* Thus wrote Peter Brodersen: > On Wed, 18 Aug 2004 17:59:34 -0700, in php.general > [EMAIL PROTECTED] (John Holmes) wrote: > > >> $token = md5(uniqid(rand(), true)); > >> > >> .. is a pretty bad idea, since the output could include quotes, > >> newlines, low-ascii-characters, thereby messing up the form. > >How do you figure that? md5() only returns 0-9 and a-f characters. >... > > >> $token = md5(uniqid(rand() )); > >> ought to be sufficient - and works with PHP4 :) > >Using entropy with uniqid() simply returns a more unique value to md5(), > >so what's the difference. > > Err... the only difference is that I removed the second argument, > making md5() return a simple hex-encoded string.
The second argument was to uniqid(). Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
