Be careful when setting the 'strong' parameter to true.
If you system doesn't have enough entropy your script will block which can cause timeouts in other parts of your code.
In my case, the most serious symptom was my script blocking when trying to read from /dev/random and causing a 'MySQL has gone away' error.
Hopefully this saves someone the trouble when deciding to use /dev/random entropy
OAuthProvider::generateToken
(PECL OAuth >= 1.0.0)
OAuthProvider::generateToken — Generate a random token
Опис
final public static string OAuthProvider::generateToken
( int
$size
[, bool $strong = false
] )Generates a string of pseudo-random bytes.
Параметри
-
size -
The desired token length, in terms of bytes.
-
strong -
Setting to
TRUEmeans /dev/random will be used for entropy, as otherwise the non-blocking /dev/urandom is used. This parameter is ignored on Windows.
Значення, що повертаються
The generated token, as a string of bytes.
Помилки/Винятки
If the strong parameter is TRUE, then an
E_WARNING level error will be emitted when the
fallback rand() implementation is used to fill
the remaining random bytes (e.g., when not enough random data was found,
initially).
Приклади
Приклад #1 OAuthProvider::generateToken() example
<?php
$p = new OAuthProvider();
$t = $p->generateToken(4);
echo strlen($t), PHP_EOL;
echo bin2hex($t), PHP_EOL;
?>
Наведений вище приклад виведе щось подібне до:
4 b6a82c27
Примітки
Зауваження:
When not enough random data is available to the system, this function will fill the remaining random bytes using the internal PHP rand() implementation.
Прогляньте Також
- openssl_random_pseudo_bytes() - Generate a pseudo-random string of bytes
- mcrypt_create_iv() - Creates an initialization vector (IV) from a random source
add a note
User Contributed Notes 1 note
carlosouza at me dot com ¶
12 years ago
