When unique isn’t really unique

Sometimes, an auto-generated number isn’t enough and what you really need is a unique identifier. Several people have different techniques for generating their unique identifiers. My favorite has been generating a random number and then hashing it through the md5 hash generator. Here’s an example I was once using:

<?php $unique_identifier = md5(rand(100000, 999999)); ?>

The problem with this is that I have given an allowance for only 899,999 possible values. I didn’t realize my error until I started getting mysql integrity check errors for a unique column that stored that value.

I reverted to using a more elegant solution:

<?php $unique_identifier = md5(uniqid(rand(), true)); ?>

The uniqid statement generates a globally unique identifier with a rand() prefix and using much more entropy (true).

November 24, 2009

Posted in Programming, Web Development and tagged .

6 responses to When unique isn’t really unique

  1. @digitalcraft said:
    December 14, 2009

    Cool,
    and Funny I'm only coming across that function, uinqid, for the first time

    When I had to do unique in the past especially on ecommerce payment gateway's transaction reference (like interswitch) or user account activation process, I made use of the a combination of the time (UNIX TIME) and the user's IP to generate a dynamic unique number suffix which I then attached to another hard coded static unique number prefix…

    I figured that the unix time and the user's IP and the application static reference will always return a unique combination…crazy eh, but so far it works.

    I'll not claim is error proof as such I think the way to go (and lazy way at that) is uiqid, Thanks

    Reply
    • Tim said:
      December 17, 2009

      As long as your unique identifier generator produces values that have a nearly zero probability of collisions, it really doesn't matter how you go about it so I'm happy with whatever works. May be you could show us some code :)

      Looks like your first time here too. Welcome to my blog.

      Reply
  2. austin_web_developer said:
    December 17, 2009

    Any particular reason you didn't use a sha-1 hash?

    Reply
    • Tim said:
      December 18, 2009

      No particular reason actually. Except you intend to store a very large data set, MD5 should do just about well. SHA-1 on the other hand reduces the probability of a collision further but will take more storage space.

      Reply
  3. Ahmad Mukoshy said:
    February 8, 2010

    I've been using uniqid() for months now ;) #Lolz . I came across it on the php docs web site after hustling with my rand() md5 hash.

    Cool stuv… I like this.

    Reply
  4. Toyin said:
    August 20, 2010

    Brilliant…yeah I guess the world of software needs u to be a mini god and think of the inevitable which of course is sometimes (most times) not possible until u get the 'impossible' error message…more programming please…

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>