You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
method returns a random string composed of the number of characters passed as
23
-
an argument (10 in the above example).
24
-
25
-
The SecureRandom class works better when OpenSSL is installed. But when it's
26
-
not available, it falls back to an internal algorithm, which needs a seed file
27
-
to work correctly. Just pass a file name to enable it::
28
-
29
-
use Symfony\Component\Security\Core\Util\SecureRandom;
30
-
31
-
$generator = new SecureRandom('/some/path/to/store/the/seed.txt');
20
+
.. note::
32
21
33
-
$random = $generator->nextBytes(10);
34
-
$hashedRandom = md5($random); // see tip below
22
+
PHP 7 and up provide the ``random_bytes()`` function natively, for older
23
+
versions of PHP a polyfill is provided by the `Symfony Polyfill Component`_
24
+
and the `paragonie/random_compat package`_.
35
25
36
-
.. note::
26
+
.. versionadded:: 2.8
37
27
38
-
If you're using the Symfony Framework, you can get a secure random number
39
-
generator via the ``security.secure_random`` service.
28
+
The `paragonie/random_compat package`_ was added as a dependancy of the Symfony Security Component in 2.8. You will need to manually require the package as a dependancy of your project in versions of Symfony prior to 2.8.
40
29
41
30
.. tip::
42
31
43
-
The ``nextBytes()`` method returns a binary string which may contain the
32
+
The ``random_bytes()`` function returns a binary string which may contain the
44
33
``\0`` character. This can cause trouble in several common scenarios, such
45
34
as storing this value in a database or including it as part of the URL. The
46
-
solution is to hash the value returned by ``nextBytes()`` (to do that, you
35
+
solution is to hash the value returned by ``random_bytes()`` (to do that, you
0 commit comments