Open ghost opened 4 years ago
PHP's uniqid(), which uses system microseconds, recommends adding the "more_entropy" param for uniqueness: https://www.php.net/manual/en/function.uniqid.php
uniqid()
vue-session is 1000x more likely to produce collisions, due to using just milliseconds:
all['session-id'] = 'sess:'+Date.now();
A UUID V1 or V4 would be somewhat safer: https://github.com/uuidjs/uuid
import { v4 as uuidv4 } from 'uuid'; // ... all['session-id'] = 'sess:'+uuidv4(); // ⇨ 'sess:9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'
PHP's
uniqid(), which uses system microseconds, recommends adding the "more_entropy" param for uniqueness: https://www.php.net/manual/en/function.uniqid.phpvue-session is 1000x more likely to produce collisions, due to using just milliseconds:
A UUID V1 or V4 would be somewhat safer: https://github.com/uuidjs/uuid