Is PHP's rand function really so bad? [closed] Is PHP's rand function really so bad? [closed] php php

Is PHP's rand function really so bad? [closed]


php prng

If you assume calls to rand() are generated by human users at random times then i guess your logic is correct.

However imagine a bot that sends same requests each X seconds (at night hours not interrupted by human calls) or a simple script that runs for a given amount of time and runs rand() one by one. Then you can not fully depend on randomness.

comment from php.net :

Note that the automatic seeding seems to be done with the current number of seconds which means you can get the same results for several runs on a fast server. Either call srand() yourself with a more frequently changing seed or use mt_rand() which doesn't appear to suffer from the problem.

php prng

But how does this compare to the entropy of the human element?

I imagine this scenario:

  • A game with some thousand of users.
  • For some reason, every X minutes, you should set a random value for each user (gived with the same order every time)

Due a pseudo-random function, is more probable with the user XXX and the user YYY have always the same distance. Because one of the problem of pseudo-random, is that an area can be "more" predictable after a sufficient number of cycle.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last