PHP 8.4.2 Released!

str_shuffle

(PHP 4 >= 4.3.0, PHP 5, PHP 7, PHP 8)

str_shuffleRandomly shuffles a string

Description

str_shuffle(string $string): string

str_shuffle() shuffles a string. One permutation of all possible is created.

Caution

This function does not generate cryptographically secure values, and must not be used for cryptographic purposes, or purposes that require returned values to be unguessable.

If cryptographically secure randomness is required, the Random\Randomizer may be used with the Random\Engine\Secure engine. For simple use cases, the random_int() and random_bytes() functions provide a convenient and secure API that is backed by the operating system’s CSPRNG.

Parameters

string

The input string.

Return Values

Returns the shuffled string.

Changelog

Version Description
7.1.0 The internal randomization algorithm has been changed to use the » Mersenne Twister Random Number Generator instead of the libc rand function.

Examples

Example #1 str_shuffle() example

<?php
$str
= 'abcdef';
$shuffled = str_shuffle($str);

// This will echo something like: bfdaec
echo $shuffled;
?>

See Also

add a note

User Contributed Notes 13 notes

up
120
jojersztajner at OXYGEN dot POLAND
17 years ago
Aoccdrnig to rseearch at an Elingsh uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is that the frist and lsat ltteer is at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae we do not raed ervey lteter by it slef but the wrod as a wlohe.

Hree's a cdoe taht slerbmcas txet in tihs way:
<?php
function scramble_word($word) {
if (
strlen($word) < 2)
return
$word;
else
return
$word{0} . str_shuffle(substr($word, 1, -1)) . $word{strlen($word) - 1};
}

echo
preg_replace('/(\w+)/e', 'scramble_word("\1")', 'A quick brown fox jumped over the lazy dog.');
?>

It may be ufseul if you wnat to cetare an aessblicce CTCPAHA.
up
12
ronald
9 years ago
This page is missing a very important notice:

Caution

This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using random_int(), random_bytes(), or openssl_random_pseudo_bytes() instead.
up
22
blamoo2 at hotmail dot com
9 years ago
This function is affected by srand():

<?php
srand
(12345);
echo
str_shuffle('Randomize me') . '<br/>'; // "demmiezr aon"
echo str_shuffle('Randomize me') . '<br/>'; // "izadmeo rmen"

srand(12345);
echo
str_shuffle('Randomize me') . '<br/>'; // "demmiezr aon" again
?>
up
3
ccb2357 at gmail dot com
1 year ago
<?php
function str_rand(int $length = 20) : string {
$ascii_codes = range(48, 57) + range(97, 122);
$codes_lenght = (count($ascii_codes)-1);
shuffle($ascii_codes);
$string = '';
for(
$i = 1; $i <= $length; $i++){
$previous_char = $char ?? '';
$char = chr($ascii_codes[random_int(0, $codes_lenght)]);
while(
$char == $previous_char){
$char = chr($ascii_codes[random_int(0, $codes_lenght)]);
}
$string .= $char;
}
return
str_shuffle($string);
}
?>
up
26
qeremy [atta] gmail [dotta] com
12 years ago
A proper unicode string shuffle;

<?php
function str_shuffle_unicode($str) {
$tmp = preg_split("//u", $str, -1, PREG_SPLIT_NO_EMPTY);
shuffle($tmp);
return
join("", $tmp);
}
?>

$str = "Şeker yârim"; // My sweet love

echo str_shuffle($str); // i�eymrŢekr �

echo str_shuffle_unicode($str); // Şr mreyeikâ
up
4
Anonymous
5 years ago
As noted in this documentation str_shuffle is NOT cryptographically secure, however I have seen many code examples online of people using nothing more than this to generate say random passwords. So I though I'd share my function which while it makes use of str_shuffle also rely's on random_int() for added security. I use this function to generate salts to use when working with hashes but it can also be used to generate default passwords for new users for example.

It starts with a universe of possible characters, in this case all letters (upper and lower case), 0-9, and several special characters.

It then will run str_shuffle on the universe of characters a random number of times, using random_int() (currently set to 1-10)

Then once the universe of possible characters has been shuffled it using random_int() once more to select the character as a random position within the shuffled string, as does that once for each character you want in the output.

function secret_gen( $len=64 ) {
$secret = "";
$charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()_-+=`~,<>.[]: |';
for ( $x = 1l $x <= random_int( 1, 10 ), $x++ ){
$charset = str_shuffle( $charset );
}
for ( $s = 1; $s <= $len; $s++ ) {
$secret .= substr( $charset, random_int( 0, 86 ), 1 );
}
return $secret;
}
up
4
wmtrader at yandex dot ru
4 years ago
Unshuffle, using:
<?php
$string
= "Hello World!";

$seed = 1234567890;
mt_srand($seed);

echo
$sh = str_shuffle($string); //print 'eloWHl rodl!'
echo str_unshuffle($sh, $seed); //print 'Hello World!'
?>

<?php
function str_unshuffle($str, $seed){
$unique = implode(array_map('chr',range(0,254)));
$none = chr(255);
$slen = strlen($str);
$c = intval(ceil($slen/255));
$r = '';
for(
$i=0; $i<$c; $i++){
$aaa = str_repeat($none, $i*255);
$bbb = (($i+1)<$c) ? $unique : substr($unique, 0, $slen%255);
$ccc = (($i+1)<$c) ? str_repeat($none, strlen($str)-($i+1)*255) : "";
$tmp = $aaa.$bbb.$ccc;
mt_srand($seed);
$sh = str_shuffle($tmp);
for(
$j=0; $j<strlen($bbb); $j++){
$r .= $str{strpos($sh, $unique{$j})};
}
}
return
$r;
}
up
6
Anonymous
10 years ago
str_shuffle isn't recommendable for passwords. Each character exists only one time).

A function like the following one is better for this.

<?php
function generatePassword($length = 8) {
$possibleChars = "abcdefghijklmnopqrstuvwxyz";
$password = '';

for(
$i = 0; $i < $length; $i++) {
$rand = rand(0, strlen($possibleChars) - 1);
$password .= substr($possibleChars, $rand, 1);
}

return
$password;
}
?>
up
6
CygnusX1
17 years ago
To cobine functionality and simplicity of the two functions below we can have:

<?php
function generatePasswd($numAlpha=6,$numNonAlpha=2)
{
$listAlpha = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$listNonAlpha = ',;:!?.$/*-+&@_+;./*&?$-!,';
return
str_shuffle(
substr(str_shuffle($listAlpha),0,$numAlpha) .
substr(str_shuffle($listNonAlpha),0,$numNonAlpha)
);
}
?>
up
1
Anonymous
14 years ago
Shuffle for all encoding formats

<?php

function unicode_shuffle($string, $chars, $format = 'UTF-8')
{
for(
$i=0; $i<$chars; $i++)
$rands[$i] = rand(0, mb_strlen($string, $format));

$s = NULL;

foreach(
$rands as $r)
$s.= mb_substr($string, $r, 1, $format);

return
$s;
}

?>
up
0
kundanborakb at gmail dot com
4 years ago
<?php

//get random string with your desire length

function getRandom($length){

$str = 'abcdefghijklmnopqrstuvwzyz';
$str1= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$str2= '0123456789';
$shuffled = str_shuffle($str);
$shuffled1 = str_shuffle($str1);
$shuffled2 = str_shuffle($str2);
$total = $shuffled.$shuffled1.$shuffled2;
$shuffled3 = str_shuffle($total);
$result= substr($shuffled3, 0, $length);

return
$result;

}

echo
getRandom(8);

//output -->
//GATv3JPX
//g7AzhDtR
//DTboKtiL
//CuWZR4cs
//tmTXbzBC

?>
up
0
krzysiekpiasecki at gmail dot com
9 years ago
/**
* Test shuffleString
*/
function testShuffleString() {
$shuffled = shuffleString("ĄęźćÓ");
if (\mb_strlen($shuffled) != 5) {
throw new \UnexpectedValueException("Invalid count of characters");
}
if ($shuffled == "ĄęźćÓ") {
throw new \UnexpectedValueException("The same string");
}
foreach (["Ą", "ę", "ź", "ć", "Ó"] as $char) {
if (\mb_strpos($shuffled, $char) === false) {
throw new \UnexpectedValueException("Character not found");
}
}
}

/**
* Shuffle string
*
* @param $stringValue String to shuffle
* @param string $startWith Shuffle $stringValue and append to $startWith
* @return string Shuffled string
* @author Krzysztof Piasecki<krzysiekpiasecki@gmail.com>
*/
function shuffleString($stringValue, $startWith = "") {
$range = \range(0, \mb_strlen($stringValue));
shuffle($range);
foreach($range as $index) {
$startWith .= \mb_substr($stringValue, $index, 1);
}
return $startWith;
};

testShuffleString();

echo shuffleString("Hello"); // > 'elHol' (something like this)
echo shuffleString("World!", "Hello "); // > 'Hello do!lrW' (something like this)
up
-1
dzafel at op dot pl
17 years ago
Very, very simple random password generator, without using rand() function:

<?php
function random_password($chars = 8) {
$letters = 'abcefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
return
substr(str_shuffle($letters), 0, $chars);
}
?>
To Top