random_int

(PHP 7, PHP 8)

random_int — Get a cryptographically secure, uniformly selected integer

Beschreibung

random_int(int $min, int $max): int

Generates a uniformly selected integer between the given minimum and maximum.

The randomness generated by this function is suitable for all applications, including the generation of long-term secrets, such as encryption keys.

Die Zufallsquellen in der Reihenfolge ihrer Priorität sind folgende:

Linux: » getrandom(), /dev/urandom
FreeBSD >= 12 (PHP >= 7.3): » getrandom(), /dev/urandom
Windows (PHP >= 7.2): » CNG-API

Windows: » CryptGenRandom
macOS (PHP >= 8.2; >= 8.1.9; >= 8.0.22 wenn CCRandomGenerateBytes bei der Kompilierung verfügbar ist): CCRandomGenerateBytes()

macOS (PHP >= 8.1; >= 8.0.2): arc4random_buf(), /dev/urandom
NetBSD >= 7 (PHP >= 7.1; >= 7.0.1): arc4random_buf(), /dev/urandom
OpenBSD >= 5.5 (PHP >= 7.1; >= 7.0.1): arc4random_buf(), /dev/urandom
DragonflyBSD (PHP >= 8.1): » getrandom(), /dev/urandom
Solaris (PHP >= 8.1): » getrandom(), /dev/urandom
Jede beliebige Kombination von Betriebssystem und PHP-Version, die oben nicht erwähnt wurde: /dev/urandom
Wenn keine der Quellen verfügbar ist oder keine davon Zufälligkeit erzeugen kann, wird eine Random\RandomException ausgelöst.

Hinweis: Obwohl diese Funktion erst mit PHP 7.0.0 in PHP hinzugefügt wurde, gibt es » Userland-Implementierungen für PHP 5.2 bis einschließlich 5.6.

Parameter-Liste

min: The lowest value to be returned.
max: The highest value to be returned.

Rückgabewerte

A cryptographically secure, uniformly selected integer from the closed interval [min, max]. Both min and max are possible return values.

Fehler/Exceptions

Wenn keine angemessene Quelle für Zufallszahlen verfügbar ist, wird eine Random\RandomException geworfen.
If max is less than min, a ValueError will be thrown.

Changelog

Version	Beschreibung
8.2.0	In case of a CSPRNG failure, this function will now throw a Random\RandomException. Previously a plain Exception was thrown.

Beispiele

Beispiel #1 random_int() example

<?php
var_dump(random_int(100, 999));
var_dump(random_int(-1000, 0));
?>

Das oben gezeigte Beispiel erzeugt eine ähnliche Ausgabe wie:

int(248)
int(-898)

Siehe auch

Random\Randomizer::getInt() - Get a uniformly selected integer
random_bytes() - Get cryptographically secure random bytes

Found A Problem?

Learn How To Improve This Page • Submit a Pull Request • Report a Bug

＋add a note

User Contributed Notes 4 notes

down

s rotondo90 at gmail com ¶

9 years ago

Here is a simple backporting function, it works for PHP >= 5.1<?phpif (!function_exists('random_int')) {    function random_int($min, $max) {        if (!function_exists('mcrypt_create_iv')) {            trigger_error(                'mcrypt must be loaded for random_int to work',                 E_USER_WARNING            );            return null;        }                if (!is_int($min) || !is_int($max)) {            trigger_error('$min and $max must be integer values', E_USER_NOTICE);            $min = (int)$min;            $max = (int)$max;        }                if ($min > $max) {            trigger_error('$max can\'t be lesser than $min', E_USER_WARNING);            return null;        }                $range = $counter = $max - $min;        $bits = 1;                while ($counter >>= 1) {            ++$bits;        }                $bytes = (int)max(ceil($bits/8), 1);        $bitmask = pow(2, $bits) - 1;         if ($bitmask >= PHP_INT_MAX) {            $bitmask = PHP_INT_MAX;        }         do {            $result = hexdec(                bin2hex(                    mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)                )            ) & $bitmask;        } while ($result > $range);         return $result + $min;    }}?>Randomness test<?php$max = 100; // number of random values$test = 1000000;$array = array_fill(0, $max, 0);for ($i = 0; $i < $test; ++$i) {    ++$array[random_int(0, $max-1)];}function arrayFormatResult(&$item) {    global $test, $max; // try to avoid this nowdays ;)        $perc = ($item/($test/$max))-1;    $item .= ' '. number_format($perc, 4, '.', '') .'%';}array_walk($array, 'arrayFormatResult');print_r($array);?>

down

bens at effortlessis dot com ¶

4 years ago

On my system (5th gen i7) random_int() takes about 14x longer to do the same number of calculations than rand(). for ($i=0; $i<10000000; $i++)        $x = rand(1, PHP_INT_MAX);Takes 0.86 seconds for rand(), 12.29 seconds for random_int(). So use random_int() somewhat sparingly. If it's not really important to be truly random, use rand() instead, especially in a tight loop.

down

Hayley Watson ¶

1 year ago

A small function for generating version 4 GUIDs.<?phpfunction v4uuid(){    $a = str_pad(dechex(random_int(0x0000_0000, 0xffff_ffff)), '0', STR_PAD_LEFT);    $b = str_pad(dechex(random_int(0x0000, 0xffff)), '0', STR_PAD_LEFT);    $c = dechex(random_int(0x4000, 0x4fff));    $d = dechex(random_int(0x8000, 0xbfff));    $e = str_pad(dechex(random_int(0x0000_0000_0000, 0xffff_ffff_ffff)), '0', STR_PAD_LEFT);    return "$a-$b-$c-$d-$e";}?>

down

ccb_bc at hotmail dot com ¶

6 years ago

<?php     // PHP >= 7    function str_rand(int $length = 16){        $x = '';        for($i = 1; $i <= $length; $i++){            $x .= dechex(random_int(0,255));        }        return substr($x, 0, $length);    }    var_dump(str_rand());?>

＋add a note