Php: Number Only Hash

php: number only hash?

There are some good answers but for me the approaches seem silly.

They first force php to create a Hex number, then convert this back (hexdec) in a BigInteger and then cut it down to a number of letters... this is much work!

Instead why not

Read the hash as binary:

$binhash = md5('[input value]', true);

then using

$numhash = unpack('N2', $binhash); //- or 'V2' for little endian

to cast this as two INTs ($numhash is an array of two elements). Now you can reduce the number of bits in the number simply using an AND operation. e.g:

$result = $numhash[1] & 0x000FFFFF; //- to get numbers between 0 and 1048575

But be warned of collisions! Reducing the number means increasing the probability of two different [input value] with the same output.

I think that the much better way would be the use of "ID-Crypting" with a Bijectiv function. So no collisions could happen! For the simplest kind just use an Affine_cipher

Example with max input value range from 0 to 25:

function numcrypt($a)
{
   return ($a * 15) % 26;
}

function unnumcrypt($a)
{
   return ($a * 7) % 26;
}

Output:

numcrypt(1) : 15
numcrypt(2) : 4
numcrypt(3) : 19

unnumcrypt(15) : 1
unnumcrypt(4)  : 2
unnumcrypt(19) : 3

e.g.

$id = unnumcrypt($_GET('userid'));

... do something with the ID ...

echo '<a href="do.php?userid='. numcrypt($id) . '"> go </a>';

of course this is not secure, but if no one knows the method used for your encryption then there are no security reasons then this way is faster and collision safe.

Limit 2 digits only from a hash code

You can use substr() to get a substring of a string, in this case your hash:

$twofirst = substr($img['hash'], 0, 2);

Create a hash that could be validated only in the next 5 minutes

Simply include the timestamp as readable value in your hash, and include it in the hash so you can verify its authenticity. You should use an HMAC for that purpose.

                          hash
                    vvvvvvvvvvvvvvvv
$hash = '1234567890:abcdef1234567890'
         ^^^^^^^^^^
         timestamp

$time = time();
$hash = "$time:" . hash_hmac('sha256', $time, $secretKey);

What you use as the data for hashing (here: just the timestamp) and the $secretKey depends on what data exactly you're trying to proof. To validate you can easily strip the timestamp from the hash, verify that it's within 5 minutes of now, and repeat the same hash operation to confirm the hash value.

Remember: without a secret key, anyone would obviously be able to fabricate such a hash. The secret key is something only you know, and which proves that you had originally created the hash.

You may also look into JSON Web Tokens for much the same purpose.

PHP function to create 8 chars long hash ([a-z] = no numbers allowed)

Perhaps something like:

$hash = substr(strtolower(preg_replace('/[0-9_\/]+/','',base64_encode(sha1($input)))),0,8);

This produces a SHA1 hash, base-64 encodes it (giving us the full alphabet), removes non-alpha chars, lowercases it, and truncates it.

For $input = 'yar!';:

mwinzewn

For $input = 'yar!!';:

yzzhzwjj

So the spread seems pretty good.

PHP - Generate an 8 character hash from an integer

Why don't you just run md5 and take the first 8 characters?

Because you are wanting a hash, it doesn't matter whether portions are discarded, but rather that the same input will produce the same hash.

$hash = substr(md5($num), 0, 8);

PHP hashing function that returns an integer (32bit int)

ord($hash[0]) * 16777216 + ord($hash[1]) * 65536 + ord($hash[2]) * 256 + ord($hash[3]) ;

Or:

unpack("L", substr($hash,0,4));

But Filip Roséen's solution is better.

Php: Number Only Hash