How random is rand()?

Forum Moderators: coopster

Message Too Old, No Replies

How random is rand()?

Jeremy_H

6:45 am on Dec 5, 2006 (gmt 0)

Hello,

I'm trying to make unique IDs for my users, so I'm concatenating their IP address with the time of their first access.

ie:

"255.255.255.255-1135296000"

I would imagine this this would give a pretty good unique ID, but then I then I saw an unlikely flaw:

A "unique" id would be given twice if one computer had two first requests at the same time. (ie: If the user has FF and IE opened and accessed the site within the same second)

To remedy this, I decided to concatenate a random number.

"255.255.255.255-1135296000-".rand(0,9999)

That way, in this very unlikely event, there would only be a 1/10000 chance of two equal "unique" IDs.

However, I remembered that rand is only a pseudo random number. I'm thinking that if it's based on time, then that defeats the purpose of adding the random number, since the two times would be the same.

So I'm wondering, how random is rand(), and should I add the random number to the unique IDs?

Thanks

mcibor

9:09 am on Dec 5, 2006 (gmt 0)

You needn't worry - the rand is based on microsecond, not second

[de3.php.net...]

It's based on Mersenne Twister [math.sci.hiroshima-u.ac.jp]

Moreover the seed is also random, so it would require running both instances synchronized.

Therefore your code should run smoothly.

Michal

PS. There's no problem in checking ;)

Moosetick

4:14 pm on Dec 5, 2006 (gmt 0)

If you are really worried about a collision, then you could just use a counter. Start it at 1 and each new user could increment by one. When you get to 10, 100, or 1000 you could start over.

FalseDawn

6:24 pm on Dec 5, 2006 (gmt 0)

You seem to be using a very convoluted method of doing something already built in to PHP:
[php.net...]

Why do you need this unique ID, anyway - if you are storing this info in a database, just use a numeric auto increment column as the ID.