reduce size of md5 hash

[chriscox]

Sorry, I'm new to PHP... so here it goes.

 

I have created a tech support form on my site, and when a user fills the form and submits, it adds their questions to a database and also emails them a confirmation.  I need to add a unique reference ID for this, to keep in the email and also in the database.  I have tried using this code:

 

<?php echo md5(uniqid(rand(), true));?>

 

This works fine, however its 32 digits long, which is way too long for my customers to refer to.  I am wondering is there a way to reduce that number to maybe 8 or 10 digits and still be unique?  Or should I drop the md5 code, and use some other hashing technique? 

 

I don't really care how many digits as long as it's manageable, say 8 to 10 digits, and can include both letters and numbers.

 

Thanks for any help you guys can provide.

~Chris

[aschk]

Well you have most of it there.

If you have no objections just chop up your md5 string into 8 digits and use those.

 

<?
$old_md5 = md5(uniqid(rand(), true));
$new_md5 = substr($old_md5, 0, ;
?>

[Lumio]

And if that key is not unique, make another key... until it's unique.

[chriscox]

Hi thanks for the quick reply.

 

No I don't mind chopping it to 8 digits.... however does that still mean the number is pretty unique?  I am guessing it is, but just wanted to make sure.  But how would I make another key until its unique as Lumio suggested?

 

[pkSML]

Hi thanks for the quick reply.

 

No I don't mind chopping it to 8 digits.... however does that still mean the number is pretty unique?  I am guessing it is, but just wanted to make sure.  But how would I make another key until its unique as Lumio suggested?

 

 

Even with only 8 digits, there are approximately 4,294,967,296 possible combinations. Yes, that's over 4 billion. So, the chances of uniqueness are pretty high.

[Daniel0]

You'll risk a hash collision if you trim the output of the MD5 function.

[Orio]

You'll risk a hash collision if you trim the output of the MD5 function.

 

Even if you don't trim the output, you are still at a risk of hash collision haha.

But Daniel0 has a point- the shorter you make the string the bigger are the chances you'll have collisions.

So you'll have to simply make a a decision here- take the longest you can "afford".

 

Orio.

[pkSML]

If you want a unique number with guaranteed uniqueness for three complete years, just grab the last 8 digits from time().

After the three years' time, the likelihood of a duplicate is about 3 in 90 million.

 

Is that good enough?!?

[Daniel0]

In fact, if you are able to make an algorithm that creates truly random numbers then you're better than everybody on this forum. If you're able to do that then I think the NSA might have a job for you.

 

http://en.wikipedia.org/wiki/Random_number_generator#.22True.22_random_numbers_vs._pseudo-random_numbers