I am developing an application which allows users to share a link to a simple survey. For this, I want to generate unique URLs for each survey, so having a URL like:
http://myapp.com/aBcDe1F
I want the alpha numeric identifier part of the URL to be pseudo random and somewhat short (6-8 characters). Now, generating that is easy, but how do I ensure that they are unique but also pseudo random? Do I have to generate it, then check with a quer开发者_运维知识库y to the database to ensure it's not been generated before, and if not, regenerate another string and try the same process again?
I am aware that obfuscating the URL this way does not really ensure security by any means, but password based authentication is ruled out for this application, so I am trying to use a pseudo random character string.
Yes - I think you have to do it as you describe. But to be completely pedantic (ummm, I mean "safe") do not do this:
do
{
generate a value
check the database
}
while (the value did not exist)
insert a new row into the db
There is a (very) small chance that you could generate the same value for two different users simultaneously.
Rather, use the value as a primary key within the database and do this
do
{
generate a value
insert a new row into the db
}
while (there was a PK violation)
No language specified, but many languages support the creation of a GUID. Why not use one of those?
Well there are various ways to go about it, one common one is to use the current time and do an md5() on it. Subsequently, you may check against your database if that has been used before. Normally, the probability of having 2 md5() that produce the same string result in close proximity is pretty low.
Other methods include using the user's ip + timestamp as a string and md5() it.
Hope it helps (:
Since you are not using it as a key and just for random use of string, you can use this program in Java:
import java.util.Random;
public class randomString {
public static void main(String args[]) {
Random charp = new Random();
String[] chars = {"a", "b", "c", "d", "e", "f", "g", "h" ,"i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "M", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "1", "2", "3", "4", "5", "6", "7", "8", "9"};
String[] word = new String[9];
for(int i = 0; i < 9;i++) {
word[i] = chars[charp.nextInt(70)];
}
System.out.print("Your randomly generated string is: ");
for(int i = 0; i < 9;i++) {
System.out.print(word[i]);
}
}
}
I know this is a bit low skilled and many other libraries and code such as:
import java.security.SecureRandom;
import java.math.BigInteger;
Can be used, but hey we can keep it simple too.
精彩评论