Generate random string in php/mysql

Question

I need to generate a random string when I insert data in my mysql. I did read about uuid or cast(rand) but I cant find anything that looks like I can use it.

My data comes from a app.

I made a new row called code and made it unik.

I hope you can help me :)

how do I tell my insert to generate a random string to my row code?

// array for JSON response
$response = array();

 // check for required fields
if (isset($_POST['name']) && isset($_POST['nummer']) && isset($_POST['description']) && isset($_POST['dato'])) {

$name = $_POST['name'];
$nummer = $_POST['nummer'];
$description = $_POST['description'];
$dato = $_POST['dato'];

// include db connect class
require_once __DIR__ . '/db_connect.php';

// connecting to db
$db = new DB_CONNECT();

mysql_set_charset("utf8");

// mysql inserting a new row
$result = mysql_query("INSERT INTO products(name, nummer, description, dato) VALUES('$name', '$nummer', '$description', '$dato')");

Ok this is what I got so far

if (isset($_POST['name']) && isset($_POST['nummer']) && isset($_POST['description']) && isset($_POST['dato'])) {

$name = $_POST['name'];
$nummer = $_POST['nummer'];
$description = $_POST['description'];
$dato = $_POST['dato'];
// $code = $_POST['code'];

// include db connect class
require_once __DIR__ . '/db_connect.php';

// connecting to db
$db = new DB_CONNECT();

  function generate_random_string($length = 10) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, strlen($characters) - 1)];
    }
    return $randomString;
  }


// mysql inserting a new row
$result = mysql_query("INSERT INTO products(name, nummer, description, dato, code) VALUES('$name', '$nummer', '$description', '$dato', '$randomString')");

But I dont get anything in my code row?

    return $randomString;

$random_str = generate_random_string(10);

}


// mysql inserting a new row
$result = mysql_query("INSERT INTO products(name, nummer, description, dato, code) VALUES('$name', '$nummer', '$description', '$dato', '$random_str')");

If you want to generate it in PHP: http://stackoverflow.com/questions/4356289/php-random-string-generator — , Nov 11 '14 at 16:17
[**Please, don't use `mysql_*` functions in new code**](http://stackoverflow.com/q/12859942). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [**red box**](http://uk.php.net/manual/en/function.mysql-connect.php)? Learn about [*prepared statements*](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) — itachi, Nov 11 '14 at 16:26

teeyo · Answer 1 · 2014-11-11T16:39:27.387

2

You can generate a random number using PHP's function rand :

// code = rand($min , $max); for example
code = rand(100000, 999999); // will generate a number between 100000 and 999999
// then add the column to your insert if it belongs to the same table or 
// make another query to insert the code if it belongs to a different table

note that you can use the current time and md5 function to make stronger unique codes.

Also, if you like to take this logic to your database, try to create a trigger that will runs after each insert.

Good luck.

edited Nov 11 '14 at 16:39

answered Nov 11 '14 at 16:28

teeyo

3,665
3
22
37

"MD5" and "stronger" do not belong in the same sentence. – tadman Nov 11 '14 at 17:14
@tadman using str_shuffle on current time concatenated with the generated random number, and then using MD5 on that string was string enough for me, it's not so secure to be used as a password I know, but for confirmation links, it did the job just fine. – teeyo Nov 11 '14 at 17:31
If you're using MD5, you're probably doing it wrong. Either you want something actually secure, in which case it's totally inadequate, or you don't, in which case the default random number generator, properly seeded, is fine. – tadman Nov 11 '14 at 17:48
I totally agree, sure MD5 is not secure, I'm not employing it for the purpose it was created for, but it gives me good looking 32's caracter string, and that's all. But yeah, for activation for example a random of 4 digits is more then enough. – teeyo Nov 11 '14 at 17:58

score 1 · Accepted Answer · edited May 23 '17 at 12:20

1

You can try the code below:

    function generate_random_string($length = 10) {
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
        $randomString = '';
        for ($i = 0; $i < $length; $i++) {
            $randomString .= $characters[rand(0, strlen($characters) - 1)];
        }
        return $randomString;
    }

echo generate_random_string(15);  // define amount of string length in parametre

Source: PHP random string generator

If you use random number as Random String code is below:

$number = range(100000,999999);
shuffle($number);
$ran_string = $number[0];
echo $ran_string;

edited May 23 '17 at 12:20

Community

1
1

answered Nov 11 '14 at 16:21

Touhid

659
8
27

2

Give credit or link when you copy/pasta someone's code. – samayo Nov 11 '14 at 16:27
1

You did not use properly. assign function's value in a variable first. like $random_str = generate_random_string(10); then use the variable in your query – Touhid Nov 11 '14 at 18:26
return $randomString; $random_str = generate_random_string(10); } // mysql inserting a new row $result = mysql_query("INSERT INTO products(name, nummer, description, dato, code) VALUES('$name', '$nummer', '$description', '$dato', '$random_str')"); Still nothing – user3272367 Nov 11 '14 at 18:53
don't change the funtion, do it additionally outside, not in function – Touhid Nov 11 '14 at 18:59
i am in mobile, when i will be in pc, i will clear u – Touhid Nov 11 '14 at 18:59

Generate random string in php/mysql

2 Answers2