benanamen Posted March 7, 2016 Share Posted March 7, 2016 (edited) I know @Jaques1 has provided an answer somewhere but I couldn't find it. I think it was with mcrypt_create_iv I want to generate a CPRNG to use as an API key. This will also be used as a unique account id (I think). Account Usage: An instructor will register a new account and is automatically Super Admin of that account (Account Owner) Account owner can add other instructors to his account who can also optionally be super admins of that account (Sub Instructors). Sub Instructor super admins cannot delete the account owner. Sub Instructor super admins can create other instructors, optionally as super admin or not a super admin Only other user type is a student/examinee. I am thinking there should be one users table and use RBAC, Any suggestions on the table(s) setup or other comments? (This is for an enterprise exam application, my pet project for learning) Edited March 7, 2016 by benanamen Quote Link to comment Share on other sites More sharing options...
requinix Posted March 8, 2016 Share Posted March 8, 2016 mcrypt_create_iv() and openssl_random_pseudo_bytes() can both do it. Unless Jacques says something, in which case I won't come back in here. Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted March 8, 2016 Share Posted March 8, 2016 I would use the new random_bytes() function. If you don't have PHP 7 yet, you can plug in a compatiblity library for the time being. There's nothing inherently wrong with Mcrypt or OpenSSL, but relying on a single low-level extension can be problematic: None of them is available on all systems, and the Mcrypt extension is actually dying (the original library has been unmaintained for almost 10 years, and the PHP core developers already considered removing ext/mcrypt). The permission model sounds confusing, but you should probably create a separate thread for that. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.