Generating (pseudo)random alpha-numeric strings

First make a string with all your possible characters:

 $characters = 'abcdefghijklmnopqrstuvwxyz0123456789';

You could also use range() to do this more quickly.

Then, in a loop, choose a random number and use it as the index to the $characters string to get a random character, and append it to your string:

 $string = '';
 $max = strlen($characters) - 1;
 for ($i = 0; $i < $random_string_length; $i++) {
      $string .= $characters[mt_rand(0, $max)];
 }

$random_string_length is the length of the random string.


I like this function for the job

function randomKey($length) {
    $pool = array_merge(range(0,9), range('a', 'z'),range('A', 'Z'));

    for($i=0; $i < $length; $i++) {
        $key .= $pool[mt_rand(0, count($pool) - 1)];
    }
    return $key;
}

echo randomKey(20);

Generate cryptographically strong, random (potentially) 8-character string using the openssl_random_pseudo_bytes function:

echo bin2hex(openssl_random_pseudo_bytes(4));

Procedural way:

function randomString(int $length): string
{
    return bin2hex(openssl_random_pseudo_bytes($length));
}

Update:

PHP7 introduced the random_x() functions which should be even better. If you come from PHP 5.X, use excellent paragonie/random_compat library which is a polyfill for random_bytes() and random_int() from PHP 7.

function randomString($length)
{
    return bin2hex(random_bytes($length));
}

Tags:

Php

Random