Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:110040
Return-Path: <rowan.collins@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 88949 invoked from network); 6 May 2020 13:58:51 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 6 May 2020 13:58:51 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 2F1871804C9
	for <internals@lists.php.net>; Wed,  6 May 2020 05:33:59 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,
	MALFORMED_FREEMAIL,MISSING_HEADERS,RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no
	autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <rowan.collins@gmail.com>
Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed,  6 May 2020 05:33:58 -0700 (PDT)
Received: by mail-wm1-f52.google.com with SMTP id v8so4862703wma.0
        for <internals@lists.php.net>; Wed, 06 May 2020 05:33:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:user-agent:in-reply-to:references:mime-version
         :content-transfer-encoding:subject:cc:from:message-id;
        bh=yKKzTb8jphBbXjOG13vbeavFjYcLyfX1ySs6j6nYaXY=;
        b=s9ZsLhnExs2VyaM6i4aPD6yG8wD0KamXO15BsttCO4BMUsU3bqsSQZhEEPS81fH2sd
         3wz7t2Pfwm2u7ljDgqpStlrPmK4ujS8ZVgMZ9MYGAXaKIzVXlyl7EnGURRJm9Rvuy1jC
         ayQgeidF/J4QoXI0UXKN2noI3vogSp1fnE+TZ1BNfOlWBJnldLlaBkhI1aXp5+UmHK2v
         o5eIIh4LLb3XiAEuv3npICiJjV9un/nwzbDSaDOMjtggbQhH47M+5JENt3TA9mRkAP8T
         z5IXvxIpxZsQ0Ztr5cTAjq99u20roszyMft7j4eFh1qn6NAoDvBvlYgsXBvhkXtyTUYV
         pUeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:user-agent:in-reply-to:references
         :mime-version:content-transfer-encoding:subject:cc:from:message-id;
        bh=yKKzTb8jphBbXjOG13vbeavFjYcLyfX1ySs6j6nYaXY=;
        b=Q3z16d5EASzaVXtbivZAPo/4XyYxReZLq2TC9VXy5ElJpkEGmrfRQ3X5eHoPK2FO/b
         MwM+Tq4s0Gbva7w5UFHAqCayb4U0Ytm84hN3NSykjmHJxpmMCYWHGZUSxVOr7BpHJTFP
         jszYN+We+85r8lGP2OYL8XlZxAqsJyl68XC/rnI++LDxv+L2sIZKyHEMOOqNutboYkNK
         KecF9JDLcukaOp/u5UtIdsm/PDfbqYONZrhG+7m59tzdioGwknlZwJ7EmdBwT8Y4Hq2K
         Yn+zPN1HxbRC8jxw6B5fNZ+Jt66+Z3QCqITQ/ZY4MTStrRSzXw6l7jzPd8L6oDv4Pud4
         A9ug==
X-Gm-Message-State: AGi0Pub9rkky2EyqhLRQORZ5BQgNqdbQHZQpFgiWEc8qHIQMHX+4+TnT
	VKatuNpr+rxtWI3mgkl0EYhY1bAH
X-Google-Smtp-Source: APiQypL5HjDL0zoqJ8DwZfdn5+dn1oiQT8LtpKiUrygcB7GskItRomJ3K/Nkjs/ztxKgAA4BLIADlA==
X-Received: by 2002:a7b:cf27:: with SMTP id m7mr4407386wmg.183.1588768431021;
        Wed, 06 May 2020 05:33:51 -0700 (PDT)
Received: from [192.168.0.12] (cpc84253-brig22-2-0-cust114.3-3.cable.virginm.net. [81.108.141.115])
        by smtp.gmail.com with ESMTPSA id z16sm2653662wrl.0.2020.05.06.05.33.50
        for <internals@lists.php.net>
        (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
        Wed, 06 May 2020 05:33:50 -0700 (PDT)
Date: Wed, 06 May 2020 13:33:48 +0100
User-Agent: K-9 Mail for Android
In-Reply-To: <CAL0xaBG-VLN6pMPoKttkCZLXdzOKJLo0mdZvL2ggOy1Fqjae8w@mail.gmail.com>
References: <9e3b1604-8d0a-9db4-aab6-e5f2198252f4@allenjb.me.uk> <C4580849-BC5B-45CA-9B57-56CB63B3F8F0@benramsey.com> <3a2924d2-31b9-fee5-5548-49c889eca2f4@heigl.org> <CALKiJKoXfW2usFmHS2ev2ihe6i=SV5JQaMgQmHCi5-rqeEdOWw@mail.gmail.com> <CANUQDCi3+fzy9E9kJ-vuDsTXMwNko9PpBUBAGUTxacdaQFPE5g@mail.gmail.com> <CAJvSBVMGEyqKNOxtGLyVqKrc0YRpiTyc8Ok55cocSS-2trL=Xw@mail.gmail.com> <CALKiJKpTf3AyhLjbMOu+gO--gmgatZ0Nazbsj2AZ-L2PVvOe5w@mail.gmail.com> <CAL0xaBG-VLN6pMPoKttkCZLXdzOKJLo0mdZvL2ggOy1Fqjae8w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable
CC: PHP internals <internals@lists.php.net>
Message-ID: <D21D4456-228B-4059-9B51-F40B3EC94286@gmail.com>
Subject: Re: [PHP-DEV] Deprecating uniqid()
From: rowan.collins@gmail.com (Rowan Tommins)

On 5 May 2020 09:42:19 BST, Arvids Godjuks <arvids=2Egodjuks@gmail=2Ecom> w=
rote:
>So in my opinion, a better replacement for uniqid is needed - have it
>generate a bigger string with more entropy and better underline algorithm=
,
>but it being time-based should be a thing stiff=2E And do not call it a
>"random_string" or something, cause it's not that :)


A question just got posted on Stack Overflow asking for pretty much exactl=
y what we've been discussing: https://stackoverflow=2Ecom/q/61634022/157957

You're right that the requirements for "random" and "unique" are distinct=
=2E Perhaps what we need is a unique_string function that allows you to spe=
cify the format (length and some control over allowed characters) and uses =
a mix of randomness and time (perhaps using the same time source as hrtime(=
)?)=2E

Then uniqid() could be deprecated, and anyone relying on its exact format =
could write a polyfill, while people wanting other formats wouldn't need to=
 mess around with binhex, hexdec, etc=2E


Regards,

--=20
Rowan Tommins
[IMSoP]