0

What are the chances of md5 outputting same values. I cant think of anything, but want to get other opinions.

function theid(){  
    $rand = random_int("1000000","9999999");
    $idcont = date("d.m.Y").$rand.time("h:i:s").$rand;
    $sysid = md5($idcont);  
    return $sysid; 
} 
$oneid = theid();

it does not hash pass I'm using it to generate unique ids for my system. Checking each id is not a good option as id will be stored in different places.

CONCLUSION. Thanks all. By comments in this post i had to sit back and rethink how id are carried true system. I will cut back on using auto_increment for user id, use uniqid() to handle system events and use something like hash_password() for other part i did not even touch here. Better pull my sleeves up ...

evenom
  • 13
  • 3
  • For future, use code formatting, not quotations. Make your code easy to read or else you won't get the answers you're looking for. – Devon Bessemer Jun 10 '18 at 16:49
  • Having $rand twice in $idcont seems pretty redundant. The possibility of a collision with md5 is fairly low, but is there a reason you can't rely on an auto-increment column in your database? – Devon Bessemer Jun 10 '18 at 16:52
  • 1
    Possible duplicate of [PHP function to generate v4 UUID](https://stackoverflow.com/questions/2040240/php-function-to-generate-v4-uuid) – Progman Jun 10 '18 at 16:52
  • Just use `uniqid()`? Or an auto-incrementing ID? – Niet the Dark Absol Jun 10 '18 at 17:23

3 Answers3

1

I don't see the point using md5 for generating unique ids. Obviously you are not trying to create cryptographically secure value and it would not be secure in your example anyway. Use uniqid() function instead. It's designed for non-collision. It creates a unique identifier based on the current time in microseconds. You can use the second argument (more entropy) to create more unique values.

$uid = uniqid('some prefix', true);

uniqid

evansgambit
  • 825
  • 2
  • 8
  • 9
0

md5 is not secure anymore. Theoretically it's possible to have same hash from different origin, it's not easy but it's possible. It seems you want to generate unique ids so maybe standard uuid it's an option to you: https://docs.mongodb.com/manual/geospatial-queries/

Jose Mato
  • 2,709
  • 1
  • 17
  • 18
  • i know about md5,.for that reason added paragraph under code. uuid is an option i did not thought of before Niet dropped a link. – evenom Jun 10 '18 at 17:28
0

Thanks all. By comments in this post i had to sit back and rethink how id are carried true system. I will cut back on using auto_increment for user id, use uniqid() to handle system events and use something like hash_password() for other part i did not even touch here. Better pull my sleeves up ...

evenom
  • 13
  • 3