in reply to Re: Safe for SQL
in thread Safe for SQL

You are absolutely correct, from RFC 1321:

So, just using the MD5 algorithm means that there is no gaurantee of a unique message digest. ;-)

For something such as a session id for a web script, this is usually sufficient. To resolve your argument, you could add more text until you are reasonably certain that your entropy message is not reproducible:

... while(<LINES_OF_TEXT>) { $md5->add($_); } ...
...the downside is that it takes longer to compute.

One way to gaurantee that the number is unique for that 'insert' statement is to have that database generate the number either from a sequence or stored procedure.

I was just trying to keep it simple and sufficient. :-)

What time is it? It's Camel Time!