matthewbonline — 2011-09-05T07:04:32-04:00 — #1
I am looking into some code that was done for our basket by someone else. I intend to use similar code myself in the new web site I am writing. it is pasted below.
I realise this bit of code generates the customer transaction code. But what makes it random and unique? Why has the web designer used rand twice? Surely once would be fine!? And also how does this code always remember the codes used previously? The current site does not use MySQL. It just uses PHP in the basket but I can see no way it ensures it is unique. We have not encountered a problem with uniqueness of customer transaction numbers, so how does it make sure of this --- is it just lucky --- is there more than can be done --- particularly as the new site does use MySQL.
$VendorTxCode = "AGPS".(rand(0,32000)*rand(0,32000));
system — 2011-09-05T22:13:45-04:00 — #2
so you can use that or an auto increment counter - whichever suits best.
pittendrigh — 2011-09-05T21:47:08-04:00 — #3
Date time stamps don't repeat. Not unless.....deja vu all over again.
system — 2011-09-05T20:27:29-04:00 — #4
Exactly, so you can see straight away that the random number will not be unique especially as you approach the finite set of possibilities.
To generate a unique transaction code you need an auto incrementing counter of some sort - either in a database or some other kind of stored counter.
pittendrigh — 2011-09-05T09:52:06-04:00 — #5
matthewbonline — 2011-09-05T09:18:45-04:00 — #6
it says nothing about uniqueness. in theory it could choose 876543 today and also 876543 in a years time too!! is this right?
system — 2011-09-05T07:08:45-04:00 — #7
Read through what rand() does and your questions should then be answered.
michael_morris1 — 2011-09-05T11:22:28-04:00 — #8
This is strongly not recommended. Use an auto increment primary key on the database table that stores the transactions. With 32 bit integers even if your system takes a transaction every second you won't run out of id's for 60 years, and I imagine by that time you can rewrite to 64 bit integers and then see you in a few million years.
Random transaction ids will, eventually, lead to a collision. Even if you use a hash function like md5 to create the string eventually you are going to get two data streams that create the same hash. When that happens your system will crash and it will be a royal pain in the a** to figure out why. The odds are extremely low, but they aren't non-zero and never underestimate Murphy's Law.
In short, don't do it.