Hi
On 8/14/23 17:57, Côme Chilliet wrote:
The RFC does not explain what benefits brings using tempnam($directory,
$prefix, $suffix) over using tempnam($directory, $prefix).$suffix , which you
can already use?
As per the documentation of tempnam:
Creates a file with a unique filename, with access permission set to 0600, in
the specified directory.
The function does not just generate a filename, but also creates the
file itself (with strict permissions) to "reserve" it and thus
*guarantees* that there won't be a conflict. Manually appending a suffix
does not have that property [1].
Best regards
Tim Düsterhus
[1] Though I'd like to note that using `$prefix .
bin2hex(random_bytes(16)) . $suffix` as the filename will almost
certainly [2] give you a conflict-free filename and doesn't have
OS-specific behavior. That's why I personally don't bother with tempnam().
[2] Collision chance is less than 10^(-7) for 2^52 files.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
