我试图在php中生成一个随机密码。
但是我得到的都是'a'返回类型是数组类型,我希望它是字符串。对如何修改代码有什么想法吗?
谢谢。
function randomPassword() {
$alphabet = "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ0123456789";
for ($i = 0; $i < 8; $i++) {
$n = rand(0, count($alphabet)-1);
$pass[$i] = $alphabet[$n];
}
return $pass;
}
function password_generate($n, $l, $s)
{
$numbers = '1234567890';
$letters = '1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcefghijklmnopqrstuvwxyz';
$special = '--!=!@@#++%';
return substr(str_shuffle($numbers), 0, $n).substr(str_shuffle($letters), 0, $l).substr(str_shuffle($special), 0, $s);
}
echo password_generate(2,9,1);
试着用大写字母,小写字母,数字和特殊字符
function generatePassword($_len) {
$_alphaSmall = 'abcdefghijklmnopqrstuvwxyz'; // small letters
$_alphaCaps = strtoupper($_alphaSmall); // CAPITAL LETTERS
$_numerics = '1234567890'; // numerics
$_specialChars = '`~!@#$%^&*()-_=+]}[{;:,<.>/?\'"\|'; // Special Characters
$_container = $_alphaSmall.$_alphaCaps.$_numerics.$_specialChars; // Contains all characters
$password = ''; // will contain the desired pass
for($i = 0; $i < $_len; $i++) { // Loop till the length mentioned
$_rand = rand(0, strlen($_container) - 1); // Get Randomized Length
$password .= substr($_container, $_rand, 1); // returns part of the string [ high tensile strength ;) ]
}
return $password; // Returns the generated Pass
}
假设我们需要10位Pass
echo generatePassword(10);
示例输出:
IZCQ_IV \ 7
@wlqsfhT (d
是1!8 + 1 \ 4 @ud
该函数将根据参数中的规则生成密码
function random_password( $length = 8, $characters = true, $numbers = true, $case_sensitive = true, $hash = true ) {
$password = '';
if($characters)
{
$charLength = $length;
if($numbers) $charLength-=2;
if($case_sensitive) $charLength-=2;
if($hash) $charLength-=2;
$chars = "abcdefghijklmnopqrstuvwxyz";
$password.= substr( str_shuffle( $chars ), 0, $charLength );
}
if($numbers)
{
$numbersLength = $length;
if($characters) $numbersLength-=2;
if($case_sensitive) $numbersLength-=2;
if($hash) $numbersLength-=2;
$chars = "0123456789";
$password.= substr( str_shuffle( $chars ), 0, $numbersLength );
}
if($case_sensitive)
{
$UpperCaseLength = $length;
if($characters) $UpperCaseLength-=2;
if($numbers) $UpperCaseLength-=2;
if($hash) $UpperCaseLength-=2;
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
$password.= substr( str_shuffle( $chars ), 0, $UpperCaseLength );
}
if($hash)
{
$hashLength = $length;
if($characters) $hashLength-=2;
if($numbers) $hashLength-=2;
if($case_sensitive) $hashLength-=2;
$chars = "!@#$%^&*()_-=+;:,.?";
$password.= substr( str_shuffle( $chars ), 0, $hashLength );
}
$password = str_shuffle( $password );
return $password;
}
Base_convert (uniqid('pass', true), 10,36);
我。e0m6ngefmj4
EDIT
正如我在评论中提到的,长度意味着暴力攻击比定时攻击更有效,所以不必担心“随机生成器有多安全”。安全性,特别是对于这个用例,需要补充可用性,所以上面的解决方案对于所需的问题已经足够好了。
然而,以防你在搜索安全的随机字符串生成器时偶然发现了这个答案(我假设有些人已经基于响应),对于生成令牌之类的东西,以下是此类代码的生成器的样子:
function base64urlEncode($data) {
return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}
function secureId($length = 32) {
if (function_exists('openssl_random_pseudo_bytes')) {
$bytes = openssl_random_pseudo_bytes($length);
return rtrim(strtr(base64_encode($bytes), '+/', '0a'), '=');
}
else { // fallback to system bytes
error_log("Missing support for openssl_random_pseudo_bytes");
$pr_bits = '';
$fp = @fopen('/dev/urandom', 'rb');
if ($fp !== false) {
$pr_bits .= @fread($fp, $length);
@fclose($fp);
}
if (strlen($pr_bits) < $length) {
error_log('unable to read /dev/urandom');
throw new \Exception('unable to read /dev/urandom');
}
return base64urlEncode($pr_bits);
}
}