On Wed, 30 Sep 2015 17:15 Scott Arciszewski <sc...@paragonie.com> wrote:
This is probably answerable by a quick yes/no and shouldn't need a ton of bikeshedding, but if that happens anyway I apologize in advance. I think random_bytes() and random_int() are great; they provide a much-needed building block in PHP 7.0. However, I do worry a bit that the most common use for random_int() (generating a random string of a fixed length with a given character set) will be reinvented over and over again, and rarely consistently. I would propose a random_str() function that behaves similar to this userland snippet: http://stackoverflow.com/a/32870871/2224584 Function prototype: > string random_str( int $length, string $charset) Would return a string or throw an Error|Exception (e.g. invalid input parameters, or the operating system's CSPRNG begins to melt). I can write up an RFC for this, with a patch targeting 7.1, if anyone is interested in it. Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php Hey Scott Just quickly for reference, there was some discussion on this before in Feb, roughly here: https://marc.info/?l=php-internals&m=142481367620609&w=2 Not sure how relevant, havent reread it.
