Generating (pseudo)random alpha-numeric strings

First make a string with all your possible characters:

 $characters = 'abcdefghijklmnopqrstuvwxyz0123456789';

You could also use range() to do this more quickly.

Then, in a loop, choose a random number and use it as the index to the $characters string to get a random character, and append it to your string:

 $string = ''; $max = strlen($characters) - 1; for ($i = 0; $i < $random_string_length; $i++) {      $string .= $characters[mt_rand(0, $max)]; }

$random_string_length is the length of the random string.

I like this function for the job

function randomKey($length) {    $pool = array_merge(range(0,9), range('a', 'z'),range('A', 'Z'));    for($i=0; $i < $length; $i++) {        $key .= $pool[mt_rand(0, count($pool) - 1)];    }    return $key;}echo randomKey(20);

Generate cryptographically strong, random (potentially) 8-character string using the openssl_random_pseudo_bytes function:

echo bin2hex(openssl_random_pseudo_bytes(4));

Procedural way:

function randomString(int $length): string{    return bin2hex(openssl_random_pseudo_bytes($length));}

Update:

PHP7 introduced the random_x() functions which should be even better. If you come from PHP 5.X, use excellent paragonie/random_compat library which is a polyfill for random_bytes() and random_int() from PHP 7.

function randomString($length){    return bin2hex(random_bytes($length));}