How unique is uniqid?

by

Update, March 2014:

Firstly, it is important to note that uniqid is a bit of a misnomer as it doesnt guarantee a unique ID.

Per the PHP documentation:

WARNING!

This function does not create random nor unpredictable string. This
function must not be used for security purposes. Use cryptographically
secure random function/generator and cryptographically secure hash
functions to create unpredictable secure ID.

And

This function does not generate cryptographically secure tokens, in
fact without being passed any additional parameters the return value
is little different from microtime(). If you need to generate
cryptographically secure tokens use openssl_random_pseudo_bytes().

Setting more-entropy to true generates a more unique value, however the execution time is longer (though to a tiny degree), according to the docs:

If set to TRUE, uniqid() will add additional entropy (using the
combined linear congruential generator) at the end of the return
value, which increases the likelihood that the result will be unique.

Note the line increases the likelihood that the result will be unique and not that is will guarantee uniqueness.

You can ‘endlessly’ strive for uniqueness, up to a point, and enhance using any number of encryption routines, adding salts and the like- it depends on the purpose.

I’d recommend looking at the comments on the main PHP topic, notably:

http://www.php.net/manual/en/function.uniqid.php#96898

http://www.php.net/manual/en/function.uniqid.php#96549

http://www.php.net/manual/en/function.uniqid.php#95001

What I’d recommend is working out why you need uniqueness, is it for security (i.e. to add to an encryption/scrambling routine)? Also, How unique does it need to be? Finally, look at the speed consideration. Suitability will change with the underlying considerations.

More Related Contents:

  1. PHP DateTime supported formats
  2. Can I call a PHP function in a JavaScript click handler?
  3. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘WHERE `id` [closed]
  4. PHP parse/syntax errors; and how to solve them
  5. How to extract and access data from JSON with PHP?
  6. PHP validation/regex for URL
  7. continue processing php after sending http response
  8. MySQL – This version of MySQL doesn’t yet support ‘LIMIT & IN/ALL/ANY/SOME subquery
  9. how to detect search engine bots with php?
  10. Parse XML with Namespace using SimpleXML [duplicate]
  11. How to write into a file in PHP?
  12. PHP: Merge 2 Multidimensional Arrays
  13. “[notice] child pid XXXX exit signal Segmentation fault (11)” in apache error.log [closed]
  14. How to change maximum number of POST variable in PHP?
  15. Restructure multidimensional array of column data into multidimensional array of row data [duplicate]
  16. Shorthand for arrays: is there a literal syntax like {} or []?
  17. PHP Get Highest Value from Array
  18. PHP compare array
  19. Sending multiple attachment in an email using PHP
  20. REST API Authorization & Authentication (web + mobile)
  21. PHP include causes white space at the top of the page
  22. Laravel nested relationships
  23. Laravel 5.2 not reading env file
  24. PHP – Check if the page run on Mobile or Desktop browser [duplicate]
  25. Dynamic Table Generation
  26. str_replace with array
  27. Laravel Eloquent: How to get only certain columns from joined tables
  28. check if url exists in php [duplicate]
  29. How to use Laravel Passport with Password Grant Tokens?
  30. CORS: PHP: Response to preflight request doesn’t pass. Am allowing origin

Leave a Comment