I´m using this package in a lot of Flow projects. One of these projects has a lot to do with accepting files and uploading them to S3. Every file belongs to an user.
In the past we had the problem that uploaded files were associated to the wrong user. After investigating I found this line in S3Storage::importResource():
I found out that uniqid is not guaranteed to be unique, because it is based on the current time in microseconds (https://www.php.net/uniqid).
Gets a prefixed unique identifier based on the current time in microseconds.
It looks like we had exactly this problem. So receiving two files at the same time and the wrong file goes to the wrong user.
Maybe it would be good idea to set more_entropy Attribute of uniqid to TRUE.
will add additional entropy (using the combined linear congruential generator) at the end of the return value, which increases the likelihood that the result will be unique.
On top we extended it with an uuid4 string, just to be 100% sure :)
Hi,
I´m using this package in a lot of Flow projects. One of these projects has a lot to do with accepting files and uploading them to S3. Every file belongs to an user.
In the past we had the problem that uploaded files were associated to the wrong user. After investigating I found this line in S3Storage::importResource():
I found out that
uniqidis not guaranteed to be unique, because it is based on the current time in microseconds (https://www.php.net/uniqid).It looks like we had exactly this problem. So receiving two files at the same time and the wrong file goes to the wrong user.
Maybe it would be good idea to set
more_entropyAttribute ofuniqidtoTRUE.On top we extended it with an uuid4 string, just to be 100% sure :)
Or maybe you have a better idea to make the generated id to be guaranteed unique.
I also found this stackoverflow discuss: https://stackoverflow.com/questions/29974146/multiple-uniqid-calls-not-being-unique. Maybe it helps.
Cheers from Frankfurt, Soeren