To reiterate the message about *not* using mt_rand() for anything security related, here's a new tool that has been just posted that recovers the seed value given a single mt_rand() output:
http://www.openwall.com/php_mt_seed/README
mt_rand
(PHP 4, PHP 5, PHP 7)
mt_rand — Generate a random value via the Mersenne Twister Random Number Generator
Descrierea
mt_rand
(
) : int
mt_rand
( int
$min
, int $max
) : intPrecauţie
Această funcție nu generează valori securizate din punct de vedere criptografic și deci nu trebuie utilizată pentru scopuri criptografice. Dacă aveți nevoie de o valoare securizată din punct de vedere criptografic considerați utilizarea random_int(), random_bytes() sau openssl_random_pseudo_bytes() în schimb.
Many random number generators of older libcs have dubious or unknown characteristics and are slow. The mt_rand() function is a drop-in replacement for the older rand(). It uses a random number generator with known characteristics using the » Mersenne Twister, which will produce random numbers four times faster than what the average libc rand() provides.
If called without the optional min,
max arguments mt_rand()
returns a pseudo-random value between 0 and
mt_getrandmax(). If you want a random number
between 5 and 15 (inclusive), for example, use mt_rand(5,
15).
Parametri
-
min -
Optional lowest value to be returned (default: 0)
-
max -
Optional highest value to be returned (default: mt_getrandmax())
Valorile întoarse
A random integer value between min (or 0)
and max (or mt_getrandmax(), inclusive),
or false if max is less than min.
Istoricul schimbărilor
| Versiune | Descriere |
|---|---|
| 7.2.0 | mt_rand() has received a bug fix for a modulo bias bug. This means that sequences generated with a specific seed may differ from PHP 7.1 on 64-bit machines. |
| 7.1.0 | rand() has been made an alias of mt_rand(). |
| 7.1.0 |
mt_rand() has been updated to use the fixed, correct, version of
the Mersenne Twister algorithm. To fall back to the old behaviour, use mt_srand() with MT_RAND_PHP as the second parameter.
|
Exemple
Example #1 mt_rand() example
<?php
echo mt_rand() . "\n";
echo mt_rand() . "\n";
echo mt_rand(5, 15);
?>
Exemplul de mai sus va afișa ceva similar cu:
1604716014 1478613278 6
Note
Avertizare
min max range must
be within the range mt_getrandmax(). i.e. (max -
min) <= mt_getrandmax()
Otherwise, mt_rand() may return poorer random numbers
than it should.
A se vedea și
- mt_srand() - Seeds the Mersenne Twister Random Number Generator
- mt_getrandmax() - Show largest possible random value
- random_int() - Generates cryptographically secure pseudo-random integers
- random_bytes() - Generates cryptographically secure pseudo-random bytes
- openssl_random_pseudo_bytes() - Generate a pseudo-random string of bytes
- rand() - Generate a random integer
add a note
User Contributed Notes 3 notes
Pawe Krawczyk ¶
10 years ago
greald at ghvernuft dot nl ¶
1 year ago
To see some systematic deviations from a universal distribution run:
<?php
$alfabet = str_split('ADHKLMNPSTUWX');
$countalfabet = count($alfabet)-1;
$code = array_fill_keys($alfabet, 0);
for ($L=0; $L<80*$countalfabet; $L++)
{
$lettr = floor(mt_rand ( 0, $countalfabet ));
$code[$alfabet[$lettr]]++;
}
foreach($code as $L => $Freq)
{
for($F=0; $F<$Freq; $F++)
{
echo $L;
}
echo "\n<br/>";
}
?>
Anonymous ¶
5 years ago
The seed is the PID + LCG (https://github.com/php/php-src/search?q=GENERATE_SEED&unscoped_q=GENERATE_SEED)
