PHP random string generator
PhpStringRandomPhp Problem Overview
I'm trying to create a randomized string in PHP, and I get absolutely no output with this:
<?php
function RandomString()
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randstring = '';
for ($i = 0; $i < 10; $i++) {
$randstring = $characters[rand(0, strlen($characters))];
}
return $randstring;
}
RandomString();
echo $randstring;
What am I doing wrong?
Php Solutions
Solution 1 - Php
To answer this question specifically, two problems:
$randstring
is not in scope when you echo it.- The characters are not getting concatenated together in the loop.
Here's a code snippet with the corrections:
function generateRandomString($length = 10) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
Output the random string with the call below:
// Echo the random string.
// Optionally, you can give it a desired string length.
echo generateRandomString();
> Please note that this generates predictable random strings. If you want to create secure tokens, see this answer.
Solution 2 - Php
> Note: str_shuffle()
internally uses rand()
, which is unsuitable for cryptography purposes (e.g. generating random passwords). You want a secure random number generator instead. It also doesn't allow characters to repeat.
One more way.
UPDATED (now this generates any length of string):
function generateRandomString($length = 10) {
return substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length/strlen($x)) )),1,$length);
}
echo generateRandomString(); // OR: generateRandomString(24)
That's it. :)
Solution 3 - Php
There are a lot of answers to this question, but none of them leverage a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG).
The simple, secure, and correct answer is to use RandomLib and don't reinvent the wheel.
For those of you who insist on inventing your own solution, PHP 7.0.0 will provide random_int()
for this purpose; if you're still on PHP 5.x, we wrote a PHP 5 polyfill for random_int()
so you can use the new API even before you upgrade to PHP 7.
Safely generating random integers in PHP isn't a trivial task. You should always check with your resident StackExchange cryptography experts before you deploy a home-grown algorithm in production.
With a secure integer generator in place, generating a random string with a CSPRNG is a walk in the park.
Creating a Secure, Random String
/**
* Generate a random string, using a cryptographically secure
* pseudorandom number generator (random_int)
*
* This function uses type hints now (PHP 7+ only), but it was originally
* written for PHP 5 as well.
*
* For PHP 7, random_int is a PHP core function
* For PHP 5.x, depends on https://github.com/paragonie/random_compat
*
* @param int $length How many characters do we want?
* @param string $keyspace A string of all possible characters
* to select from
* @return string
*/
function random_str(
int $length = 64,
string $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
): string {
if ($length < 1) {
throw new \RangeException("Length must be a positive integer");
}
$pieces = [];
$max = mb_strlen($keyspace, '8bit') - 1;
for ($i = 0; $i < $length; ++$i) {
$pieces []= $keyspace[random_int(0, $max)];
}
return implode('', $pieces);
}
Usage:
$a = random_str(32);
$b = random_str(8, 'abcdefghijklmnopqrstuvwxyz');
$c = random_str();
Demo: https://3v4l.org/IMJGF (Ignore the PHP 5 failures; it needs random_compat)
Solution 4 - Php
This creates a 20 character long hexadecimal string:
$string = bin2hex(openssl_random_pseudo_bytes(10)); // 20 chars
In PHP 7 (random_bytes()):
$string = base64_encode(random_bytes(10)); // ~14 characters, includes /=+
// or
$string = substr(str_replace(['+', '/', '='], '', base64_encode(random_bytes(32))), 0, 32); // 32 characters, without /=+
// or
$string = bin2hex(random_bytes(10)); // 20 characters, only 0-9a-f
Solution 5 - Php
@tasmaniski: your answer worked for me. I had the same problem, and I would suggest it for those who are ever looking for the same answer. Here it is from @tasmaniski:
<?php
$random = substr(md5(mt_rand()), 0, 7);
echo $random;
?>
Here is a youtube video showing us how to create a random number
Solution 6 - Php
Depending on your application (I wanted to generate passwords), you could use
$string = base64_encode(openssl_random_pseudo_bytes(30));
Being base64, they may contain =
or -
as well as the requested characters. You could generate a longer string, then filter and trim it to remove those.
openssl_random_pseudo_bytes
seems to be the recommended way way to generate a proper random number in php. Why rand
doesn't use /dev/random
I don't know.
Solution 7 - Php
PHP 7+ Generate cryptographically secure random bytes using random_bytes function.
$bytes = random_bytes(16);
echo bin2hex($bytes);
Possible output > da821217e61e33ed4b2dd96f8439056c
PHP 5.3+ Generate pseudo-random bytes using openssl_random_pseudo_bytes function.
$bytes = openssl_random_pseudo_bytes(16);
echo bin2hex($bytes);
Possible output >e2d1254506fbb6cd842cd640333214ad
The best use case could be
function getRandomBytes($length = 16)
{
if (function_exists('random_bytes')) {
$bytes = random_bytes($length / 2);
} else {
$bytes = openssl_random_pseudo_bytes($length / 2);
}
return bin2hex($bytes);
}
echo getRandomBytes();
Possible output >ba8cc342bdf91143
Solution 8 - Php
Here is a simple one-liner that generates a true random string without any script level looping or use of OpenSSL libraries.
echo substr(str_shuffle(str_repeat('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', mt_rand(1,10))), 1, 10);
To break it down so the parameters are clear
// Character List to Pick from
$chrList = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
// Minimum/Maximum times to repeat character List to seed from
$chrRepeatMin = 1; // Minimum times to repeat the seed string
$chrRepeatMax = 10; // Maximum times to repeat the seed string
// Length of Random String returned
$chrRandomLength = 10;
// The ONE LINE random command with the above variables.
echo substr(str_shuffle(str_repeat($chrList, mt_rand($chrRepeatMin,$chrRepeatMax))), 1, $chrRandomLength);
This method works by randomly repeating the character list, then shuffles the combined string, and returns the number of characters specified.
You can further randomize this, by randomizing the length of the returned string, replacing $chrRandomLength
with mt_rand(8, 15)
(for a random string between 8 and 15 characters).
Solution 9 - Php
A better way to implement this function is:
function RandomString($length) {
$keys = array_merge(range(0,9), range('a', 'z'));
$key = "";
for($i=0; $i < $length; $i++) {
$key .= $keys[mt_rand(0, count($keys) - 1)];
}
return $key;
}
echo RandomString(20);
mt_rand
is more random according to this and this in PHP 7. The rand
function is an alias of mt_rand
.
Solution 10 - Php
function generateRandomString($length = 15)
{
return substr(sha1(rand()), 0, $length);
}
Tada!
Solution 11 - Php
$randstring
in the function scope is not the same as the scope where you call it. You have to assign the return value to a variable.
$randstring = RandomString();
echo $randstring;
Or just directly echo the return value:
echo RandomString();
Also, in your function you have a little mistake. Within the for loop, you need to use .=
so each character gets appended to the string. By using =
you are overwriting it with each new character instead of appending.
$randstring .= $characters[rand(0, strlen($characters))];
Solution 12 - Php
First, you define the alphabet you want to use:
$alphanum = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$special = '~!@#$%^&*(){}[],./?';
$alphabet = $alphanum . $special;
Then, use openssl_random_pseudo_bytes()
to generate proper random data:
$len = 12; // length of password
$random = openssl_random_pseudo_bytes($len);
Finally, you use this random data to create the password. Because each character in $random
can be chr(0)
until chr(255)
, the code uses the remainder after division of its ordinal value with $alphabet_length
to make sure only characters from the alphabet are picked (note that doing so biases the randomness):
$alphabet_length = strlen($alphabet);
$password = '';
for ($i = 0; $i < $len; ++$i) {
$password .= $alphabet[ord($random[$i]) % $alphabet_length];
}
Alternatively, and generally better, is to use RandomLib and SecurityLib:
use SecurityLib\Strength;
$factory = new RandomLib\Factory;
$generator = $factory->getGenerator(new Strength(Strength::MEDIUM));
$password = $generator->generateString(12, $alphabet);
Solution 13 - Php
I've tested performance of most popular functions there, the time which is needed to generate 1'000'000 strings of 32 symbols on my box is:
2.5 $s = substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length/strlen($x)) )),1,32);
1.9 $s = base64_encode(openssl_random_pseudo_bytes(24));
1.68 $s = bin2hex(openssl_random_pseudo_bytes(16));
0.63 $s = base64_encode(random_bytes(24));
0.62 $s = bin2hex(random_bytes(16));
0.37 $s = substr(md5(rand()), 0, 32);
0.37 $s = substr(md5(mt_rand()), 0, 32);
Please note it is not important how long it really was but which is slower and which one is faster so you can select according to your requirements including cryptography-readiness etc.
substr() around MD5 was added for sake of accuracy if you need string which is shorter than 32 symbols.
For sake of answer: the string was not concatenated but overwritten and result of the function was not stored.
Solution 14 - Php
Here's my simple one line solution to generate a use friendly random password, excluding the characters that lookalike such as "1" and "l", "O" and "0", etc... here it is 5 characters but you can easily change it of course:
$user_password = substr(str_shuffle('abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789'),0,5);
Solution 15 - Php
One very quick way is to do something like:
substr(md5(rand()),0,10);
This will generate a random string with the length of 10 chars. Of course, some might say it's a bit more heavy on the computation side, but nowadays processors are optimized to run md5 or sha256 algorithm very quickly. And of course, if the rand()
function returns the same value, the result will be the same, having a 1 / 32767 chance of being the same. If security's the issue, then just change rand()
to mt_rand()
Solution 16 - Php
Short Methods..
Here are some shortest method to generate the random string
<?php
echo $my_rand_strng = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), -15);
echo substr(md5(rand()), 0, 7);
echo str_shuffle(MD5(microtime()));
?>
Solution 17 - Php
Helper function from Laravel 5 framework
/**
* Generate a "random" alpha-numeric string.
*
* Should not be considered sufficient for cryptography, etc.
*
* @param int $length
* @return string
*/
function str_random($length = 16)
{
$pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
return substr(str_shuffle(str_repeat($pool, $length)), 0, $length);
}
Solution 18 - Php
Since php7, there is the random_bytes functions. https://www.php.net/manual/ru/function.random-bytes.php So you can generate a random string like that
<?php
$bytes = random_bytes(5);
var_dump(bin2hex($bytes));
?>
Solution 19 - Php
function rndStr($len = 64) {
$randomData = file_get_contents('/dev/urandom', false, null, 0, $len) . uniqid(mt_rand(), true);
$str = substr(str_replace(array('/','=','+'),'', base64_encode($randomData)),0,$len);
return $str;
}
Solution 20 - Php
This one was taken from adminer sources:
/** Get a random string
* @return string 32 hexadecimal characters
*/
function rand_string() {
return md5(uniqid(mt_rand(), true));
}
Adminer, database management tool written in PHP.
Solution 21 - Php
from the yii2 framework
/**
* Generates a random string of specified length.
* The string generated matches [A-Za-z0-9_-]+ and is transparent to URL-encoding.
*
* @param int $length the length of the key in characters
* @return string the generated random key
*/
function generateRandomString($length = 10) {
$bytes = random_bytes($length);
return substr(strtr(base64_encode($bytes), '+/', '-_'), 0, $length);
}
Solution 22 - Php
function gen_uid($l=5){
return substr(str_shuffle("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"), 10, $l);
}
echo gen_uid();
> Default Value[5]: WvPJz
echo gen_uid(30);
>Value[30]: cAiGgtf1lDpFWoVwjykNKXxv6SC4Q2
Solution 23 - Php
One liner.
It is fast for huge strings with some uniqueness.
function random_string($length){
return substr(str_repeat(md5(rand()), ceil($length/32)), 0, $length);
}
Solution 24 - Php
/**
* @param int $length
* @param string $abc
* @return string
*/
function generateRandomString($length = 10, $abc = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
{
return substr(str_shuffle($abc), 0, $length);
}
Source from http://www.xeweb.net/2011/02/11/generate-a-random-string-a-z-0-9-in-php/
Solution 25 - Php
The edited version of the function works fine, but there is just one issue I found: You used the wrong character to enclose $characters, so the ’ character is sometimes part of the random string that is generated.
To fix this, change:
$characters = ’0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ’;
to:
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
This way only the enclosed characters are used, and the ’ character will never be a part of the random string that is generated.
Solution 26 - Php
Another one-liner, which generates a random string of 10 characters with letters and numbers. It will create an array with range
(adjust the second parameter to set the size), loops over this array and assigns a random ASCII character (range 0-9 or a-z), then implodes the array to get a string.
$str = implode('', array_map(function () { return chr(rand(0, 1) ? rand(48, 57) : rand(97, 122)); }, range(0, 9)));
Note: this only works in PHP 5.3 and later
Solution 27 - Php
function randomString($length = 5) {
return substr(str_shuffle(implode(array_merge(range('A','Z'), range('a','z'), range(0,9)))), 0, $length);
}
Solution 28 - Php
function generateRandomString($length = 10, $hasNumber = true, $hasLowercase = true, $hasUppercase = true): string
{
$string = '';
if ($hasNumber)
$string .= '0123456789';
if ($hasLowercase)
$string .= 'abcdefghijklmnopqrstuvwxyz';
if ($hasUppercase)
$string .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
return substr(str_shuffle(str_repeat($x = $string, ceil($length / strlen($x)))), 1, $length);
}
and use:
echo generateRandomString(32);
Solution 29 - Php
I liked the last comment which used openssl_random_pseudo_bytes, but it wasn't a solution for me as I still had to remove the characters I didn't want, and I wasn't able to get a set length string. Here is my solution...
function rndStr($len = 20) {
$rnd='';
for($i=0;$i<$len;$i++) {
do {
$byte = openssl_random_pseudo_bytes(1);
$asc = chr(base_convert(substr(bin2hex($byte),0,2),16,10));
} while(!ctype_alnum($asc));
$rnd .= $asc;
}
return $rnd;
}
Solution 30 - Php
Here is how I am doing it to get a true unique random key:
$Length = 10;
$RandomString = substr(str_shuffle(md5(time())), 0, $Length);
echo $RandomString;
You can use time() since it is a Unix timestamp and is always unique compared to other random mentioned above. You can then generate the md5sum of that and take the desired length you need from the generated MD5 string. In this case I am using 10 characters, and I could use a longer string if I would want to make it more unique.
I hope this helps.
Solution 31 - Php
Another way to generate a random string in PHP is:
function RandomString($length) {
$original_string = array_merge(range(0,9), range('a','z'), range('A', 'Z'));
$original_string = implode("", $original_string);
return substr(str_shuffle($original_string), 0, $length);
}
echo RandomString(6);
Solution 32 - Php
There is simple code:
echo implode("",array_map(create_function('$s','return substr($s,mt_rand(0,strlen($s)),1);'),array_fill(0,16,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")));
There is a simple guide:
- To change the length of string, please change the
16
to another value, only. - To select from different characters, please change the character string.
Solution 33 - Php
You can try this:
<?php
function random($len){
$char = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
// ----------------------------------------------
// Number of possible combinations
// ----------------------------------------------
$pos = strlen($char);
$pos = pow($pos, $len);
echo $pos.'<br>';
// ----------------------------------------------
$total = strlen($char)-1;
$text = "";
for ($i=0; $i<$len; $i++){
$text = $text.$char[rand(0, $total)];
}
return $text;
}
$string = random(15);
echo $string;
?>
You can also use md5 on time but be careful.
You need to use microtime()
and not time()
function, because if multiple threads run within the same second, you need to get different string for all of them.
<?php
$string = md5(microtime());
echo $string;
?>
Solution 34 - Php
Parametrised one-liner using only PHP native functions, working since PHP 5.1.0
str_shuffle(implode('', (array_intersect_key(($map = array_map('chr', array_merge(array_map('mt_rand', array_fill(0, $length = 25, 48), array_fill(0,$length,57)),array_map('mt_rand', array_fill(0, $length, 65), array_fill(0,$length,90)),array_map('mt_rand', array_fill(0, $length, 97), array_fill(0,$length,122))))), array_flip($keys = array_rand($map, $length))))))
Solution 35 - Php
Here's a one-liner. You'll get at least one lower-case, one upper-case, one number, and one symbol. Uses random_int
which is supposed to cyrptographically secure. I do not claim this to be secure, though. I am not a security expert.
To copy+Paste: (just change $len
to your desired length.)
$len=26;for ($chars = array('0123456789','abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ','!@#$%^&*()_+-='),$randomString="",$i=0;$i<$len;$i++)$randomString .= substr($chars[$i%4], random_int(0,strlen($chars[$i%4])), 1);
echo $randomString;
And a little more broken down:
for (
$chars = array('0123456789','abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ','!@#$%^&*()_+-='),
$randomString="",
$i=0;
$i<12;$i++)
$randomString .=
substr($chars[$i%4],
random_int(0, strlen($chars[$i%4])), 1);
I use $chars[$i%4]
in the loop to choose which set of characters to get a random from. It guarantees multiple characters from each set of chars in the array.
It could definitely be improved (randomizing how many of each char set there is), but it's good enough for my purposes.
Solution 36 - Php
Here is another solution.
function genRandomString($length = 10)
{
if($length < 1)
$length = 1;
return substr(preg_replace("/[^A-Za-z0-9]/", '', base64_encode(openssl_random_pseudo_bytes($length * 2))), 0, $length);
}
PS. I am using PHP 7.2 on Ubuntu.
Solution 37 - Php
//generateRandomString http://stackoverflow.com/questions/4356289/php-random-string-generator
function randomString($length = 32, $string= "0123456789abcdefghijklmnopqrstuvwxyz" ) {
//$string can be:
//0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
//0123456789abcdefghijklmnopqrstuvwxyz
return substr(str_shuffle( $string), 0, $length);
}
Solution 38 - Php
function randomName($length = 8) {
$values = array_merge(range(65, 90), range(97, 122), range(48, 57));
$max = count($values) - 1;
$str = chr(mt_rand(97, 122));
for ($i = 1; $i < $length; $i++) {
$str .= chr($values[mt_rand(0, $max)]);
}
return $str;
}
Solution 39 - Php
function getRandomString($length) {
$salt = array_merge(range('a', 'z'), range(0, 9));
$maxIndex = count($salt) - 1;
$result = '';
for ($i = 0; $i < $length; $i++) {
$index = mt_rand(0, $maxIndex);
$result .= $salt[$index];
}
return $result
}
Solution 40 - Php
Source: PHP Function that Generates Random Characters
This PHP function worked for me:
function cvf_ps_generate_random_code($length=10) {
$string = '';
// You can define your own characters here.
$characters = "23456789ABCDEFHJKLMNPRTVWXYZabcdefghijklmnopqrstuvwxyz";
for ($p = 0; $p < $length; $p++) {
$string .= $characters[mt_rand(0, strlen($characters)-1)];
}
return $string;
}
Usage:
echo cvf_ps_generate_random_code(5);
Solution 41 - Php
The following function generates pseudo string of any length.
/**
* Returns random string of a given length.
*/
function get_random_string($length) {
$pull = [];
while (count($pull) < $length) {
$pull = array_merge($pull, range(0, 9), range('a', 'z'), range('A', 'Z'));
}
shuffle($pull);
return substr(implode($pull), 0, $length);
}
Solution 42 - Php
You are doing it totally wrong, because you're depending on numbers, not characters and I am not sure if you want the random output to be just numbers, if so why the need to get all the alphabetic letters and all numbers and extract their length? Why not you just use rand(0, 62)
?, even though you've forgot to initialize your variable $randstring
before you declare the function.
Anyway, PHP offers you a very handy function for this purpose. It's str_shuffle()
. Here is an example that suits your need.
<?php
function randomString() {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
return str_shuffle($characters);
}
echo randomString();
Solution 43 - Php
A class with some of the functions from the discussions above.
$options['numeric'] = true;
$options['uppercase'] = true;
$options['lowercase'] = true;
$new = new RandomString($options);
class RandomString
{
/**
* @var array
*/
private $default = ['numeric' => true, 'uppercase' => true, 'lowercase' => true];
/**
* @var array
*/
private $options;
/**
* array
*/
private $whitelist = ['numeric', 'uppercase', 'lowercase'];
/**
* RandomString constructor.
*
* @param array $options
*/
public function __construct(array $options = [])
{
$this->options = $this->default;
if(!empty($options))
{
$options = array_intersect_key($options, array_flip($this->whitelist));
if(empty($options))
{
$this->options = $this->default;
}else
{
$this->options = $options;
}
}
}
/**
* @return string
*/
private function returnCharacters(){
$options = $this->options;
$numbers = '0123456789';
$uppercase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$lowercase = "abcdefghijklmnopqrstuvwxyz";
$characters = '';
if(isset($options['numeric']) && $options['numeric'] === true){
$characters .= $numbers;
}
if(isset($options['uppercase']) && $options['uppercase'] === true){
$characters .= $uppercase;
}
if(isset($options['lowercase']) && $options['lowercase'] === true){
$characters .= $lowercase;
}
return $characters;
}
/**
* @param $length
* @param $quantity
* @return string
*/
public function randomString($length, $quantity) {
$string = '';
$characters = $this->returnCharacters();
for ($j = 0; $j < $quantity; $j++) {
for($i = 0; $i < $length; $i++){
$string .= $characters[mt_rand(0, strlen($characters) - 1)];
}
$string .= "\n";
}
return $string;
}
/**
* @return array
*/
public function getOptions()
{
return $this->options;
}
/**
* @return mixed
*/
public function getWhitelist()
{
return $this->whitelist;
}
Solution 44 - Php
In this method, you can choose the character length while creating.
<?php
$random_string = "";
$character_count = 12;
for($i=1; $i <= $character_count; $i++)
{
$random_string .= chr(rand(97, 122));
}
echo $random_string;
?>
Solution 45 - Php
Finally I have found a solution to get random and unique values.
My solution is:
substr(md5(time()), 0, 12)
time
always return a timestamp, and it is always unique. You can use it with MD5 to make it better.
Solution 46 - Php
There are better alternatives to this. Many was already posted so I give you only your stuff back with fixes:
<?php
function RandomString()
{
global $randstring ;
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randstring = '';
for ($i = 0; $i < 10; $i++) {
$randstring .= $characters[rand(0, strlen($characters))];
}
return $randstring;
}
RandomString();
echo $randstring;
?>
Also you may be interested in:
<?php
function RandomString()
{
global $randstring;
$characters = str_split('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
array_filter ($characters,function($var)use($characters,&$randstring){
$randstring .= $characters[rand(0, count($characters)-1)];
});
return $randstring;
}
RandomString();
echo $randstring.'<hr>';
//.. OR ..
$randstring = '';
echo(RandomString());
?>
Or another one:
<?php
function s($length){
for($i=0;
($i<$length) and
(
($what=rand(1,3))
and
(
(
($what==1) and
($t=rand(48, 57)
)
) or
(
($what==2) and
($t=rand(65, 90))
) or
(
($what==3) and
($t=rand(97, 122)
)
)
) and
(print chr($t))
);
$i++)
;
}
s(10);
?>
Solution 47 - Php
function strgen($len) {
$buf = '';
for ($i = 0; $i < $len; $i++) {
$j = mt_rand(0, 61);
if ($j >= 36) {
$j += 13;
} else if ($j >= 10) {
$j += 7;
}
$buf .= chr(48 + $j);
}
return $buf;
}
Simple and elegant.
Solution 48 - Php
IF YOUR ARE USING PHP 7 +
public function generateRandom(){
$string = bin2hex(openssl_random_pseudo_bytes(10)); // 20 chars
// OR
$string = base64_encode(random_bytes(10)); // ~14 characters, includes /=+
// or
$string = substr(str_replace(['+', '/', '='], '', base64_encode(random_bytes(32))), 0, 32); // 32 characters, without /=+
// or
$string = bin2hex(random_bytes(10)); // 20 characters, only 0-9a-f
}
Solution 49 - Php
This code will help:
This function will return random string with length between $maxLength
and $minLength
.
NOTE: Function random_bytes
works since PHP 7.
If you need specific length, so $maxLength
and $minLength
must be same.
function getRandomString($maxLength = 20, $minLength = 10)
{
$minLength = $maxLength < $minLength ? $maxLength : $minLength;
$halfMin = ceil($minLength / 2);
$halfMax = ceil($maxLength / 2);
$bytes = random_bytes(rand($halfMin, $halfMax));
$randomString = bin2hex($bytes);
$randomString = strlen($randomString) > $maxLength ? substr($randomString, 0, -1) : $randomString;
return $randomString;
}
Solution 50 - Php
A full solution (class plus test), partly based on some suggestions above...
class TokenFactory
{
private const LENGTH = 12;
private const ALLOWED = '123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ~!@#$%^&*{}';
private const MIN_NUMBER_OF_DIGITS = 1;
private const MIN_NUMBER_OF_CAPS = 1;
private const MIN_NUMBER_OF_SPECIALS = 1;
private const MIN_NUMBER_OF_LETTERS = 1;
/**
* @return string
* @throws \Exception
*/
public function make(): string
{
$pass = $this->generateToken();
if ($this->isTokenValid($pass)) {
return $pass;
} else {
return $this->make();
}
}
/**
* @return string
* @throws \Exception
*/
private function generateToken(): string
{
$allowedCharacters = self::ALLOWED;
$token = '';
$max = mb_strlen($allowedCharacters, '8bit') - 1;
for ($i = 0; $i < self::LENGTH; ++$i) {
$token .= $allowedCharacters[random_int(0, $max)];
}
return $token;
}
/**
* @param $token
* @return bool
*/
private function isTokenValid($token): bool
{
$numberOfDigits = preg_match_all("/[0-9]/", $token);
$numberOfCaps = preg_match_all("/[A-Z]/", $token);
$numberOfSpecials = preg_match_all("/[~!@#\$%^&*{}]/", $token);
$numberOfLetters = preg_match_all("/[a-z]/", $token);
return
$numberOfDigits > self::MIN_NUMBER_OF_DIGITS
&& $numberOfCaps > self::MIN_NUMBER_OF_CAPS
&& $numberOfSpecials > self::MIN_NUMBER_OF_SPECIALS
&& $numberOfLetters > self::MIN_NUMBER_OF_LETTERS
;
}
}
class TokenFactoryTest
{
public function test_correct_syntax()
{
/**
* Arrange
*/
$length = 12;
$numberOfChecks = 1000;
/**
* Act & Assert
*/
$class = new TokenFactory();
$i = 0;
while ($i < $numberOfChecks) {
$generatedToken = $class->make();
$numberOfDigits = preg_match_all( "/[0-9]/", $generatedToken );
$numberOfCaps = preg_match_all( "/[A-Z]/", $generatedToken );
$numberOfSpecials = preg_match_all("/[~!@#\$%^&*{}]/", $generatedToken);
$numberOfLetters = preg_match_all("/[a-z]/", $generatedToken);
Assert::assertEquals($length, strlen($generatedToken));
Assert::assertTrue($numberOfDigits >= 1, 'Digit error: ' . $generatedToken);
Assert::assertTrue($numberOfCaps >= 1, 'Caps error: ' . $generatedToken);
Assert::assertTrue($numberOfSpecials >= 1, 'Specials error: ' . $generatedToken);
Assert::assertTrue($numberOfLetters >= 1, 'Letters error: ' . $generatedToken);
$i++;
}
}
}
BTW make sure to catch that exception somewhere where it suits your needs!
Solution 51 - Php
Laravel solution: If you are using Laravel Framework, you can use its StringHelper like this.
use Illuminate\Support\Str;
Str::random($strlentgh = 16)
Solution 52 - Php
<?php
/**
* Creates a random string
*
* @param (int) $length
* Length in characters
* @param (array) $ranges
* (optional) Array of ranges to be used
*
* @return
* Random string
*/
function random_string($length, $ranges = array('0-9', 'a-z', 'A-Z')) {
foreach ($ranges as $r) $s .= implode(range(array_shift($r = explode('-', $r)), $r[1]));
while (strlen($s) < $length) $s .= $s;
return substr(str_shuffle($s), 0, $length);
}
// Examples:
$l = 100;
echo '<b>Default:</b> ' . random_string($l) . '<br />';
echo '<b>Lower Case only:</b> ' . random_string($l, array('a-z')) . '<br />';
echo '<b>HEX only:</b> ' . random_string($l, array('0-9', 'A-F')) . '<br />';
echo '<b>BIN only:</b> ' . random_string($l, array('0-1')) . '<br />';
/* End of file */
Solution 53 - Php
function randomString() {
return md5(rand(100, 200));
}
Solution 54 - Php
If you are using this random string in a place where a user might see it or use it (eg as a password generator, you might want to limit the set of characters used to exclude vowels. That way you will not accidentally generate bad words and offend someone. Don't laugh it happens.
Solution 55 - Php
I say take the best of several answers and put them together - str_suffle and range are new to me:
echo generateRandomString(25); // Example of calling it
function generateRandomString($length = 10) {
return substr(str_shuffle(implode(array_merge(range(0,9), range('A', 'Z'), range('a', 'z')))), 0, $length);
}
Solution 56 - Php
Try this:
function generate_name ($length = LENGTH_IMG_PATH) {
$image_name = "";
$possible = "0123456789abcdefghijklmnopqrstuvwxyz";
$i = 0;
while ($i < $length) {
$char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
if (!strstr($image_name, $char)) {
$image_name .= $char;
$i++;
}
}
return $image_name;
}
Solution 57 - Php
$t = array_merge(range('0', '9'), range('a', 'z'), range('A', 'Z'));
echo join('', array_map(function() use($t) { return $t[array_rand($t)]; }, range(1, 15)));
or one-liner
echo join('', array_map(function() { return substr('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', rand(0, 61), 1); }, range(1, 15)));
Solution 58 - Php
I always liked to use base64 for generating random passwords or other random (printable) character strings. The usage of base64 ensures a large number of printable characters is available.
On the shell, I usually do something like this:
base64 < /dev/urandom |head -c10
Something similar can be done in PHP as well. However reading directly from /dev/urandom might be forbidden by open_basedir restrictions. So this is what I've arrived at:
base64_encode(
join(
'',
array_map(
function($x){ return chr(mt_rand(1,255));},
range(1,15)
)
)
);
To get a truly random string, we need random input as well. This is what the join/array_map
does. Using something like uniqid
is not enough, because it will always have a similar prefix, as it's basically a glorified timestamp.
If you have the openssl extension installed, you can of course use openssl_random_pseudo_bytes()
instead, which would be even better.
Solution 59 - Php
To get it in a single line, try this:
$str = substr(str_shuffle(str_repeat("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", 5)), 0, $length);
Solution 60 - Php
The one line solution will be
str_shuffle(base64_encode(date('mdyhis').date('mdyhis')));
Solution 61 - Php
Please, try this my function to generate a custom random alphanumeric string:
<?php
function random_alphanumeric($length) {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ12345689';
$my_string = '';
for ($i = 0; $i < $length; $i++) {
$pos = mt_rand(0, strlen($chars) -1);
$my_string .= substr($chars, $pos, 1);
}
return $my_string;
}
?>
You can adjust the result by passing the length of the string to the function like below:
$test_with_50_items = random_alphanumeric(50); // 50 characters
echo $test_with_50_items;
Example (test_with_50_items): Y1FypdjVbFCFK6Gh9FDJpe6dciwJEfV6MQGpJqAfuijaYSZ86
If you need more than 50 chars or less simply call the function how you like:
$test_with_27_items = random_alphanumeric(27); // 27 characters
echo $test_with_27_items;
If you need two or more unique strings you can do by loop using while
so you are sure to get two unique strings... you can do the same with more strings, the only limit is your fantasy...
$string_1 = random_alphanumeric(50);
$string_2 = random_alphanumeric(50);
while ($string_1 == $string_2) {
$string_1 = random_alphanumeric(50);
$string_2 = random_alphanumeric(50);
if ($string_1 != $string_2) {
break;
}
}
echo $string_1;
echo "<br>\n";
echo $string_2;
$string_1: KkvUwia8rbDEV2aChWqm3AgeUZqyrRbUx2AxVhx5s4TSJ2VwA4
$string_2: XraO85YfxBBCInafvwipSOJwLmk6JMWiuWOxYQDnXohcn2D8K6
Solution 62 - Php
There are 3 things wrong with your code:
- $randstring is not assigned to anything (only inside the function which is out of scope).
- RandomString only returns the last random charactor. Replace
=
with.=
. Rand
does not generate cryptographically secure pseudo-random numbers. Userandom_int
instead.
See below:
<?php
function RandomString()
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randstring = '';
for ($i = 0; $i < 10; $i++) {
$randstring .= $characters[random_int(0, strlen($characters))];
}
return $randstring;
}
$randstring = RandomString();
echo $randstring;
Solution 63 - Php
Try this, it can generate up to length of master. but its simple and fit for small string.
$master="ABCDEFGHIJKLMNOPQRSTUVWXYZ";
$master_array = str_split($master);
shuffle($master_array);
print_r(implode("",array_slice($master_array,0,10)));
Solution 64 - Php
If you are morbidly scared of typing out letters of the alphabet, don't care about string security, and are only interested in alphabets, here's a neat solution
$alphabets = range ("a", "z");
shuffle ($alphabets);
$randomString = substr(implode ("", $alphabets), 3, 17); // adjust according to desired length
Solution 65 - Php
If you need large number of random strings with no duplicates, here's a recursive code with small modification:
function generateRandomString($length = 10)
{
global $generatedStrings;
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
if (isset($generatedStrings[$randomString])) {
$randomString = generateRandomString($length);
}
$generatedStrings[$randomString] = $randomString;
return $randomString;
}
$generatedStrings = array();
foreach(range(1, 100000) as $num) {
echo "\n".$num."\t : ".generateRandomString();
}
Solution 66 - Php
Previous answers generate passwords that are insecure or difficult to type.
This one is secure and provides a password that users are more likely to actually use, instead of being discarded for something weak.
// NOTE: On PHP 5.x you will need to install https://github.com/paragonie/random_compat
/**
* Generate a password that can easily be typed by users.
*
* By default, this will sacrifice strength by skipping characters that can cause
* confusion. Set $allowAmbiguous to allow these characters.
*/
static public function generatePassword($length=12, $mixedCase=true, $numericCount=2, $symbolCount=1, $allowAmbiguous=false, $allowRepeatingCharacters=false)
{
// sanity check to prevent endless loop
if ($numericCount + $symbolCount > $length) {
throw new \Exception('generatePassword(): $numericCount + $symbolCount are too high');
}
// generate a basic password with just alphabetic characters
$chars = 'qwertyupasdfghjkzxcvbnm';
if ($mixedCase) {
$chars .= 'QWERTYUPASDFGHJKZXCVBNML';
}
if ($allowAmbiguous) {
$chars .= 'iol';
if ($mixedCase) {
$chars .= 'IO';
}
}
$password = '';
foreach (range(1, $length) as $index) {
$char = $chars[random_int(0, strlen($chars) - 1)];
if (!$allowRepeatingCharacters) {
while ($char == substr($password, -1)) {
$char = $chars[random_int(0, strlen($chars) - 1)];
}
}
$password .= $char;
}
// add numeric characters
$takenSubstitutionIndexes = [];
if ($numericCount > 0) {
$chars = '23456789';
if ($allowAmbiguous) {
$chars .= '10';
}
foreach (range(1, $numericCount) as $_) {
$index = random_int(0, strlen($password) - 1);
while (in_array($index, $takenSubstitutionIndexes)) {
$index = random_int(0, strlen($password) - 1);
}
$char = $chars[random_int(0, strlen($chars) - 1)];
if (!$allowRepeatingCharacters) {
while (substr($password, $index - 1, 1) == $char || substr($password, $index + 1, 1) == $char) {
$char = $chars[random_int(0, strlen($chars) - 1)];
}
}
$password[$index] = $char;
$takenSubstitutionIndexes[] = $index;
}
}
// add symbols
$chars = '!@#$%&*=+?';
if ($allowAmbiguous) {
$chars .= '^~-_()[{]};:|\\/,.\'"`<>';
}
if ($symbolCount > 0) {
foreach (range(1, $symbolCount) as $_) {
$index = random_int(0, strlen($password) - 1);
while (in_array($index, $takenSubstitutionIndexes)) {
$index = random_int(0, strlen($password) - 1);
}
$char = $chars[random_int(0, strlen($chars) - 1)];
if (!$allowRepeatingCharacters) {
while (substr($password, $index - 1, 1) == $char || substr($password, $index + 1, 1) == $char) {
$char = $chars[random_int(0, strlen($chars) - 1)];
}
}
$password[$index] = $char;
$takenSubstitutionIndexes[] = $index;
}
}
return $password;
}
Solution 67 - Php
$pass = "";
for ($i=0;$i<12;++$i)
$pass.= ($r=mt_rand(0,35))<26?chr(ord('a')+$r):chr(ord('0')+$r-26);