Note that both of these have a risk of collision that
cannot be reduced below 1/2^(number of actually random bits
in the seed), no matter how many characters you decide to
use in the session ID. This is perhaps a small risk in
this particular case, but I thought the general problem
should be mentioned.
On old versions of Perl, srand()
isn't even called so that each solution will always produce
the exact same ID.
Adam's is a better idea and nearly as simple. It only
requires about 5 characters of ID. You can't have a
collision unless
32000 processes are created within a single
second on your server. If you have multiple computers
doing sophisticated load balancing of web requests such
that IDs need to be unique across machines, then you'll
need to append some characters that are unique to a
machine (what to use depends on how your load balancing
is done).
-
tye
(but my friends call me "Tye")