str_shuffle

(PHP 4 >= 4.3.0, PHP 5, PHP 7)

str_shuffle随机打乱一个字符串

说明

str_shuffle ( string $str ) : string

str_shuffle() 函数打乱一个字符串,使用任何一种可能的排序方案。

Caution

本函数并不会生成安全加密的值,不应用于加密用途。若需要安全加密的值,考虑使用openssl_random_pseudo_bytes()

参数

str

输入字符串。

返回值

返回打乱后的字符串。

更新日志

版本 说明
7.1.0 内置的随机算法从 libc rand 函数改成了» 梅森旋转演伪随机数发生算法。

范例

Example #1 str_shuffle() 范例

<?php
$str 
'abcdef';
$shuffled str_shuffle($str);

// 输出类似于: bfdaec
echo $shuffled;
?>

参见

User Contributed Notes

Anonymous 18-Oct-2019 01:08
As noted in this documentation str_shuffle is NOT cryptographically secure, however I have seen many code examples online of people using nothing more than this to generate say random passwords.  So I though I'd share my function which while it makes use of str_shuffle also rely's on random_int() for added security. I use this function to generate salts to use when working with hashes but it can also be used to generate default passwords for new users for example.

It starts with a universe of possible characters, in this case all letters (upper and lower case), 0-9, and several special characters.

It then will run str_shuffle on the universe of characters a random number of times, using random_int() (currently set to 1-10)

Then once the universe of possible characters has been shuffled it using random_int() once more to select the character as a random position within the shuffled string, as does that once for each character you want in the output.

 function secret_gen( $len=64 ) {
    $secret = "";
    $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()_-+=`~,<>.[]: |';
    for ( $x = 1l $x <= random_int( 1, 10 ), $x++ ){
        $charset = str_shuffle( $charset );
    }
    for ( $s = 1; $s <= $len; $s++ ) {
        $secret .= substr( $charset, random_int( 0, 86 ), 1 );
    }
    return $secret;
}
ronald 04-Oct-2015 11:44
This page is missing a very important notice:

Caution

This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using random_int(), random_bytes(), or openssl_random_pseudo_bytes() instead.
blamoo2 at hotmail dot com 15-Jul-2015 01:35
This function is affected by srand():

<?php
srand
(12345);
echo
str_shuffle('Randomize me') . '<br/>'; // "demmiezr aon"
echo str_shuffle('Randomize me') . '<br/>'; // "izadmeo rmen"

srand(12345);
echo
str_shuffle('Randomize me') . '<br/>'; // "demmiezr aon" again
?>
krzysiekpiasecki at gmail dot com 23-May-2015 09:06
/**
 * Test shuffleString
 */
function testShuffleString() {
    $shuffled = shuffleString("????ó");
    if (\mb_strlen($shuffled) != 5) {
        throw new \UnexpectedValueException("Invalid count of characters");
    }
    if ($shuffled == "????ó") {
        throw new \UnexpectedValueException("The same string");
    }
    foreach (["?", "?", "?", "?", "ó"] as $char) {
        if (\mb_strpos($shuffled, $char) === false) {
            throw new \UnexpectedValueException("Character not found");
        }
    }
}

/**
 * Shuffle string
 *
 * @param $stringValue String to shuffle
 * @param string $startWith Shuffle $stringValue and append to $startWith
 * @return string Shuffled string
 * @author Krzysztof Piasecki<krzysiekpiasecki@gmail.com>
 */
function shuffleString($stringValue, $startWith = "") {
    $range = \range(0, \mb_strlen($stringValue));
    shuffle($range);
    foreach($range as $index) {
        $startWith .= \mb_substr($stringValue, $index, 1);
    }
    return $startWith;
};

testShuffleString();

echo shuffleString("Hello"); // > 'elHol' (something like this)
echo shuffleString("World!", "Hello "); // > 'Hello do!lrW' (something like this)
Anonymous 14-Oct-2014 05:35
str_shuffle isn't recommendable for passwords. Each character exists only one time).

A function like the following one is better for this.

<?php
   
function generatePassword($length = 8) {
       
$possibleChars = "abcdefghijklmnopqrstuvwxyz";
       
$password = '';

        for(
$i = 0; $i < $length; $i++) {
           
$rand = rand(0, strlen($possibleChars) - 1);
           
$password .= substr($possibleChars, $rand, 1);
        }

        return
$password;
    }
?>
qeremy [atta] gmail [dotta] com 24-Feb-2012 11:58
A proper unicode string shuffle;

<?php
function str_shuffle_unicode($str) {
   
$tmp = preg_split("//u", $str, -1, PREG_SPLIT_NO_EMPTY);
   
shuffle($tmp);
    return
join("", $tmp);
}
?>

$str = "?eker yarim"; // My sweet love

echo str_shuffle($str); // i?eymr?ekr ?

echo str_shuffle_unicode($str); // ?r mreyeika
Anonymous 21-Jun-2010 10:32
Shuffle for all encoding formats

<?php

function unicode_shuffle($string, $chars, $format = 'UTF-8')
{
    for(
$i=0; $i<$chars; $i++)
       
$rands[$i] = rand(0, mb_strlen($string, $format));
           
       
$s = NULL;
           
    foreach(
$rands as $r)
       
$s.= mb_substr($string, $r, 1, $format);
           
    return
$s;
}

?>
jojersztajner at OXYGEN dot POLAND 16-Jun-2007 03:27
Aoccdrnig to rseearch at an Elingsh uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is that the frist and lsat ltteer is at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae we do not raed ervey lteter by it slef but the wrod as a wlohe.

Hree's a cdoe taht slerbmcas txet in tihs way:
<?php
   
function scramble_word($word) {
        if (
strlen($word) < 2)
            return
$word;
        else
            return
$word{0} . str_shuffle(substr($word, 1, -1)) . $word{strlen($word) - 1};
    }

    echo
preg_replace('/(\w+)/e', 'scramble_word("\1")', 'A quick brown fox jumped over the lazy dog.');
?>

It may be ufseul if you wnat to cetare an aessblicce CTCPAHA.
CygnusX1 14-Feb-2007 01:17
To cobine functionality and simplicity of the two functions below we can have:

<?php
function generatePasswd($numAlpha=6,$numNonAlpha=2)
{
  
$listAlpha = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
  
$listNonAlpha = ',;:!?.$/*-+&@_+;./*&?$-!,';
   return
str_shuffle(
     
substr(str_shuffle($listAlpha),0,$numAlpha) .
     
substr(str_shuffle($listNonAlpha),0,$numNonAlpha)
    );
}
?>
dzafel at op dot pl 29-Dec-2006 01:16
Very, very simple random password generator, without using rand() function:

<?php
function random_password($chars = 8) {
  
$letters = 'abcefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
   return
substr(str_shuffle($letters), 0, $chars);
}
?>
Michiel van den boogaard 17-Jan-2005 02:03
Shortend function for PHP < 4.3
<?php 
function RandomPass($numchar

   
$word = "a,b,c,d,e,f,g,h,i,j,k,l,m,1,2,3,4,5,6,7,8,9,0"
   
$array=explode(",",$word); 
   
shuffle($array); 
   
$newstring = implode($array,""); 
    return
substr($newstring, 0, $numchar); 

?>