First I'll talk about cryptographically secured numbers and later we will discuss about random numbers.

To generate cryptographically secured numbers, there are three functions in php.

**random_int(int,int)**

**random_bytes(length)**

**openssl_random_pseudo_bytes(int,bool)**

random_int() – It generates cryptographically secured random integers in the range min to max. This function was introduced in PHP7.

Syntax:

random_int(int $min,int $max)

It retuns a integer in the range provided as parameters. It returns an error if wrong parameters are given or required level randomness can not be generated. Random_bytes() – It generates a cryptographically secured random bytes. This function was also introduced in PHP7. It takes one parameter, length of the string that should be returned in bytes. We can use either of the function according to our needs.

Syntax:

random_bytes(int length)

It returns a string of length given as arguments. It returns error if wrong parameters are given or required level randomness can not be generated. The best thing about random_int is its API is the same as rand() and mt_rand() function. Hence we need not to convert bytes to an int in case if we want an int as our first choice.

If you are using an older verion of php then you should use

**openssl_random_pseudo_bytes(int,bool)**

Dont use functions like array_rand(), shuffle(), or str_shuffle(), it does not provide required level of security to the numbers generated.

**Generating random numbers in php**

So, lets talk about these functions.

**Note :**If you want to generate cyptographically secured numbers then you shoud see this article. How to generate cryptographicaly secured numbers.

Syntax :

rand(number1,number2)

where number1 and number2 is the lower and upper range you provide. Number generated will be in between these two values. Another function mt_rand() also performs the similar functions but with more uniquness in output and greater speed. mt_rand() functon uses the Mersenne Twister algorithm.

Syntax :

mt_rand(number1,number2)

Howevere parameters passsed to both the functions are optional. We can simply call the function without passing any arguments, in that case value generated will be of random
length. **mt_rand()**function produces a better random value and is 4 times faster than rand().

If you want a random integer between 10 and 100 (inclusive), use mt_rand (10,100).

If repetition of number is not allowed in your project, use

**mt_rand()**instead.

If you like this article, share the knowledge with your friends. It will inspire me to write more.

Published on Oct 13, 2020

Published on Oct 13, 2020