top | item 8053115 (no title) system_32 | 11 years ago You criticized about the random code generation function. Could you explain why it is bad? Though I code, I am no expert and would really like to know. discuss order hn newest sarciszewski|11 years ago This is the offending code: https://github.com/bmmayer/ephchat/blob/ec375c7974ea825f887f...This is the proper way to do it (h/t @tptacek): http://sockpuppet.org/blog/2014/02/25/safely-generate-random...mt_srand() + rand() is just hilarious. The md5(uniquid()) thing is a common randomness anti-pattern in PHP projects that needs to die in a fire.In PHP, a very brief example of the code to achieve the proper way of generating randomness looks like the snippet I posted in the issue.
sarciszewski|11 years ago This is the offending code: https://github.com/bmmayer/ephchat/blob/ec375c7974ea825f887f...This is the proper way to do it (h/t @tptacek): http://sockpuppet.org/blog/2014/02/25/safely-generate-random...mt_srand() + rand() is just hilarious. The md5(uniquid()) thing is a common randomness anti-pattern in PHP projects that needs to die in a fire.In PHP, a very brief example of the code to achieve the proper way of generating randomness looks like the snippet I posted in the issue.
sarciszewski|11 years ago
This is the proper way to do it (h/t @tptacek): http://sockpuppet.org/blog/2014/02/25/safely-generate-random...
mt_srand() + rand() is just hilarious. The md5(uniquid()) thing is a common randomness anti-pattern in PHP projects that needs to die in a fire.
In PHP, a very brief example of the code to achieve the proper way of generating randomness looks like the snippet I posted in the issue.