Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save fendis0709/a9119ea99a13eea280ef91006abef9d3 to your computer and use it in GitHub Desktop.
Save fendis0709/a9119ea99a13eea280ef91006abef9d3 to your computer and use it in GitHub Desktop.
Generate cryptographically secure random strings. Based on Kohana's Text::random() method and this answer:http://stackoverflow.com/a/13733588/179104
function random_text( $type = 'alnum', $length = 8 )
{
switch ( $type ) {
case 'alnum':
$pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
break;
case 'alpha':
$pool = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
break;
case 'hexdec':
$pool = '0123456789abcdef';
break;
case 'numeric':
$pool = '0123456789';
break;
case 'nozero':
$pool = '123456789';
break;
case 'distinct':
$pool = '2345679ACDEFHJKLMNPRSTUVWXYZ';
break;
default:
$pool = (string) $type;
break;
}
$crypto_rand_secure = function ( $min, $max ) {
$range = $max - $min;
if ( $range < 0 ) return $min; // not so random...
$log = log( $range, 2 );
$bytes = (int) ( $log / 8 ) + 1; // length in bytes
$bits = (int) $log + 1; // length in bits
$filter = (int) ( 1 << $bits ) - 1; // set all lower bits to 1
do {
$rnd = hexdec( bin2hex( openssl_random_pseudo_bytes( $bytes ) ) );
$rnd = $rnd & $filter; // discard irrelevant bits
} while ( $rnd >= $range );
return $min + $rnd;
};
$token = "";
$max = strlen( $pool );
for ( $i = 0; $i < $length; $i++ ) {
$token .= $pool[$crypto_rand_secure( 0, $max )];
}
return $token;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment