Fast, cryptographically-secure random string generator for PHP 8.2+.
Zero external dependencies. Uses random_bytes() with bit-packing and rejection sampling for efficient, unbiased output.
composer require taranovegor/string-generatoruse TaranovEgor\StringGenerator\CharRange;
use TaranovEgor\StringGenerator\StringGenerator;
$generator = new StringGenerator();
// Default — alphabetic (a-zA-Z)
$token = $generator->generate(32);
// Numeric only
$pin = $generator->generate(6, CharRange::Numeric);
// Alphanumeric
$code = $generator->generate(16, CharRange::AlphaNumeric);
// All printable ASCII
$password = $generator->generate(20, CharRange::Any);| Case | Characters | Size |
|---|---|---|
Numeric |
0-9 |
10 |
Lowercase |
a-z |
26 |
Uppercase |
A-Z |
26 |
Alpha |
a-z A-Z |
52 |
AlphaNumeric |
a-z A-Z 0-9 |
62 |
Special |
! @ # $ % ^ & * and other punctuation |
32 |
Any |
All printable ASCII (33–126) | 94 |
Pass a string as the second argument — every byte in it becomes a valid character:
$generator = new StringGenerator();
// Hex string
echo $generator->generate(32, '0123456789abcdef');
// Base58
echo $generator->generate(22, '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz');
// Binary-safe — works with any byte values, including null bytes
echo $generator->generate(64, "\x00\x01\x02\x03");Note: the alphabet must contain at least 2 distinct characters.
composer install
# Run tests
composer test
# Static analysis (PHPStan)
composer analyse
# Run benchmarks
compose benchThe scripts and documentation in this project are released under the MIT License