Is the ID generated by PHP's uniqid function really unique?

步履不停
Release: 2023-02-23 06:38:02
Original
3784 people have browsed it

Is the ID generated by PHPs uniqid function really unique?

I have recently used uniqid and have questions? What does the id generated by uniqid consist of? Is it really the only one? Under what circumstances will conflicts arise?

See from the document that the uniqid function has two parameters

Is the ID generated by PHPs uniqid function really unique?

The structure of uniqid

Look at the source code:

PHP_FUNCTION(uniqid)
{
    ...
    gettimeofday((struct timeval *) &tv, (struct timezone *) NULL);
    sec = (int) tv.tv_sec;
    usec = (int) (tv.tv_usec % 0x100000);

    ...    if (more_entropy) {
        uniqid = strpprintf(0, "%s%08x%05x%.8F", prefix, sec, usec, php_combined_lcg() * 10);
    } else {
        uniqid = strpprintf(0, "%s%08x%05x", prefix, sec, usec);
    }

    RETURN_STR(uniqid);
}
Copy after login

Basically understand it clearly. uniqid is composed of four parts:

prefix + sec + usec + “.” + php_combined_lcg
Copy after login

where prefix is ​​the first parameter of the uniqid function. It is a string, and whatever is passed in is returned directly.

sec is the second of the current clock and usec is the millisecond, both values ​​are obtained from gettimeofday. In other words, as long as they are on one machine, the sec and usec obtained by two PHP programs in the same millisecond are the same.

php_combined_lcg is determined by the second parameter of uniqid, which is an entropy value. It uses linear congruence to generate a random number between 0 and 1. If the second parameter is true, there is this value. If the second parameter is false, there is no value.

For example:

➜  ~ php -r 'echo uniqid("my_", true);'my_5afe9b414c2141.76621929
Copy after login

Conclusion

So, if we simply use the uniqid() method without any parameters, this method can only guarantee a single process. are unique within the same millisecond. If using uniqid("", true). With an entropy value, it already has a random method to ensure the randomness of the generated ID. However, since linear congruence is a relatively simple algorithm for generating random numbers, the randomness may not be enough. Therefore, a more random numerical method circulated on the Internet is:

uniqid(mt_rand(), true)
Copy after login

Among them, mt_rand() generates random numbers. Instead of using linear congruence to generate random numbers, use the Mersenne Twister Random Number Generator (Messenne Twister Algorithm). In other words, the above id is generated by two random algorithms + timestamp. Basically, this algorithm can guarantee uniqueness to a large extent (if you want to ask about the conflict rate, it is estimated that only mathematics students can figure it out...).

The ID given above will have a period, and the length is not 128 bits. If you want to generate a uuid, you need a hash, whether it is md5 or sha1. So there is another way to generate unique codes on the Internet. (php video tutorial)

md5(uniqid(mt_rand(), true))
Copy after login

However, essentially, the randomness of these two methods is equal.

md5(uniqid(mt_rand(), true))-------- I personally testify that this effect is good, not heavy, but irregular----my own words

The above is the detailed content of Is the ID generated by PHP's uniqid function really unique?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
php
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template