PHP 7.2.0 Beta 3 Released

random_int

(PHP 7)

random_intGenerates cryptographically secure pseudo-random integers

Description

int random_int ( int $min , int $max )

Generates cryptographic random integers that are suitable for use where unbiased results are critical, such as when shuffling a deck of cards for a poker game.

The sources of randomness used for this function are as follows:

  • On Windows, » CryptGenRandom() will always be used.
  • On Linux, the » getrandom(2) syscall will be used if available.
  • On other platforms, /dev/urandom will be used.
  • If none of the aforementioned sources are available, then an Exception will be thrown.

Note: Although this function was added to PHP in PHP 7.0, a » userland implementation is available for PHP 5.2 to 5.6, inclusive.

Parameters

min

The lowest value to be returned, which must be PHP_INT_MIN or higher.

max

The highest value to be returned, which must be less than or equal to PHP_INT_MAX.

Return Values

Returns a cryptographically secure random integer in the range min to max, inclusive.

Errors/Exceptions

  • If an appropriate source of randomness cannot be found, an Exception will be thrown.
  • If invalid parameters are given, a TypeError will be thrown.
  • If max is less than min, an Error will be thrown.

Examples

Example #1 random_int() example

<?php
var_dump
(random_int(100999));
var_dump(random_int(-10000));
?>

The above example will output something similar to:

int(248)
int(-898)

See Also

  • random_bytes() - Generates cryptographically secure pseudo-random bytes
add a note add a note

User Contributed Notes 2 notes

up
8
s rotondo90 at gmail com
1 year ago
Here is a simple backporting function, it works for PHP >= 5.1

<?php
if (!function_exists('random_int')) {
    function
random_int($min, $max) {
        if (!
function_exists('mcrypt_create_iv')) {
           
trigger_error(
               
'mcrypt must be loaded for random_int to work',
               
E_USER_WARNING
           
);
            return
null;
        }
       
        if (!
is_int($min) || !is_int($max)) {
           
trigger_error('$min and $max must be integer values', E_USER_NOTICE);
           
$min = (int)$min;
           
$max = (int)$max;
        }
       
        if (
$min > $max) {
           
trigger_error('$max can\'t be lesser than $min', E_USER_WARNING);
            return
null;
        }
       
       
$range = $counter = $max - $min;
       
$bits = 1;
       
        while (
$counter >>= 1) {
            ++
$bits;
        }
       
       
$bytes = (int)max(ceil($bits/8), 1);
       
$bitmask = pow(2, $bits) - 1;

        if (
$bitmask >= PHP_INT_MAX) {
           
$bitmask = PHP_INT_MAX;
        }

        do {
           
$result = hexdec(
               
bin2hex(
                   
mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
                )
            ) &
$bitmask;
        } while (
$result > $range);

        return
$result + $min;
    }
}
?>

Randomness test

<?php
$max
= 100; // number of random values
$test = 1000000;

$array = array_fill(0, $max, 0);

for (
$i = 0; $i < $test; ++$i) {
    ++
$array[random_int(0, $max-1)];
}

function
arrayFormatResult(&$item) {
    global
$test, $max; // try to avoid this nowdays ;)
   
   
$perc = ($item/($test/$max))-1;
   
$item .= ' '. number_format($perc, 4, '.', '') .'%';
}

array_walk($array, 'arrayFormatResult');

print_r($array);
?>
up
-4
info at raymondrodgers dot com
1 year ago
This function is based on Andrew Moore's UUID generation function on the uniqid function; it has been updated to use random_int() on PHP 7.0 or later yet continue to function with earlier versions using mt_rand().

function generateUUIDv4()
{
    if(version_compare(PHP_VERSION,'7.0.0', '<') )
    {
        return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
       
        // 32 bits for "time_low"
        mt_rand(0, 0xffff), mt_rand(0, 0xffff),
       
        // 16 bits for "time_mid"
        mt_rand(0, 0xffff),
       
        // 16 bits for "time_hi_and_version",
        // four most significant bits holds version number 4
        mt_rand(0, 0x0fff) | 0x4000,
       
        // 16 bits, 8 bits for "clk_seq_hi_res",
        // 8 bits for "clk_seq_low",
        // two most significant bits holds zero and one for variant DCE1.1
        mt_rand(0, 0x3fff) | 0x8000,
       
        // 48 bits for "node"
        mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
        );
    }
    else
    {
        return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
       
        // 32 bits for "time_low"
        random_int(0, 0xffff), random_int(0, 0xffff),
       
        // 16 bits for "time_mid"
        random_int(0, 0xffff),
       
        // 16 bits for "time_hi_and_version",
        // four most significant bits holds version number 4
        random_int(0, 0x0fff) | 0x4000,
       
        // 16 bits, 8 bits for "clk_seq_hi_res",
        // 8 bits for "clk_seq_low",
        // two most significant bits holds zero and one for variant DCE1.1
        random_int(0, 0x3fff) | 0x8000,
       
        // 48 bits for "node"
        random_int(0, 0xffff), random_int(0, 0xffff), random_int(0, 0xffff)
        );
    }
}
To Top