Articles on websites & etc.

§ Home > Index > Web Development

PHP Generate Unique Identifier Safe for URL and File Name

This code below shows how to generate a unique identifier that is safe for URLs and file names.

echo strtr(base64_encode(openssl_random_pseudo_bytes(16)), "+/=", "XXX");

Example Output:


First, the code uses openssl_random_pseudo_bytes to get cryptographically random data. We get 16 bytes of data for 128 bits of entrophy. It would be fairly hard for anyone to guess such a value.

Second, we encode the data using base64_encode. Normally, base64_encode converts the binary data to the characters from a-z, A-Z, 0-9, '+', '/', and '='. The three symbols there can cause problems in URLs and file names.

Since we are generating a unique identifier, we do not care about decoding the value. Therefore, the symbol characters '+', '/', and '=' can simply be translated to 'X's using strtr. We lose a little bit of entrophy by doing this, but it will not be much in most cases.

The result is an alphanumeric string containing a-z, A-Z, and 0-9 only. This will be safe to use in a file name, to be passed in a URL, embedded in HTML, saved in form data, etc. It can be used as a prefix or suffix without worrying about issues surrounding symbols and special characters.

Have you heard of the new, free Automated Feeds offered by Google Merchant Center? Learn more in Aten Software's latest blog post comparing them to traditional data feed files.
Created 2013-03-22, Last Modified 2016-12-01, © Shailesh N. Humbad
Disclaimer: This content is provided as-is. The information may be incorrect.