drupal_random_bytes
Definition
drupal_random_bytes($count)
drupal/includes/common.inc, line 2831
Description
Returns a string of highly randomized bytes (over the full 8-bit range).
This function is better than simply calling mt_rand() or any other built-in PHP function because it can return a long string of bytes (compared to < 4 bytes normally from mt_rand()) and uses the best available pseudo-random source.
Parameters
$count The number of characters (bytes) to return in the string.
Code
function drupal_random_bytes($count) {
static $random_state;
// We initialize with the somewhat random PHP process ID on the first call.
if (empty($random_state)) {
$random_state = getmypid();
}
$output = '';
// /dev/urandom is available on many *nix systems and is considered the best
// commonly available pseudo-random source.
if ($fh = @fopen('/dev/urandom', 'rb')) {
$output = fread($fh, $count);
fclose($fh);
}
// If /dev/urandom is not available or returns no bytes, this loop will
// generate a good set of pseudo-random bytes on any system.
// Note that it may be important that our $random_state is passed
// through md5() prior to being rolled into $output, that the two md5()
// invocations are different, and that the extra input into the first one -
// the microtime() - is prepended rather than appended. This is to avoid
// directly leaking $random_state via the $output stream, which could
// allow for trivial prediction of further "random" numbers.
while (strlen($output) < $count) {
$random_state = md5(microtime() . mt_rand() . $random_state);
$output .= md5(mt_rand() . $random_state, TRUE);
}
return substr($output, 0, $count);
}