How to create a unique ID in PHP from a long string of user info

I am reading some data from a user's badge via a magnetic swipe. It brings back a long unique text 开发者_运维问答string that includes the user's badge number, their name, and a few other pieces of information. I want to be able to pull up the user's information through their swipe. I was thinking of making an MD5 hash out of the user's data, but i'm not sure how unique the MD5 would be from that swipe so I can store that md5 as how I look up the user in my MySQL database?

*** Update: Sorry, I should add that the badge might not necessarily be from us. It might be from another company, so I really just need to take what is on the badge and create a unique ID from that.

MD5 can have collisions. But why can't you simply use the badge number as primary key?

MD5 is a 128-bit hash, so it allows 2¹²⁸ (340.282.366.920.938.463.463.374.607.431.768.211.456) unique identifiers, so if every human beeing on this world (about 6.900.000.000) should get a md5 unique identifier built out of this data, the chances of a collision are smaller than 1:4*10²⁸. So it should be small enough.

If you're worried about that, how about using a more robust hash? Try Sha-512, SHA-384, or Whirlpool perhaps. These all use a lot more characters than the older hash functions and are guaranteed to offer a greater selection of unique permutations.

Check out the PHP hash docs, in particular the hash command itself and the list of algorithms. It's as simple as $really_unique_id=hash('whirlpool',$data);

Of course, it might be overkill and end up a bit inefficient, if you're selecting or indexing on this as a database field. As another answer suggested, using an already unique identifier like the badge ID would probably be a better way to go.

I was thinking of making an MD5 hash out of the user's data, but i'm not sure how unique the MD5 would be

If you're going to store the entire hash, then it's going to be unique enough for you application. I did a little experiment a while back and found that even 32-bit fragment of an MD5 or SHA-1 hash will probably still be unique enough for a few thousand records.

Could you not infact use the badge data in your query.

For example:

SELECT * from 'users' WHERE badge_num='00001' AND name='Katy Perry'

For creating a unique ID u can go with any algorithm, be it md5, or SHA or Whirlpool. My idea is based on the method various website use to generate a random password when we click on 'forgot password' and we get an email. The other scenario is generating the string for captcha.

For this they generally create hash out of their email and use a random substring out of it. But to be very sure with minimal chances of having duplicate ID u can use complete hash string. Similar to email its generally favorable to hash the field which is most probable of being unique for every user may be like username, employeeID etc.

I think this helped.