Member Avatar for Matthew N.

Hello, today I'm going to show you how to make a PHP Password Generator.
There are other ways of doing this, but I'm going to show you the way I use. Feel free to add your way too!


Ok, let's get started.
Make a new directory to store your files in.
In that directory, create a file called generate.php.
You should now have a directory structure that looks similar to this.

/*
passwordgenerator/
  /passwordgenerate/generate.php
  /passwordgenerate/funcs.php
*/

Now open up generate.php in your favorite text editor.

Now, create a simple form with a dropdown box with the length of the password in it (max 32) and a submit button.
Here is my code (Note : I have aligned the form to the center of the page; this is optional.)

<center>
<form action="" method="post"> <!-- we will use post for security-->
<b>Length:</b><select name="length">
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
</select>
<br /><br />
<input type="submit" value="Generate Password" />
</form>
</center>

now, at the top of the file, add this code :

<?php
if(isset($_POST['length'])) { // checking if they have submitted the form
    include 'funcs.php';
    echo generatePass($_POST['length']); // generatePass will be defined in funcs.php
}
?>

Now, save that and open up funcs.php

<?php
function generatePass($length) {
    $newpass = '';
    for($i = 0;$i < $length / 2;$i++) { // loop through untill $i = half the value of length
        $pass = rand(1,9); // generate a random number between 1 and 9
        switch $pass { // depending on the value of pass, add to random strings to newpass.
             case 1:
                 $newpass .= "aD"; break;
             case 2:
                  $newpass .= "ds"; break;
             case 3:
                  $newpass .= "*%"; break;
             case 4:
                  $newpass .= "G$"; break;
             case 5:
                  $newpass .= "$#"; break;
             case 6:
                  $newpass .= "f^"; break;
             case 7:
                  $newpass .= "$f"; break;
             case 8:
                  $newpass .= "34"; break;
             case 9:
                  $newpass .= "jf"; break;
        }
        return $newpass; // return the password.
    }
}
?>
Edited by Matthew N. because: n/a
  • 2 Contributors
  • 1 Reply
  • 147 Views
  • 7 Hours Discussion Span
  • Latest Post Latest Post by diafol
Member Avatar for diafol 
<!-- we will use post for security-->

This is no more secure than GET. Also, there is nothing majorly wrong with showing the number - you should have a validation routine in the handling page, either to check for no. bet. 8-15 or to force an integer of a specified length.

Is there any reason for using fixed character pairs? Seems a little limited.

Why not generate ascii codes with rand no? That would be wonderfully random - well -ish.

You could also use a hash function linked to microtime() with salts and a random no. generator.

Edited by diafol because: n/a
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.