Generating Random unique pin numbers

Hey I got to generate a 100,000 thousand unique pin numbers, whats the best way to do dat! any ideas from the pros??? :frowning:

any particular format? how many numbers per PIN?

Are you looking for an actual algorithm of generating numbers or how to always keep them unique?

they have to be about 8 digits, yeah am looking for an actual algorithm dat makes sure the numbers are not repeated,

http://us2.php.net/rand

This will echo a random 8 digit number between 11111111 and 99999999.



echo rand(11111111, 99999999);


You will then have to check to make sure there are no duplicates with a while or if statement.

Hope that helps!

That means that you’ll have to store all of the already generated numbers somewhere, eg. in a database.

That means that you’ll have to store all of the already generated numbers somewhere, eg. in a database.

Yeah but developing an actual algorithm would be hell. :cool: Just run a query and conditional block. PHP can handle it :wink:

is this really the best choice

Well umm yeah thats a given either way you have to store else how is the computer suppose to know what number was generated last?

Well umm yeah thats a given either way you have to store else how is the computer suppose to know what number was generated last?

Well okay then, do YOU have any other bright ideas?

what if I use an array

what if i use an array to store the created random numbers, do php arrays have a limit

Yes you could use an array. Only limit is the computer’s memory (RAM)

they dont have a limit aside from any memory limits imposed on php.

btw- look at mt_rand() instead of rand()

Arrays will work only if all of the numbers are executed in the same script run.

This will populate a MySQL table pins with 100,000 unique 8 digit codes.
Be sure to define a unique index on the PIN field before use.
The script ran in a few seconds on my machine; not that performance is a huge issue for scripts that get run very rarely.

It actually attempts 101,000 inserts, assuming that there will be collisions. On my tests I got around 400-450 collisions per 100,000 inserts. The excess rows are deleted at the end to give you exactly 100000 PINs.

Also, if you can have alpha-numeric PINs that will be that much harder to guess, or brute force.


<?php
//Connect to MySQL here

$baseQuery = "INSERT IGNORE INTO `pins` (PIN) VALUES\
";
$currentQuery = $baseQuery;

$error = array();

for($i=0; $i<101000; $i++) {
	$pin = mt_rand(10230133, 99182938);
	$currentQuery.= "($pin),\
";
	
	//Insert 500 records at a time
	if($i%500 == 0) {
		$currentQuery = rtrim($currentQuery, ",\
");
		if(!mysql_query($currentQuery)) $error[] = mysql_error();
		$currentQuery = $baseQuery; //Reset current query for next insert block
	}
}


//See if we have enough unique PINs yet
$result = mysql_query("SELECT count(*) AS pinCount FROM `pins`");
$r = mysql_fetch_assoc($result);
if($r['pinCount'] > 100000) {
	$query = "DELETE FROM `pins` LIMIT " . ($r['pinCount']-100000);
	if(!mysql_query($query)) echo "<h2>Delete Error: $query<br>\
" . mysql_error() . "</h2>";
	mysql_query("OPTIMIZE TABLE `pins`");
}

//Report
$errorCount = count($error);
if($errorCount > 0) echo "<p>$errorCount INSERT errors occurred:<br>$error[0]</p>";
else echo "<p>PINs successfully generated.</p>";
?>

Another idea is to generate numbers which are not completely random:


$pins = array();
for($i = 0; $i < 100000; $i++)
   $pins[] = sprintf("%02d%06d", rand(11,99), $i);
shuffle($pins);

Each code consists of 2 random digits and an ordinal number (00000-99999). Ordinal numbers are apparently unique and so are the pin codes.

hey thanks alot mr cranial bore? do the big organisations who usually sell out pinnumbers just generate them randomly or is there a psuedo procedure they usually follow!

If some else uses this algorithm given by mr cranial, its possible to get my pins re generated, any advice apart from making it alpha numeric

mandin, it’s very unlikely that someone could reprodue the WHOLE set of pins, but of course when there are 100,000 of them the chances of guessing one are not that low.
Whatever you’re using this for should have some flood control mechanism to restrict the number of access attempts a given user/IP can make.

No one should be able to make thousands of guesses to your system unhindered.
If you used alphanumeric codes then instead there being approximately 100million available combos there would be about 2.8 trillion.
If you used case-sensitive alpha numeric combos there would be approximately 218 trillion possible combos with an 8 digit code. The chances of coincidance go down.