...

...

@@ -11,20 +11,22 @@

11

11

<methodsynopsis>

12

12

<type>string</type><methodname>uniqid</methodname>

13

13

<methodparam choice="opt"><type>string</type><parameter>prefix</parameter><initializer>""</initializer></methodparam>

14

-

<methodparam choice="opt"><type>bool</type><parameter>more_entropy</parameter><initializer>false</initializer></methodparam>

14

+

<methodparam choice="opt"><type>bool</type><parameter>more_entropy</parameter><initializer>&false;</initializer></methodparam>

15

15

</methodsynopsis>

16

16

<para>

17

17

Gets a prefixed unique identifier based on the current time in

18

18

microseconds.

19

19

</para>

20

+

&caution.cryptographically-insecure;

20

21

<warning>

21

-

<para>

22

-

This function does not create random nor unpredictable strings.

23

-

<emphasis>This function must not be used for security purposes.</emphasis>

24

-

Use a cryptographically secure random function/generator and

25

-

cryptographically secure hash functions to create unpredictable

26

-

secure IDs.

27

-

</para>

22

+

<para>

23

+

This function does not guarantee uniqueness of return

24

+

value. Since most systems adjust system clock by NTP or like,

25

+

system time is changed constantly. Therefore, it is possible that

26

+

this function does not return unique ID for the

27

+

process/thread. Use <parameter>more_entropy</parameter> to

28

+

increase likelihood of uniqueness.

29

+

</para>

28

30

</warning>

29

31

</refsect1>

30

32

...

...

@@ -65,8 +67,14 @@

65

67

<refsect1 role="returnvalues">

66

68

&reftitle.returnvalues;

67

69

<para>

68

-

Returns the unique identifier, as a string.

70

+

Returns timestamp based unique identifier as a string.

69

71

</para>

72

+

<warning>

73

+

<para>

74

+

This function tries to create unique identifier, but it does not

75

+

guarantee 100% uniqueness of return value.

76

+

</para>

77

+

</warning>

70

78

</refsect1>

71

79

72

80

<refsect1 role="examples">

...

...

@@ -102,15 +110,6 @@ printf("uniqid('', true): %s\r\n", uniqid('', true));

102

110

103

111

<refsect1 role="notes">

104

112

&reftitle.notes;

105

-

<caution>

106

-

<para>

107

-

This function does not generate cryptographically secure tokens,

108

-

in fact without being passed any additional parameters the return

109

-

value is little different from <function>microtime</function>. If

110

-

you need to generate cryptographically secure tokens use

111

-

<function>openssl_random_pseudo_bytes</function>.

112

-

</para>

113

-

</caution>

114

113

<note>

115

114

<para>

116

115

Under Cygwin, the <parameter>more_entropy</parameter> must be set

...

...

@@ -119,7 +118,12 @@ printf("uniqid('', true): %s\r\n", uniqid('', true));

119

118

</note>

120

119

121

120

</refsect1>

122

-

121

+

<refsect1 role="seealso">

122

+

&reftitle.seealso;

123

+

<simplelist>

124

+

<member><function>random_bytes</function></member>

125

+

</simplelist>

126

+

</refsect1>

123

127

</refentry>

124

128

125

129

<!-- Keep this comment at the end of the file

126

130