spl_object_hash

(PHP 5 >= 5.2.0, PHP 7, PHP 8)

spl_object_hash Return hash id for given object

Description

spl_object_hash(object $object): string

This function returns a unique identifier for the object. This id can be used as a hash key for storing objects, or for identifying an object, as long as the object is not destroyed. Once the object is destroyed, its hash may be reused for other objects. This behavior is similar to spl_object_id().

Parameters

object

Any object.

Return Values

A string that is unique for each currently existing object and is always the same for each object.

Examples

Example #1 A spl_object_hash() example

<?php
$id
= spl_object_hash($object);
$storage[$id] = $object;
?>

Notes

Note:

When an object is destroyed, its hash may be reused for other objects.

Note:

Object hashes should be compared for identity with === and !==, because the returned hash could be a numeric string. For example: 0000000000000e600000000000000000.

See Also

add a note

User Contributed Notes 11 notes

up
107
planetbeing
17 years ago
Note that the contents (properties) of the object are NOT hashed by the function, merely its internal handle and handler table pointer. This is sufficient to guarantee that any two objects simultaneously co-residing in memory will have different hashes. Uniqueness is not guaranteed between objects that did not reside in memory simultaneously, for example:

var_dump(spl_object_hash(new stdClass()), spl_object_hash(new stdClass()));

Running this alone will usually generate the same hashes, since PHP reuses the internal handle for the first stdClass after it has been dereferenced and destroyed when it creates the second stdClass.
up
70
mjs at beebo dot org
11 years ago
Note that given two different objects spl_object_hash() can return values that look very similar, and in fact both the most significant *and* least significant digits are likely to be identical! e.g. "000000003cc56d770000000007fa48c5" and "000000003cc56d0d0000000007fa48c5".

Therefore (especially if using this function for debugging), you may wish to pass the hash into a cryptographic hash function like md5() to get to facilitate visual comparisons, and make it more likely that the first few or last few digits are unique.

md5("000000003cc56d770000000007fa48c5") -> "619a799747d348fa1caf181a72b65d9f"

md5("000000003cc56d0d0000000007fa48c5") -> "ae964bc912281e7804fe5a88b4546cb2"
up
5
A simple developer
1 year ago
Attention when comparing object hashes in PHP >= 8.1

In PHP 8.1 (I think) the output of spl_object_hash() changed (see pull request https://github.com/php/php-src/pull/7010).
This lead to a strange misbehaviour of our application, as we stored object hashes in an array to check, if we processed object already. A simple in_array() check returned true, even though the current object hash was NOT actually in array.

Actual problem: New hashes are much more simple and can be something like "0000000000000e600000000000000000" or "0000000000000e490000000000000000", which PHP will interpret as numeric (exponent).
in_array() will compare non type-safe by default and will interpret named hashes as "0".
up
29
aa dot vasilenko at gmail dot com
6 years ago
Please note that since PHP 7.2 there's new function available spl_object_id() which returns int instead of string. It's (supposed to be) more performant. Due to lack of documentation I recommend you reading the PR https://github.com/php/php-src/pull/2611
up
12
DimeCadmium
6 years ago
For those who believe this function is misnamed, I would like to direct you to https://en.wikipedia.org/wiki/Hash_function . Also, for those who think it's misnamed and supply a comparison to Python, I would like to direct you to https://docs.python.org/2/library/functions.html#hash which does the same thing as this function. (From Python's data-model docs: "User-defined classes have __cmp__() and __hash__() methods by default; ... x.__hash__() returns a result derived from id(x)." - id(x) returns the memory address of the object.)

The cryptographic hash functions you are familiar with, like MD5 or SHA1, are named hash functions because they have a similar design goal: low chance of collisions.
up
9
Hayleu Watson
7 years ago
The "hash" mentioned in the name of this function refers to the storage structure known as a "hash table", not to any sort of "message digest". The string returned by this function is little more than the object's address in the (hash) table PHP maintains of all existing objects.
up
2
Numety
11 months ago
As others have noted, this function now returns the ID, padded with zeroes.
It does not produce a cryptographic hash (which is not what the name hints at, either), nor does it hide it which order the objects were created.

If you wish to give your objects unique identifiers while hiding in which order they were created, you can achieve this by hashing their ID together with other predictable values:

<?php

function objectHash(object $object): string
{
return
hash('sha512', $object::class . spl_object_id($object));
}

?>

Here's an example usage:

<?php

class Person
{
function
__construct(public string $name) {}
}

$anna = new Person('Anna');
$bob = new Person('Bob');

var_export(objectHash($anna)); // '077d33c1 etc.
echo "\n";
var_export(objectHash($bob)); // 'ea3c1319 etc.

?>

Feel free to choose another hash, or hash other values along with their ID, for it to better suit your environment.
up
2
Hayley Watson
1 year ago
This function is slightly older than spl_object_id. Its output is more complex but doesn't actually provide any more information than the newer function. It used to be a lot more complex (without being any more informative) but now it's merely the object's ID number written in hex with a lot of padding to maintain the old format. spl_object_id just gives the ID number as a plain integer.

You're probably better off using spl_object_id, and thinking about migrating if you're already using spl_object_hash; there is a chance this function will be deprecated and subsequently removed in the future.
up
-1
jasonlester at nope dot com
1 year ago
obj->handle is an unsigned long that starts a 0 and is incremented by 1 every time an object is created, it is not a true pointer such as if created by mallaoc() or similar.

/* {{{ Returns the integer object handle for the given object */
PHP_FUNCTION(spl_object_id)
{
zend_object *obj;

ZEND_PARSE_PARAMETERS_START(1, 1)
Z_PARAM_OBJ(obj)
ZEND_PARSE_PARAMETERS_END();

RETURN_LONG((zend_long)obj->handle);
}
/* }}} */

PHPAPI zend_string *php_spl_object_hash(zend_object *obj) /* {{{*/
{
return strpprintf(32, "%016zx0000000000000000", (intptr_t)obj->handle);
}
/* }}} */
up
-2
Hayley Watson
7 years ago
The "hash" mentioned in this function is used in the sense of the storage structure known as a "hash table", not in the sense of "message digest".
up
-5
Ulrich Eckhardt
7 years ago
Calling this a hash is very misleading:

1. This function gives an object identifier (ID), which uniquely identifies the object for its whole lifetime. This is similar to the address of an object in C or the id() function in Python. I'm sure other languages have similar constructs.
2. This is not a hash and has nothing to do with it. A hash takes data and algorithmically reduces that data to some kind of scalar value. The only guarantee is that two equal inputs provide the same output, but not that two different inputs provide different outputs (hint: hash collisions). spl_object_hash() guarantees different outputs for non-identical objects though.
3. As someone mentioned already, this does not look at the content of the object. If you consider the difference between equality and identity, it only allows determining identity. If you serialize and unserialize an object, it will not be identical to its former self, but it will be equal, just to give an example. If you want a key to use in a response cache, using this function on the request is not only useless, because equal requests have different IDs, but possibly even harmful, because when a request object is garbage collected, its ID can be reused.
To Top