 2014 10:12:01 +0000
      • Pierre JoyeSun, 02 Feb 2014 10:27:27 +0000
      • Tjerk MeestersSun, 02 Feb 2014 23:55:04 +0000
        • Yasuo OhgakiMon, 03 Feb 2014 01:13:45 +0000
          • Yasuo OhgakiMon, 03 Feb 2014 01:33:48 +0000
          • Tjerk MeestersMon, 03 Feb 2014 04:59:12 +0000
            • Yasuo OhgakiMon, 03 Feb 2014 05:08:24 +0000
            • Pierre JoyeMon, 03 Feb 2014 06:25:20 +0000
              • Yasuo OhgakiMon, 03 Feb 2014 07:20:27 +0000
              • Tjerk MeestersMon, 03 Feb 2014 07:45:32 +0000
                • Pierre JoyeMon, 03 Feb 2014 08:00:15 +0000
  • Stas MalyshevSun, 02 Feb 2014 10:33:00 +0000
    • Yasuo OhgakiSun, 02 Feb 2014 22:08:45 +0000
      • Arvids GodjuksSun, 02 Feb 2014 22:41:14 +0000
        • Yasuo OhgakiSun, 02 Feb 2014 22:51:03 +0000
      • Yasuo OhgakiSun, 02 Feb 2014 22:46:03 +0000
        • Yasuo OhgakiMon, 03 Feb 2014 01:26:17 +0000
      • Pierre JoyeSun, 02 Feb 2014 22:59:09 +0000
      • Stas MalyshevSun, 02 Feb 2014 23:02:29 +0000
        • Yasuo OhgakiSun, 02 Feb 2014 23:07:09 +0000
          • Stas MalyshevSun, 02 Feb 2014 23:33:14 +0000
  • Lester CaineSun, 02 Feb 2014 13:14:08 +0000
  • Derick RethansMon, 03 Feb 2014 10:08:19 +0000
    • Yasuo OhgakiMon, 03 Feb 2014 21:25:38 +0000
  • Pádraic BradyMon, 03 Feb 2014 11:48:52 +0000
• Andrey AndreevMon, 03 Feb 2014 08:13:26 +0000Re: Extending uniqid() or not?
  • Stas MalyshevMon, 03 Feb 2014 08:18:49 +0000