1

I've seen lots of examples of how to use uniqid() in PHP to create a unique string, but need to create a unique order number (integers only, no letters).

I liked the idea of uniqid() because from what I understand it uses date/time, so the chances of having another id created that is identical is nil.... (if I'm understanding the function correctly)

Improve this question

4 Answers 4

Reset to default
3

mt_rand should do the trick.

It generates a random number between its first paramater and its second paramater. For example, to generate a random number between 500 and 1000, you'd do:

$number = mt_rand(500,1000);

But if you're using it as an order number, you should just use an autoincrement column. Not only is that what it's there for, but what would you do in the event where the same number was generated more than once? Assuming you're using MySQL, you can read about autoincrement columns here.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

@Gumbo: True, but you can't generate a unique number only using PHP. I updated my answer to incorporate the database as well.
uniqid() does generate a unique number - it's just expressed in hex.
I am using an autoincrement column for the ID in our database, but the order number is a number the user enters to activate their account. I didn't want to use an incrementing number as it would be possible for someone else to guess upcoming order numbers (if they knew what the current order number was). I didn't want any letters because I want it to be easy for the user to re-enter without confusing letters/numbers.
uniqid() actually generates a random number - it just has such a large range (2^48) that it's unlikely that two generated ids will be the same. You could always, of course, call uniqid() and convert it from hex to an integer.
This sounds more like a design problem then. You're creating a false sense of security by using random order numbers. That isn't a good idea. You should implement real protection instead.
1

Use hexdec to convert the hex string to a number. http://us.php.net/manual/en/function.hexdec.php

hexdec(uniqid())
Improve this answer

1 Comment

That produces quite a large float, might I add.
0

uniqid() does what you're thinking it does.. but if you're plugging this value into a database, you're better off using an auto incrementing field for ids.. it really depends on what you're using the ids for.

Improve this answer

2 Comments

I'm using it to create a unique order number that a user enters to activate an account. Beyond that, it won't be used as an identifier in the database (I have a separate auto incrementing id for that). I just wanted to make sure if I assigned someone an order number, that no one else could receive the same number. Since the user has to type in the number to activate, I didn't want letters, just numbers.
Would their user_id not be sufficient? If you don't want anyone to know their number, you can always do an sha1(user_id)...
0

I personally use date('U') to generate a string based on the number of seconds since the UNIX EPOCH. If this isn't random enough (if you think you're going to have two orders being placed within the same exact second) simply add another layer with mt_rand(0,9):

$uniqid = date('U') . mt_rand(0,9);

This will, in almost all cases, give you an incremental ID except for the case of having orders created at exactly the same second, in which case the second order could precede the first.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.