Get a cryptographically secure, uniformly selected integer

random_int(int $min, int $max): int

Generates a uniformly selected integer between the given minimum and maximum.

The randomness generated by this function is suitable for all applications, including the generation of long-term secrets, such as encryption keys.

The sources of randomness in the order of priority are as follows:

Linux: » getrandom(), /dev/urandom
FreeBSD >= 12 (PHP >= 7.3): » getrandom(), /dev/urandom
Windows (PHP >= 7.2): » CNG-API

Windows: » CryptGenRandom
macOS (PHP >= 8.2; >= 8.1.9; >= 8.0.22 if CCRandomGenerateBytes is available at compile time): CCRandomGenerateBytes()

macOS (PHP >= 8.1; >= 8.0.2): arc4random_buf(), /dev/urandom
NetBSD >= 7 (PHP >= 7.1; >= 7.0.1): arc4random_buf(), /dev/urandom
OpenBSD >= 5.5 (PHP >= 7.1; >= 7.0.1): arc4random_buf(), /dev/urandom
DragonflyBSD (PHP >= 8.1): » getrandom(), /dev/urandom
Solaris (PHP >= 8.1): » getrandom(), /dev/urandom
Any combination of operating system and PHP version not previously mentioned: /dev/urandom
If none of the sources are available or they all fail to generate randomness, then a Random\RandomException will be thrown.

Note: Although this function was added to PHP in PHP 7.0, a » userland implementation is available for PHP 5.2 to 5.6, inclusive.

A cryptographically secure, uniformly selected integer from the closed interval [min, max]. Both min and max are possible return values.

If an appropriate source of randomness cannot be found, a Random\RandomException will be thrown.
If max is less than min, a ValueError will be thrown.

Version	Description
8.2.0	In case of a CSPRNG failure, this function will now throw a Random\RandomException. Previously a plain Exception was thrown.

Example #1 random_int() example

<?php
var_dump(random_int(100, 999));
var_dump(random_int(-1000, 0));
?>

The above example will output something similar to:

int(248)
int(-898)

random_int