Deck of random cards

Question

Deck of random cards

Asked 7 years, 2 months ago

Viewed 872 times

0

I am creating a site for people to play cards with php. I would like to know how to create a deck of 50 cards for each person. In the database I have a table with 300 different cards and of these 300 cards I want the user to register generates 50 random cards of the 300 that I have in the table for his deck. I imagine it has to do with array and Random.

2 answers

2

You can use Mysql RAND() (I’m using PHP’s PDO class to access the bd):

    $pdo = new PDO($dsn, $dbuser, $dbpass);

    $sql = "SELECT * FROM sua_tabela ORDER BY RAND() LIMIT 50";
    $sql = $pdo->query($sql);

The $sql variable is an array with 50 database values.

Recalling that the RAND() is not CSPRNG, cryptographically-secure, according to the documentation itself "RAND() is not Meant to be a Perfect Random Generator". I think for the purpose of letters it should not be used in any hypothesis. There are already several cases about this, in the same context of letters, That’s what I just found.

– Inkeliz

2017/08/25 at 23:58
Do you have any safe suggestions, inkeliz?

– Luizinho

2017/08/26 at 00:13
For the application in question Rand() applies.

– Motta

2017/08/26 at 16:57
Personal beauty, vlw by tips!

– Luizinho

2017/08/26 at 17:39

Browser other questions tagged php javascript mysql

You are not signed in. Login or sign up in order to post.

by Inkeliz • **20,671** points · Answer 1 · 2017-08-26T01:00:43+00:00

For general use the @Leandro response can be used. However for being a card game, although predictability is not something so easy... it is still possible, so my comment.

Even by law in some cases, it is necessary to use a truly random generator, a dedicated hardware, or at least a CSPRNG. On poker websites that are regulated undergo testing, for example Gaming Labs, they have their own tests and specific to test the generator. But, these issues are more bureaucratic, off the subject of Stackoverflow, I just mention here because I don’t believe it’s something "irrelevant".

Requires PHP 7+

The RAND() Mysql is not a CSPRNG, they themselves do not guarantee it. PHP has its own function which is the random_int and the random_bytes who claims to be a CSPRNG, he uses the /dev/urandom.

He must be more reliable than the RAND() Mysql, for this you can use:

function gerar(int $quantidade, int $minimo, int $maximo) : array
{
    $arr = [];

    for ($i = 0; $i < $quantidade; $i++) {
        $arr[] = random_int($minimo, $maximo);
    }

    return $arr;
}

This will generate X numbers using the random_int, so you can take the data as follows:

$numerosGerados = gerar(50, 0, 299);

$stmt = mysqli_prepare($mysqli, 'SELECT coluna FROM tabela WHERE id IN ('.substr(str_repeat('?,', count($numerosGerados)),0,-1).')');

mysqli_stmt_bind_param($stmt, str_repeat('i', count($numerosGerados)), ...$numerosGerados);
mysqli_stmt_execute($stmt);

$resultado = mysqli_stmt_get_result($stmt);

while($linha = mysqli_fetch_assoc($resultado)){
    echo $linha['coluna'];
}

This starts from some premises:

The table is in order and has a 0 until 299.
There may be repeated letters.

The ideal is that you store the generated cards in a new table associated with the player, so you can check if the player really has the card he says he has played, for example.