Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PHP: Options to generate an unique user key

Tags:

php

key

hash

After a few days researching on hashing, generating random numbers or unique keys, I am a bit confusing now.

I have one last thing that I want to get it right which is the user key. I want to store an unique key for each member/ user who registers at my website. So this key must be unique and not duplicate. I am thinking to use the user email and hash it with timedate or something...

Then I wonder which is the best way to create such a key -

Can I use hash_hmac() to do this for me?

I have a couple of things don't understand about hash_hmac() though - as in this example from the php.net hash_hmac('ripemd160', 'The quick brown fox jumped over the lazy dog.', 'secret');

So what is 'secret' - can I put anything different instead, like a timedate? I assume that I can replace 'The quick brown fox jumped over the lazy dog.' with the email address?

or maybe I can use Portable PHP password hashing framework to do this?

the only thing is that it produces ., $, and / which I need to remove them otherwise I will get errors when I request the key from the URL.

so I might do this - 

$hash = $phpass -> HashPassword('[email protected]'.$timedate)
$key = preg_replace("/[^a-zA-Z0-9]+/", "", $hash);

Please let me know if you have any better suggestions.

like image 658
Run Avatar asked Jan 26 '11 19:01

Run

2 Answers

I have one last thing that I want to get it right which is the user key. I want to store an unique key for each member/ user who registers at my website. So this key must be unique and not duplicate. I am thinking to use the user email and hash it with timedate or something

  • I would just let your database handle this for you using autoincrement
  • You could also use uniqid for this: md5(uniqid(rand(), TRUE));

index.php: 

for ($i=0;$i<10;$i++) {
    echo md5(uniqid(rand(), TRUE)) . "\n";
}

output:

php index.php 
ba0d9aad1ff0ceadf4b25f101099b91e
b5a6db5e174b426061d3d3835a6fcaea
54be6d3a03e0590917ed20b097442e3a
6e208a61eae8cfd102d4a41decf0f64e
2cafac5402815af87e8299e5e67016bd
95e839097a566471c70fe357e5a101d2
c6908532bda6f926debdda754b02f931
aac7adf999dd4dd009f208b176ea90d0
1ed7779229e57b05adc088b375582cfb
e016a684564d5cdb89201ebab1038609

They are all unique and you can just use them. You should NOT have to do anything else?

like image 86
Alfred Avatar answered Sep 18 '22 09:09

Alfred

I recommend "stealing" the drupal_random_bytes function.

like image 28
chx Avatar answered Sep 21 '22 09:09

chx
Sign in to Comment

Related questions

How to get the defined() value by a string?
Placing a foreach loop inside an if condition
php - help converting timestamp string to readable time format
simple rss feed
Two identical strings, yet different lengths. Trimmed, cleansed, etc
Replace last word in string
Select * to table where datetime is 24 hours ago
How to access an object from another class?
Query WMI remotely with PHP
How to duplicate a PHP file using PHP
How to make an "empty" RSS feed
PHP Read cookies created with setcookie()
How can I get the foreign keys of a table in mysql
How do I strip all javascript out of an HTML document using PHP?
dompdf and img tag, image wont show
Simple PHP login with cookie
MySQL returns only one row
Why can't I use integers as an index in a PHP $_SESSION array?
Creating Block/Modules in Code Igniter
Module 'ssh2' already loaded in Unknown on line 0

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!