2

I'm working on a project where I need to use some hash function to make a hash string. This hash string should be unique consists of 6 to 13 characters (fixed length).

I use a database to store data, so for each record, I have a unique ID. I want to use this unique ID to make a hash string ( to achieve uniqueness of resulted hash string).

I need this hash string to consists of only valid characters ( 0-9 a-z A-Z).

Which hash function should I use to achieve this goal? How can I generate such hash strings?

Added Later: I want to generate this string and pass it to user, so he can come back later to edit the entry. any other idea is acceptable.

Morteza Milani
  • 1,197
  • 3
  • 19
  • 30
  • Does it need to be a hash? What about generating a string with characters randomly drawn? – Felix Kling Jul 05 '10 at 08:52
  • 2
    If you want the output to be a unique value, don't use a hash. By definition, hashes map a large set onto a smaller set and there are guaranteed to be collisions. However, you might be lucky enough not to find two items with collisions for many, many years – Gareth Jul 05 '10 at 09:06
  • @Felix : how to generate random strings with no collision? @Gareth: Having exact uniqueness is not possible you know, but making the probability of collision as low as possible is my mean by uniqueness. – Morteza Milani Jul 05 '10 at 09:19
  • 2
    @Morteza M.: Well you can generate a string and try to insert the record into the DB (assuming the column has a UNIQUE constraint) and if it fails, generate a new one. Most of the time, you won't generate an already existing string. – Felix Kling Jul 05 '10 at 09:23
  • The ID already is unique, so why not use it? – phant0m Jul 05 '10 at 09:24
  • @phant0m, I can't use just ID, because someone can enter a random ID and edit the entry. – Morteza Milani Jul 05 '10 at 09:28
  • @Felix Kling: Your idea is good. I think about it:) thank you. – Morteza Milani Jul 05 '10 at 09:30

3 Answers3

3

Use crypt:

$hash = crypt("somevaluetohash", $uniqueid);

The unique id is a salt so you can generate different values depending on the id. So if one user had a password of "somevaluetohash" and another user had the same, the ending hash wouldn't be the same.

nebkat
  • 8,445
  • 9
  • 41
  • 60
  • I planned to use it, but it generates some special characters like dot,slash and so on. I want the string to contains only alphanumeric characters. – Morteza Milani Jul 05 '10 at 09:20
  • 1
    You can always make a filter for this. Or you could make a hash with $hash = md5("somevaluetohash".$uniqueid); – nebkat Jul 05 '10 at 09:49
  • your idea is good. but can I somehow reduce the length of generated code to 6 or 13 ( not using a simple crop ). – Morteza Milani Jul 05 '10 at 09:59
  • 1
    Maybe check http://stackoverflow.com/questions/959957/php-short-hash ? If you cant find any other method of hashing which has a 6 to 13 length, just use the same method: "somevaluetohash".$uniqueid – nebkat Jul 05 '10 at 11:41
0
<?php
  $id;
  $hash_full = md5($id); //hash('sha256', $id);
  $hash_cropped = substr($hash_full, 0, 6);
?>

Use hash() for other hashing algorithms.

But what do you need this hashes for? To me, it doesn't make a lot of sense to generate a hash from the ID, couldn't you just use the ID instead?

phant0m
  • 16,595
  • 5
  • 50
  • 82
  • You know, I want to pass this string to user, as a password so he can edit the entry later. I don't cropping a hash string put it in danger of more collisions. – Morteza Milani Jul 05 '10 at 09:25
0

Does it really need to be a cryptographic checksum? Or is a simpler checksum suitable? Is the database-provided primary key itself not suitable?

You've got lots of options, from the simplest crc32 to most-advanced sha512.

But if you're doing this for some specific application (such as filesystem hashing, or finding nearby objects using some metrics), then you're going to have to specify more of your problem.

sarnold
  • 102,305
  • 22
  • 181
  • 238