mt_srand - PHP code example

PHP Functions That Generate Random Numbers

There are many uses for random number generation in PHP - from greeting web site visitors with different messages each time they visit, to providing an authenticated PIN for your users, or even to encrypt sensitive information with a randomly generated encryption key. Using appropriate random number generators is paramount to ensure that a malicious actor cannot determine the random value generated. PHP provides several ways to generate random values, including rand, mt_rand, random_int, and random_bytes. There is also the openssl_random_pseudo_bytes function from the OpenSSL extension for cryptographically secure values.

mt_srand is a seeding function that initializes the Mersenne Twister random number generator used by the other random functions. It is used only once per script and must be called before any calls to mt_rand(). The higher the randomness of the initial seed passed to mt_srand(), the better the quality of the random numbers produced by mt_rand().

The prefix "mt" in mt_srand stands for Mersenne Twister, which is a very fast random number generator that works up to four times faster than the libc rand() function. This makes mt_rand() a suitable drop-in replacement for older rand() implementations.

Note that mt_rand() does not produce cryptographically secure random numbers, so it is not a good replacement for random_int() or random_bytes() in applications requiring security. The new random_engine_secure engine in the RandomRandomizer class is much more secure and should be used for these applications. It will fail with an Exception when it cannot produce enough entropy to meet the requirement, as opposed to opening up the system to attack by returning False like the old random_int() and random_bytes() function did.

mt_srand example

  public function testRandomWordValidator() {
    $random = new Random();
    // Without a seed, test a different word is returned each time.     $this->firstStringGenerated = $random->word(5);
    $next_str = $random->word(5);
    $this->assertNotEquals($this->firstStringGenerated, $next_str);

    // With a seed, test the same word is returned each time.     mt_srand(0);
    $this->firstStringGenerated = $random->word(5);
    mt_srand(0);
    $next_str = $random->word(5);
    $this->assertEquals($this->firstStringGenerated, $next_str);
  }

  /** * Callback for random string validation. * * @see \Drupal\Component\Utility\Random::name() * @see \Drupal\Tests\Component\Utility\RandomTest::testRandomStringValidator() * * @param string $string * The random string to validate. * * @return bool * TRUE if the random string is valid, FALSE if not. */

use PHPUnit\Framework\TestCase;
use Symfony\Component\Translation\IdentityTranslator;
use Symfony\Component\Translation\PseudoLocalizationTranslator;

final class PseudoLocalizationTranslatorTest extends TestCase
{
    /** * @dataProvider provideTrans */
    public function testTrans(string $expected, string $input, array $options = [])
    {
        mt_srand(987);
        $this->assertSame($expected, (new PseudoLocalizationTranslator(new IdentityTranslator(), $options))->trans($input));
    }

    public static function provideTrans(): array
    {
        return [
            ['[ƒöö⭐ ≤þ≥ƁÅŔ≤⁄þ≥]', 'foo⭐ <p>BAR</p>'], // Test defaults             ['before <div data-label="fcy"><a href="#" title="bar" data-content="ccc">foo</a></div> after', 'before <div data-label="fcy"><a href="#" title="bar" data-content="ccc">foo</a></div> after', self::getIsolatedOptions(['parse_html' => true])],
            ['ƀéƒöŕé <div data-label="fcyéé"><a href="#" title="bar" data-content="ccc">ƒöö éé</a></div> åƒţéŕ', 'before <div data-label="fcyéé"><a href="#" title="bar" data-content="ccc">foo éé</a></div> after', self::getIsolatedOptions(['parse_html' => true, 'accents' => true])],
            ['ƀéƒöŕé <div data-label="ƒçý"><a href="#" title="ƀåŕ" data-content="ccc">ƒöö</a></div> åƒţéŕ', 'before <div data-label="fcy"><a href="#" title="bar" data-content="ccc">foo</a></div> after', self::getIsolatedOptions(['parse_html' => true, 'localizable_html_attributes' => ['data-label', 'title'], 'accents' => true])],
            [' ¡″♯€‰⅋´{}⁎⁺،‐·⁄⓪①②③④⑤⑥⑦⑧⑨∶⁏≤≂≥¿՞ÅƁÇÐÉƑĜĤÎĴĶĻṀÑÖÞǪŔŠŢÛṼŴẊÝŽ⁅∖⁆˄‿‵åƀçðéƒĝĥîĵķļɱñöþǫŕšţûṽŵẋýž(¦)˞', ' !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~', self::getIsolatedOptions(['accents' => true])],
            [

$result = $processor->getEnv('csv', 'foo', function D$name) use ($value) {
            $this->assertSame('foo', $name);

            return $value;
        });

        $this->assertSame($processed, $result);
    }

    public function testGetEnvShuffle()
    {
        mt_srand(2);

        $this->assertSame(
            ['bar', 'foo'],
            (new EnvVarProcessor(new Container()))->getEnv('shuffle', '', fn () => ['foo', 'bar']),
        );
    }

    public function testGetEnvShuffleInvalid()
    {
        $this->expectException(RuntimeException::class);
        $this->expectExceptionMessage('Env var "foo" cannot be shuffled, expected array, got "string".');
        (

$end = strlen($string);
      }
    }
    return substr($string, 0, $end);
  }

  /** * SQLite compatibility implementation for the RAND() SQL function. */
  public static function sqlFunctionRand($seed = NULL) {
    if (isset($seed)) {
      mt_srand($seed);
    }
    return mt_rand() / mt_getrandmax();
  }

  /** * SQLite compatibility implementation for the REGEXP SQL operator. * * The REGEXP operator is natively known, but not implemented by default. * * @see http://www.sqlite.org/lang_expr.html#regexp */