PHP Functions That Generate Random Numbers
There are many uses for random number generation in PHP - from greeting web site visitors with different messages each time they visit, to providing an authenticated PIN for your users, or even to encrypt sensitive information with a randomly generated encryption key. Using appropriate random number generators is paramount to ensure that a malicious actor cannot determine the random value generated. PHP provides several ways to generate random values, including rand, mt_rand, random_int, and random_bytes. There is also the openssl_random_pseudo_bytes function from the OpenSSL extension for cryptographically secure values.
mt_srand is a seeding function that initializes the Mersenne Twister random number generator used by the other random functions. It is used only once per script and must be called before any calls to mt_rand(). The higher the randomness of the initial seed passed to mt_srand(), the better the quality of the random numbers produced by mt_rand().
The prefix "mt" in mt_srand stands for Mersenne Twister, which is a very fast random number generator that works up to four times faster than the libc rand() function. This makes mt_rand() a suitable drop-in replacement for older rand() implementations.
Note that mt_rand() does not produce cryptographically secure random numbers, so it is not a good replacement for random_int() or random_bytes() in applications requiring security. The new random_engine_secure engine in the