I have a form for request registering by php and html. I found a code to make 11 character random string for tracking code and should not be duplicate.this code is in triggers for users table in mySql before inserting new row.but some friends say its not secure and an attacker can guess by many way.
whats best way to generate 11 characters random alphanumeric by php code in instead of trigger of MySQL?
And in your opinion is this code useful? How about this code? Does it prevent attackers from guessing?
$possible_letters = '23456789b2cd3fgh4j5k6mnp7qr8st9vwxyzABCDEGJKLMNOPQRSTVWXYZ23456789';
$characters_num = 11;
$code = '';
$i = 0;
while ($i < $characters_num) {
$code .= substr($possible_letters, mt_rand(0, strlen($possible_letters)-1), 1);
$i++;
}
echo $code;
Whats your suggestion?
Aucun commentaire:
Enregistrer un commentaire