[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-8223":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":16,"stars30d":17,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":18,"rankGlobal":10,"rankLanguage":10,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":20,"hasPages":20,"topics":22,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":16,"starSnapshotCount":16,"syncStatus":17,"lastSyncTime":38,"discoverSource":39},8223,"random_compat","paragonie\u002Frandom_compat","paragonie","PHP 5.x support for random_bytes() and random_int()","https:\u002F\u002Fparagonie.com\u002Fprojects",null,"PHP",8164,148,35,5,0,2,37.52,"MIT License",false,"master",[23,24,25,26,27,28,29,30,31,32,33,34],"csprng","php","php5","polyfill","random","random-bytes","random-generation","random-int","randomization","randomness","secure","secure-by-default","2026-06-12 02:01:50","# random_compat\n\n[![Build Status](https:\u002F\u002Fgithub.com\u002Fparagonie\u002Frandom_compat\u002Factions\u002Fworkflows\u002Fci.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002Fparagonie\u002Frandom_compat\u002Factions)\n[![Scrutinizer](https:\u002F\u002Fscrutinizer-ci.com\u002Fg\u002Fparagonie\u002Frandom_compat\u002Fbadges\u002Fquality-score.png?b=master)](https:\u002F\u002Fscrutinizer-ci.com\u002Fg\u002Fparagonie\u002Frandom_compat)\n[![Latest Stable Version](https:\u002F\u002Fposer.pugx.org\u002Fparagonie\u002Frandom_compat\u002Fv\u002Fstable)](https:\u002F\u002Fpackagist.org\u002Fpackages\u002Fparagonie\u002Frandom_compat)\n[![Latest Unstable Version](https:\u002F\u002Fposer.pugx.org\u002Fparagonie\u002Frandom_compat\u002Fv\u002Funstable)](https:\u002F\u002Fpackagist.org\u002Fpackages\u002Fparagonie\u002Frandom_compat)\n[![License](https:\u002F\u002Fposer.pugx.org\u002Fparagonie\u002Frandom_compat\u002Flicense)](https:\u002F\u002Fpackagist.org\u002Fpackages\u002Fparagonie\u002Frandom_compat)\n[![Downloads](https:\u002F\u002Fimg.shields.io\u002Fpackagist\u002Fdt\u002Fparagonie\u002Frandom_compat.svg)](https:\u002F\u002Fpackagist.org\u002Fpackages\u002Fparagonie\u002Frandom_compat)\n\nPHP 5.x polyfill for `random_bytes()` and `random_int()` created and maintained\nby [Paragon Initiative Enterprises](https:\u002F\u002Fparagonie.com).\n\nAlthough this library *should* function in earlier versions of PHP, we will only\nconsider issues relevant to [supported PHP versions](https:\u002F\u002Fsecure.php.net\u002Fsupported-versions.php).\n**If you are using an unsupported version of PHP, please upgrade as soon as possible.**\n\n## Important\n\nAlthough this library has been examined by some security experts in the PHP \ncommunity, there will always be a chance that we overlooked something. Please \nask your favorite trusted hackers to hammer it for implementation errors and\nbugs before even thinking about deploying it in production.\n\n**Do not use the master branch, use a [stable release](https:\u002F\u002Fgithub.com\u002Fparagonie\u002Frandom_compat\u002Freleases\u002Flatest).**\n\nFor the background of this library, please refer to our blog post on \n[Generating Random Integers and Strings in PHP](https:\u002F\u002Fparagonie.com\u002Fblog\u002F2015\u002F07\u002Fhow-safely-generate-random-strings-and-integers-in-php).\n\n### Usability Notice\n\nIf PHP cannot safely generate random data, this library will throw an `Exception`.\nIt will never fall back to insecure random data. If this keeps happening, upgrade\nto a newer version of PHP immediately.\n\n## Installing\n\n**With [Composer](https:\u002F\u002Fgetcomposer.org):**\n\n    # For libraries and frameworks that support PHP 5 but may be used by\n    # other software that only supports PHP 7:\n    composer require paragonie\u002Frandom_compat:\\>=2\n\n    # For software that explicitly needs PHP 5 support:\n    composer require paragonie\u002Frandom_compat:\\\u003C9.99\n\n**Signed PHP Archive:**\n\nAs of version 1.2.0, we also ship an ECDSA-signed PHP Archive with each stable \nrelease on Github.\n\n1. Download [the `.phar`, `.phar.pubkey`, and `.phar.pubkey.asc`](https:\u002F\u002Fgithub.com\u002Fparagonie\u002Frandom_compat\u002Freleases\u002Flatest) files.\n2. (**Recommended** but not required) Verify the PGP signature of `.phar.pubkey` \n   (contained within the `.asc` file) using the [PGP public key for Paragon Initiative Enterprises](https:\u002F\u002Fparagonie.com\u002Fstatic\u002Fgpg-public-key.txt).\n3. Extract both `.phar` and `.phar.pubkey` files to the same directory.\n4. `require_once \"\u002Fpath\u002Fto\u002Frandom_compat.phar\";`\n5. When a new version is released, you only need to replace the `.phar` file;\n   the `.pubkey` will not change (unless our signing key is ever compromised).\n\n**Manual Installation:**\n\n1. Download [a stable release](https:\u002F\u002Fgithub.com\u002Fparagonie\u002Frandom_compat\u002Freleases\u002Flatest).\n2. Extract the files into your project.\n3. `require_once \"\u002Fpath\u002Fto\u002Frandom_compat\u002Flib\u002Frandom.php\";`\n\nThe entrypoint should be **`lib\u002Frandom.php`** directly, not any of the other files in `\u002Flib`.\n\n## Usage\n\nThis library exposes the [CSPRNG functions added in PHP 7](https:\u002F\u002Fsecure.php.net\u002Fmanual\u002Fen\u002Fref.csprng.php)\nfor use in PHP 5 projects. Their behavior should be identical.\n\n### Generate a string of random bytes\n\n```php\ntry {\n    $string = random_bytes(32);\n} catch (TypeError $e) {\n    \u002F\u002F Well, it's an integer, so this IS unexpected.\n    die(\"An unexpected error has occurred\"); \n} catch (Error $e) {\n    \u002F\u002F This is also unexpected because 32 is a reasonable integer.\n    die(\"An unexpected error has occurred\");\n} catch (Exception $e) {\n    \u002F\u002F If you get this message, the CSPRNG failed hard.\n    die(\"Could not generate a random string. Is our OS secure?\");\n}\n\nvar_dump(bin2hex($string));\n\u002F\u002F string(64) \"5787c41ae124b3b9363b7825104f8bc8cf27c4c3036573e5f0d4a91ad2eeac6f\"\n```\n\n### Generate a random integer between two given integers (inclusive)\n\n```php\ntry {\n    $int = random_int(0, 255);\n} catch (TypeError $e) {\n    \u002F\u002F Well, it's an integer, so this IS unexpected.\n    die(\"An unexpected error has occurred\"); \n} catch (Error $e) {\n    \u002F\u002F This is also unexpected because 0 and 255 are both reasonable integers.\n    die(\"An unexpected error has occurred\");\n} catch (Exception $e) {\n    \u002F\u002F If you get this message, the CSPRNG failed hard.\n    die(\"Could not generate a random int. Is our OS secure?\");\n}\n\nvar_dump($int);\n\u002F\u002F int(47)\n```\n\n### Exception handling\n\nWhen handling exceptions and errors you must account for differences between\nPHP 5 and PHP7.\n\nThe differences:\n\n* Catching `Error` works, so long as it is caught before `Exception`.\n* Catching `Exception` has different behavior, without previously catching `Error`.\n* There is *no* portable way to catch all errors\u002Fexceptions.\n\n#### Our recommendation\n\n**Always** catch `Error` before `Exception`.\n\n#### Example\n\n```php\ntry {\n    return random_int(1, $userInput);\n} catch (TypeError $e) {\n    \u002F\u002F This is okay, so long as `Error` is caught before `Exception`.\n    throw new Exception('Please enter a number!');\n} catch (Error $e) {\n    \u002F\u002F This is required, if you do not need to do anything just rethrow.\n    throw $e;\n} catch (Exception $e) {\n    \u002F\u002F This is optional and maybe omitted if you do not want to handle errors\n    \u002F\u002F during generation.\n    throw new InternalServerErrorException(\n        'Oops, our server is bust and cannot generate any random data.',\n        500,\n        $e\n    );\n}\n```\n\n### Troubleshooting\n\n#### Exception: \"Could not gather sufficient random data\"\n\nIf an Exception is thrown, then your operating system is not secure.\n\n1. If you're on Windows, make sure you enable mcrypt.\n2. If you're on any other OS, make sure `\u002Fdev\u002Furandom` is readable.\n   * FreeBSD jails need to expose `\u002Fdev\u002Furandom` from the host OS\n   * If you use `open_basedir`, make sure `\u002Fdev\u002Furandom` is allowed\n\nThis library does not (and will not accept any patches to) fall back to\nan insecure random number generator.\n\n#### Version Conflict with [Other PHP Project]\n\nIf you're using a project that has a line like this in its composer.json\n\n    \"require\" {\n        ...\n        \"paragonie\u002Frandom_compat\": \"~1.1\",\n        ...\n    }\n\n...and then you try to add random_compat 2 (or another library that explicitly\nrequires random_compat 2, such as [this secure PHP encryption library](https:\u002F\u002Fgithub.com\u002Fdefuse\u002Fphp-encryption)),\nyou will get a version conflict.\n\nThe solution is to get the project to update its requirement string to allow\nversion 2 and above to be used instead of hard-locking users to version 1.\n\n```diff\n\"require\" {\n    ...\n-    \"paragonie\u002Frandom_compat\": \"~1.1\",\n+    \"paragonie\u002Frandom_compat\": \">=1\",\n    ...\n}\n```\n\n#### Version 9.99.99\n\n**Note**: There is a special version called `9.99.99` which makes this\nlibrary do nothing, but is only installable on PHP 7.\n\nIf you're writing software (e.g. a library) that supports PHP 5, but may\nbe used by software that doesn't, you'll want to allow `9.99.99` to be\ninstalled. The above diff is what you want.\n\nConversely, if you're writing software that (in and of itself) supports\nPHP 5, you do not want 9.99.99 to be installed, so you'll want to make\nthis change instead:\n\n```diff\n\"require\" {\n    ...\n-    \"paragonie\u002Frandom_compat\": \"~1.1\",\n+    \"paragonie\u002Frandom_compat\": \">=1 \u003C9.99\",\n    ...\n}\n```\n\nTo avoid installing \"empty\" version `9.99.99` you can add `replace` section\nin your root `composer.json`:\n\n    \"replace\": {\n        \"paragonie\u002Frandom_compat\": \"9.99.99\"\n    },\n\n#### Manifest Read Length Error\n\nIf you're using the PHP Archive (Phar) approach rather than Composer, and\nyou are getting an error message to the effect of \"manifest read length\nwas `{int1}` should be `{int2}`\", the Phar extension may not be enabled.\n\nSee [this comment](https:\u002F\u002Fgithub.com\u002Fparagonie\u002Frandom_compat\u002Fissues\u002F134#issuecomment-365696289)\nfor specific guidance on how to fix this issue.\n\n## Contributors\n\nThis project would not be anywhere near as excellent as it is today if it \nweren't for the contributions of the following individuals:\n\n* [@AndrewCarterUK (Andrew Carter)](https:\u002F\u002Fgithub.com\u002FAndrewCarterUK)\n* [@asgrim (James Titcumb)](https:\u002F\u002Fgithub.com\u002Fasgrim)\n* [@bcremer (Benjamin Cremer)](https:\u002F\u002Fgithub.com\u002Fbcremer)\n* [@chriscct7 (Chris Christoff)](https:\u002F\u002Fgithub.com\u002Fchriscct7)\n* [@CodesInChaos (Christian Winnerlein)](https:\u002F\u002Fgithub.com\u002FCodesInChaos)\n* [@ConnorVG (Connor S. Parks)](https:\u002F\u002Fgithub.com\u002FConnorVG)\n* [@cs278 (Chris Smith)](https:\u002F\u002Fgithub.com\u002Fcs278)\n* [@cweagans (Cameron Eagans)](https:\u002F\u002Fgithub.com\u002Fcweagans)\n* [@dd32 (Dion Hulse)](https:\u002F\u002Fgithub.com\u002Fdd32)\n* [@geggleto (Glenn Eggleton)](https:\u002F\u002Fgithub.com\u002Fgeggleto)\n* [@glensc (Elan Ruusamäe)](https:\u002F\u002Fgithub.com\u002Fglensc)\n* [@GrahamCampbell (Graham Campbell)](https:\u002F\u002Fgithub.com\u002FGrahamCampbell)\n* [@ircmaxell (Anthony Ferrara)](https:\u002F\u002Fgithub.com\u002Fircmaxell)\n* [@jdevalk (Joost de Valk)](https:\u002F\u002Fgithub.com\u002Fjdevalk)\n* [@jedisct1 (Frank Denis)](https:\u002F\u002Fgithub.com\u002Fjedisct1)\n* [@juliangut (Julián Gutiérrez)](https:\u002F\u002Fgithub.com\u002Fjuliangut)\n* [@kelunik (Niklas Keller)](https:\u002F\u002Fgithub.com\u002Fkelunik)\n* [@lt (Leigh)](https:\u002F\u002Fgithub.com\u002Flt)\n* [@MasonM (Mason Malone)](https:\u002F\u002Fgithub.com\u002FMasonM)\n* [@menkaff (Mehran NikNafs)](https:\u002F\u002Fgithub.com\u002Fmenkaff)\n* [@mmeyer2k (Michael M)](https:\u002F\u002Fgithub.com\u002Fmmeyer2k)\n* [@narfbg (Andrey Andreev)](https:\u002F\u002Fgithub.com\u002Fnarfbg)\n* [@nicolas-grekas (Nicolas Grekas)](https:\u002F\u002Fgithub.com\u002Fnicolas-grekas)\n* [@ocean90 (Dominik Schilling)](https:\u002F\u002Fgithub.com\u002Focean90)\n* [@oittaa](https:\u002F\u002Fgithub.com\u002Foittaa)\n* [@oucil (Kevin Farley)](https:\u002F\u002Fgithub.com\u002Foucil)\n* [@philios33 (Phil Nicholls)](https:\u002F\u002Fgithub.com\u002Fphilios33)\n* [@redragonx (Stephen Chavez)](https:\u002F\u002Fgithub.com\u002Fredragonx)\n* [@relaxnow (Boy Baukema)](https:\u002F\u002Fgithub.com\u002Frelaxnow)\n* [@rchouinard (Ryan Chouinard)](https:\u002F\u002Fgithub.com\u002Frchouinard)\n* [@rugk](https:\u002F\u002Fgithub.com\u002Frugk)\n* [@SammyK (Sammy Kaye Powers)](https:\u002F\u002Fgithub.com\u002FSammyK)\n* [@scottchiefbaker (Scott Baker)](https:\u002F\u002Fgithub.com\u002Fscottchiefbaker)\n* [@skyosev (Stoyan Kyosev)](https:\u002F\u002Fgithub.com\u002Fskyosev)\n* [@sthen (Stuart Henderseon)](https:\u002F\u002Fgithub.com\u002Fsthen)\n* [@stof (Christophe Coevoet)](https:\u002F\u002Fgithub.com\u002Fstof)\n* [@teohhanhui (Teoh Han Hui)](https:\u002F\u002Fgithub.com\u002Fteohhanhui)\n* [@tom-- (Tom Worster)](https:\u002F\u002Fgithub.com\u002Ftom--)\n* [@tsyr2ko](https:\u002F\u002Fgithub.com\u002Ftsyr2ko)\n* [@trowski (Aaron Piotrowski)](https:\u002F\u002Fgithub.com\u002Ftrowski)\n* [@twistor (Chris Lepannen)](https:\u002F\u002Fgithub.com\u002Ftwistor)\n* [@vinkla (Vincent Klaiber)](https:\u002F\u002Fgithub.com\u002Fvinkla)\n* [@voku (Lars Moelleken)](https:\u002F\u002Fgithub.com\u002Fvoku)\n* [@xabbuh (Christian Flothmann)](https:\u002F\u002Fgithub.com\u002Fxabbuh)\n\n## Support Contracts\n\nIf your company uses this library in their products or services, you may be\ninterested in [purchasing a support contract from Paragon Initiative Enterprises](https:\u002F\u002Fparagonie.com\u002Fenterprise).\n","paragonie\u002Frandom_compat 是一个为 PHP 5.x 提供 `random_bytes()` 和 `random_int()` 函数支持的库。该项目通过 polyfill 的方式，使得旧版本的 PHP 环境也能使用这些现代安全随机数生成函数，从而提升应用的安全性。它仅依赖于 PHP 自身的功能来实现加密级伪随机数生成器（CSPRNG），确保在不支持这些函数的 PHP 版本中也能提供一致且安全的随机数据生成能力。适用于需要增强安全性但又受限于 PHP 版本无法直接使用最新随机数生成函数的各种 Web 应用场景。","2026-06-11 03:16:51","top_language"]