Hi all, We all know, uniqid() is not unique at all and not safe as random ID at all. This would be one of the most misused function because of its name.
https://github.com/php/php-src/blob/master/ext/standard/uniqid.c#L44 Bug report for this https://bugs.php.net/bug.php?id=55391 I would like to - Enable more entropy parameter on by default - Add 256 bits random value (64 chars by HEX) from php_random_bytes() instead of 1 char from php_combined_lcg() If all of us think "just fix it", then I'll just fix this in master w/o RFC. Any comments? Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
