I need to generate a single-use token in PHP. There are two functions available that I can use for this that seem to do the same thing: random_bytes and openssl_random_pseudo_bytes. For example, using random_bytes:
var_dump(bin2hex(random_bytes(12)));
--> string(24) "338f489ec37a2c2b4943905d"
and using openssl_random_pseudo_bytes:
var_dump(bin2hex(openssl_random_pseudo_bytes(12)));
--> string(24) "1c7febea20029bd524fba8e7"
openssl_random_pseudo_bytes is PHP 5.3 and up (so I assume it's been around longer), and random_bytes is PHP 7. I'm using PHP 7 so I can use either.
So is there any major (or minor for that matter) difference between the two? If not, I'm tempted to go with random_bytes simply because it has an easier name ( = code that's easier to read).
Aucun commentaire:
Enregistrer un commentaire