To make WooCommerce order numbers more secure, you can generate a UUID-style order number or add a suffix that includes the date and time to prevent guessable order numbers. Here’s how to modify your existing code to incorporate both approaches:
Option 1: Generate a UUID-Style Order Number
This approach replaces the order ID with a unique UUID-style string that still includes the order ID for reference.
add_filter( 'woocommerce_order_number', 'generate_uuid_order_number' );
function generate_uuid_order_number( $order_id ) {
$prefix = 'Ticket-';
$uuid = wp_generate_uuid4(); // Generates a unique UUID
$new_order_id = $prefix . $uuid . '-' . $order_id; // Append the original order ID as a reference
return $new_order_id;
}Explanation
wp_generate_uuid4(): Generates a UUID v4 string for uniqueness.- Resulting order number: The order number will look like
Ticket-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-1234, where1234is the original order ID.
Option 2: Add Date and Time to the Suffix
To keep the order ID recognizable and add date and time for uniqueness, you can modify the suffix with the current date and time.
add_filter( 'woocommerce_order_number', 'change_woocommerce_order_number_with_timestamp' );
function change_woocommerce_order_number_with_timestamp( $order_id ) {
$prefix = 'Ticket/';
$suffix = '/' . date('Ymd-His'); // Adds current date and time in Ymd-His format
$new_order_id = $prefix . $order_id . $suffix;
return $new_order_id;
}Explanation
date('Ymd-His'): Appends the current date and time (Ymd-Hisformat), making it unique each time.- Resulting order number: The order number will look like
Ticket/1234/20231029-143500, with1234as the original order ID and the date-time as the suffix.
Both options enhance order security by making the order numbers more complex and harder to guess. Option 1 generates a UUID, while Option 2 incorporates the order date and time in a user-friendly format.