On 02/24/2015 07:41 PM, Yasuo Ohgaki wrote:
Hi Padraic,
On Wed, Feb 25, 2015 at 7:54 AM, Pádraic Brady <padraic.br...@gmail.com>
wrote:
On 24 February 2015 at 22:08, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
Random bytes is better. People would use it for IV or like with the
size of IV. If we use string, users loose effective bits.
Suggestion was for an additional function, so random_bytes() would
still be there ;).
random_string() sounds good to me, too!
It can be used system generated passwords, etc.
I can see the use for random_string(), but what about character sets?
Does it only generate random characters within ASCCI / low-UTF-8?
Wouldn't someone in Novsibirsk want it to generate a random Cyrillic string?
That said, I am +1 on the original proposal. It's in the similar vein
as password_hash(): If users have to think, they'll screw up. Don't make
them think.
--Larry Garfield
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
