in reply to Random, Unique, but Simple session ID
The unique_id() function I use (pieced together from the Camel, Randal's suggestions, and elsewhere) is:
sub unique_id() { # Use Apache's mod_unique_id if available return $ENV{UNIQUE_ID} if exists $ENV{UNIQUE_ID}; require MD5; # ** Note ** This is intended to be unique, not unguessable. my $id = MD5->hexhash(MD5->hexhash(time.{}.rand().$$)); $id =~ tr|+/=|-_.|; # make non-word characters URL friendly return $id; }
By using hexhash instead of base 64 you're also more likely to come up with ID that are safe to use (read, "no funny characters that might do something bad")
In Section
Seekers of Perl Wisdom