in reply to Re: Safe for SQL
in thread Safe for SQL
You are absolutely correct, from RFC 1321:
- ...It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest...
So, just using the MD5 algorithm means that there is no gaurantee of a unique message digest. ;-)
For something such as a session id for a web script, this is usually sufficient. To resolve your argument, you could add more text until you are reasonably certain that your entropy message is not reproducible:
...the downside is that it takes longer to compute.... while(<LINES_OF_TEXT>) { $md5->add($_); } ...
One way to gaurantee that the number is unique for that 'insert' statement is to have that database generate the number either from a sequence or stored procedure.
I was just trying to keep it simple and sufficient. :-)
--
hiseldl
What time is it? It's Camel Time!
|
---|
In Section
Seekers of Perl Wisdom